You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2020/01/08 13:39:37 UTC
[camel] branch camel-2.x updated: CAMEL-14375: camel-kafka - The
saslJaasConfig option may contain sensitive information that can be logged
This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch camel-2.x
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/camel-2.x by this push:
new f60e4a7 CAMEL-14375: camel-kafka - The saslJaasConfig option may contain sensitive information that can be logged
f60e4a7 is described below
commit f60e4a73935bea211eec38823698d73bd1d0bd62
Author: Claus Ibsen <cl...@gmail.com>
AuthorDate: Wed Jan 8 14:39:20 2020 +0100
CAMEL-14375: camel-kafka - The saslJaasConfig option may contain sensitive information that can be logged
---
camel-core/src/main/java/org/apache/camel/util/URISupport.java | 2 +-
camel-core/src/test/java/org/apache/camel/util/URISupportTest.java | 6 ++++++
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/camel-core/src/main/java/org/apache/camel/util/URISupport.java b/camel-core/src/main/java/org/apache/camel/util/URISupport.java
index 8e7c9ad..14c1b25 100644
--- a/camel-core/src/main/java/org/apache/camel/util/URISupport.java
+++ b/camel-core/src/main/java/org/apache/camel/util/URISupport.java
@@ -42,7 +42,7 @@ public final class URISupport {
// "passphrase" or "password" or secret key (case-insensitive).
// First capture group is the key, second is the value.
private static final Pattern SECRETS = Pattern.compile(
- "([?&][^=]*(?:passphrase|password|secretKey|accessToken|clientSecret)[^=]*)=(RAW[({].*[)}]|[^&]*)",
+ "([?&][^=]*(?:passphrase|password|secretKey|accessToken|clientSecret|saslJaasConfig)[^=]*)=(RAW[({].*[)}]|[^&]*)",
Pattern.CASE_INSENSITIVE);
// Match the user password in the URI as second capture group
diff --git a/camel-core/src/test/java/org/apache/camel/util/URISupportTest.java b/camel-core/src/test/java/org/apache/camel/util/URISupportTest.java
index 1fc86f3..2a950d4 100644
--- a/camel-core/src/test/java/org/apache/camel/util/URISupportTest.java
+++ b/camel-core/src/test/java/org/apache/camel/util/URISupportTest.java
@@ -298,6 +298,12 @@ public class URISupportTest {
}
@Test
+ public void testSanitizeSaslJaasConfig() throws Exception {
+ String out1 = URISupport.sanitizeUri("kafka://MY-TOPIC-NAME?saslJaasConfig=org.apache.kafka.common.security.plain.PlainLoginModule required username=scott password=tiger");
+ assertEquals("kafka://MY-TOPIC-NAME?saslJaasConfig=xxxxxx", out1);
+ }
+
+ @Test
public void testNormalizeEndpointUriWithUserInfoSpecialSign() throws Exception {
String out1 = URISupport.normalizeUri("ftp://us%40r:t%st@localhost:21000/tmp3/camel?foo=us@r");
assertEquals("ftp://us%40r:t%25st@localhost:21000/tmp3/camel?foo=us%40r", out1);