You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@linkis.apache.org by pe...@apache.org on 2023/06/22 14:36:52 UTC
[linkis] branch master updated: Resolve the problem that a regular cannot match a domain name (#4694)
This is an automated email from the ASF dual-hosted git repository.
peacewong pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/linkis.git
The following commit(s) were added to refs/heads/master by this push:
new 29925cffd Resolve the problem that a regular cannot match a domain name (#4694)
29925cffd is described below
commit 29925cffd3c1fe4ef6a009652e670b5a3d0dd2ed
Author: aiceflower <ki...@sina.com>
AuthorDate: Thu Jun 22 22:36:46 2023 +0800
Resolve the problem that a regular cannot match a domain name (#4694)
---
.../apache/linkis/common/utils/SecurityUtils.java | 23 +++++++++++++++++++---
.../linkis/common/utils/SecurityUtilsTest.java | 19 +++++++++++-------
2 files changed, 32 insertions(+), 10 deletions(-)
diff --git a/linkis-commons/linkis-common/src/main/java/org/apache/linkis/common/utils/SecurityUtils.java b/linkis-commons/linkis-common/src/main/java/org/apache/linkis/common/utils/SecurityUtils.java
index bd5f08802..0278b3337 100644
--- a/linkis-commons/linkis-common/src/main/java/org/apache/linkis/common/utils/SecurityUtils.java
+++ b/linkis-commons/linkis-common/src/main/java/org/apache/linkis/common/utils/SecurityUtils.java
@@ -66,11 +66,16 @@ public abstract class SecurityUtils {
private static final CommonVars<String> MYSQL_STRONG_SECURITY_ENABLE =
CommonVars$.MODULE$.apply("linkis.mysql.strong.security.enable", "false");
+ private static final CommonVars<String> MYSQL_SECURITY_CHECK_ENABLE =
+ CommonVars$.MODULE$.apply("linkis.mysql.security.check.enable", "true");
+
private static final CommonVars<String> MYSQL_CONNECT_URL =
CommonVars.apply("linkis.security.mysql.url.template", "jdbc:mysql://%s:%s/%s");
- private static final String JDBC_MATCH_REGEX =
- "(?i)jdbc:(?i)(mysql)://([a-zA-Z0-9]+\\.)*[a-zA-Z0-9]+(:[0-9]+)?(/[a-zA-Z0-9_-]*[\\.\\-]?)?";
+ private static final CommonVars<String> JDBC_MATCH_REGEX =
+ CommonVars$.MODULE$.apply(
+ "linkis.mysql.jdbc.match.regex",
+ "(?i)jdbc:(?i)(mysql)://([^:]+)(:[0-9]+)?(/[a-zA-Z0-9_-]*[\\.\\-]?)?");
private static final String JDBC_MYSQL_PROTOCOL = "jdbc:mysql";
@@ -91,6 +96,12 @@ public abstract class SecurityUtils {
String password,
String database,
Map<String, Object> extraParams) {
+
+ // check switch
+ if (!Boolean.valueOf(MYSQL_SECURITY_CHECK_ENABLE.getValue())) {
+ return;
+ }
+
// 1. Check blank params
if (StringUtils.isAnyBlank(host, username)) {
logger.error(
@@ -111,6 +122,12 @@ public abstract class SecurityUtils {
/** @param url */
public static void checkJdbcConnUrl(String url) {
+
+ // check switch
+ if (!Boolean.valueOf(MYSQL_SECURITY_CHECK_ENABLE.getValue())) {
+ return;
+ }
+
logger.info("jdbc url: {}", url);
if (StringUtils.isBlank(url)) {
throw new LinkisSecurityException(35000, "Invalid jdbc connection url.");
@@ -217,7 +234,7 @@ public abstract class SecurityUtils {
if (url != null && !url.toLowerCase().startsWith(JDBC_MYSQL_PROTOCOL)) {
return;
}
- Pattern regex = Pattern.compile(JDBC_MATCH_REGEX);
+ Pattern regex = Pattern.compile(JDBC_MATCH_REGEX.getValue());
Matcher matcher = regex.matcher(url);
if (!matcher.matches()) {
logger.info("Invalid mysql connection url: {}", url);
diff --git a/linkis-commons/linkis-common/src/test/java/org/apache/linkis/common/utils/SecurityUtilsTest.java b/linkis-commons/linkis-common/src/test/java/org/apache/linkis/common/utils/SecurityUtilsTest.java
index d17f3d08f..d1f2d5d12 100644
--- a/linkis-commons/linkis-common/src/test/java/org/apache/linkis/common/utils/SecurityUtilsTest.java
+++ b/linkis-commons/linkis-common/src/test/java/org/apache/linkis/common/utils/SecurityUtilsTest.java
@@ -81,6 +81,18 @@ public class SecurityUtilsTest {
() -> {
SecurityUtils.checkUrl(url5);
});
+ // true
+ String url6 = "JDBC:H2://test-example.com:10000/db_name";
+ Assertions.assertDoesNotThrow(
+ () -> {
+ SecurityUtils.checkUrl(url6);
+ });
+ // true
+ String url7 = "JDBC:H2://example.测试:10000/db_name";
+ Assertions.assertDoesNotThrow(
+ () -> {
+ SecurityUtils.checkUrl(url7);
+ });
}
@Test
@@ -142,13 +154,6 @@ public class SecurityUtilsTest {
SecurityUtils.checkJdbcConnParams(host4, port, username, password, database, extraParams);
});
- String host5 = "localhost/test";
- Assertions.assertThrows(
- LinkisSecurityException.class,
- () -> {
- SecurityUtils.checkJdbcConnParams(host5, port, username, password, database, extraParams);
- });
-
// error port
Assertions.assertThrows(
LinkisSecurityException.class,
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@linkis.apache.org
For additional commands, e-mail: commits-help@linkis.apache.org