From 7ebcdc9ac7794aa906d8787d11463a3a23d59726 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Anne?= Date: Tue, 29 Oct 2024 16:16:10 +0100 Subject: [PATCH] Hide sensitive data in telemetry in install/update process --- ajax/telemetry.php | 6 +++++- src/Telemetry.php | 36 ++++++++++++++++++------------------ 2 files changed, 23 insertions(+), 19 deletions(-) diff --git a/ajax/telemetry.php b/ajax/telemetry.php index bc3f4b2906b..acb961bbb1a 100644 --- a/ajax/telemetry.php +++ b/ajax/telemetry.php @@ -43,12 +43,16 @@ if (!($_SESSION['telemetry_from_install'] ?? false)) { Session::checkRight("config", READ); + $hide_sensitive_data = false; +} else { + $hide_sensitive_data = true; } echo Html::css("public/lib/prismjs.css"); echo Html::script("public/lib/prismjs.js"); -$infos = Telemetry::getTelemetryInfos(); +$infos = Telemetry::getTelemetryInfos($hide_sensitive_data); + echo "

" . __("We only collect the following data: plugins usage, performance and responsiveness statistics about user interface features, memory, and hardware configuration.") . "

"; echo "
";
 echo json_encode($infos, JSON_PRETTY_PRINT);
diff --git a/src/Telemetry.php b/src/Telemetry.php
index d07b60976bc..cde67e6b252 100644
--- a/src/Telemetry.php
+++ b/src/Telemetry.php
@@ -45,15 +45,15 @@ public static function getTypeName($nb = 0)
      *
      * @return array
      */
-    public static function getTelemetryInfos()
+    public static function getTelemetryInfos(bool $hide_sensitive_data = false)
     {
         $data = [
-            'glpi'   => self::grabGlpiInfos(),
+            'glpi'   => self::grabGlpiInfos($hide_sensitive_data),
             'system' => [
-                'db'           => self::grabDbInfos(),
-                'web_server'   => self::grabWebserverInfos(),
-                'php'          => self::grabPhpInfos(),
-                'os'           => self::grabOsInfos()
+                'db'           => self::grabDbInfos($hide_sensitive_data),
+                'web_server'   => self::grabWebserverInfos($hide_sensitive_data),
+                'php'          => self::grabPhpInfos($hide_sensitive_data),
+                'os'           => self::grabOsInfos($hide_sensitive_data)
             ]
         ];
 
@@ -65,14 +65,14 @@ public static function getTelemetryInfos()
      *
      * @return array
      */
-    public static function grabGlpiInfos()
+    public static function grabGlpiInfos(bool $hide_sensitive_data = false)
     {
         /** @var array $CFG_GLPI */
         global $CFG_GLPI;
 
         $glpi = [
-            'uuid'               => self::getInstanceUuid(),
-            'version'            => GLPI_VERSION,
+            'uuid'               => $hide_sensitive_data ? '********' : self::getInstanceUuid(),
+            'version'            => $hide_sensitive_data ? 'x.y.z' : GLPI_VERSION,
             'plugins'            => [],
             'default_language'   => $CFG_GLPI['language'],
             'install_mode'       => GLPI_INSTALL_MODE,
@@ -96,7 +96,7 @@ public static function grabGlpiInfos()
         foreach ($plugins->getList(['directory', 'version']) as $plugin) {
             $glpi['plugins'][] = [
                 'key'       => $plugin['directory'],
-                'version'   => $plugin['version']
+                'version'   => $hide_sensitive_data ? 'x.y.z' : $plugin['version']
             ];
         }
 
@@ -116,7 +116,7 @@ public static function grabGlpiInfos()
      *
      * @return array
      */
-    public static function grabDbInfos()
+    public static function grabDbInfos(bool $hide_sensitive_data = false)
     {
         /** @var \DBmysql $DB */
         global $DB;
@@ -131,7 +131,7 @@ public static function grabDbInfos()
 
         $db = [
             'engine'    => $dbinfos['Server Software'],
-            'version'   => $dbinfos['Server Version'],
+            'version'   => $hide_sensitive_data ? 'x.y.z' : $dbinfos['Server Version'],
             'size'      => $size_res['dbsize'],
             'log_size'  => '',
             'sql_mode'  => $dbinfos['Server SQL Mode']
@@ -147,7 +147,7 @@ public static function grabDbInfos()
      *
      * @return array
      */
-    public static function grabWebserverInfos()
+    public static function grabWebserverInfos(bool $hide_sensitive_data = false)
     {
         /** @var array $CFG_GLPI */
         global $CFG_GLPI;
@@ -186,7 +186,7 @@ public static function grabWebserverInfos()
             ;
             if (preg_match("/^Server: {$server_string_pattern}/im", $headers, $header_matches) === 1) {
                 $server['engine']  = $header_matches['engine'];
-                $server['version'] = $header_matches['version'] ?? null;
+                $server['version'] = $hide_sensitive_data ? 'x.y.z' : ($header_matches['version'] ?? null);
             }
         }
 
@@ -198,10 +198,10 @@ public static function grabWebserverInfos()
      *
      * @return array
      */
-    public static function grabPhpInfos()
+    public static function grabPhpInfos(bool $hide_sensitive_data = false)
     {
         $php = [
-            'version'   => str_replace(PHP_EXTRA_VERSION, '', PHP_VERSION),
+            'version'   => $hide_sensitive_data ? 'x.y.z' : str_replace(PHP_EXTRA_VERSION, '', PHP_VERSION),
             'modules'   => get_loaded_extensions(),
             'setup'     => [
                 'max_execution_time'    => ini_get('max_execution_time'),
@@ -221,7 +221,7 @@ public static function grabPhpInfos()
      *
      * @return array
      */
-    public static function grabOsInfos()
+    public static function grabOsInfos(bool $hide_sensitive_data = false)
     {
         $distro = false;
         if (file_exists('/etc/redhat-release')) {
@@ -230,7 +230,7 @@ public static function grabOsInfos()
         $os = [
             'family'       => php_uname('s'),
             'distribution' => ($distro ?: ''),
-            'version'      => php_uname('r')
+            'version'      => $hide_sensitive_data ? 'x.y.z' : php_uname('r'),
         ];
         return $os;
     }