You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@linkis.apache.org by pe...@apache.org on 2023/06/22 14:36:52 UTC

[linkis] branch master updated: Resolve the problem that a regular cannot match a domain name (#4694)

This is an automated email from the ASF dual-hosted git repository.

peacewong pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/linkis.git


The following commit(s) were added to refs/heads/master by this push:
     new 29925cffd Resolve the problem that a regular cannot match a domain name (#4694)
29925cffd is described below

commit 29925cffd3c1fe4ef6a009652e670b5a3d0dd2ed
Author: aiceflower <ki...@sina.com>
AuthorDate: Thu Jun 22 22:36:46 2023 +0800

    Resolve the problem that a regular cannot match a domain name (#4694)
---
 .../apache/linkis/common/utils/SecurityUtils.java  | 23 +++++++++++++++++++---
 .../linkis/common/utils/SecurityUtilsTest.java     | 19 +++++++++++-------
 2 files changed, 32 insertions(+), 10 deletions(-)

diff --git a/linkis-commons/linkis-common/src/main/java/org/apache/linkis/common/utils/SecurityUtils.java b/linkis-commons/linkis-common/src/main/java/org/apache/linkis/common/utils/SecurityUtils.java
index bd5f08802..0278b3337 100644
--- a/linkis-commons/linkis-common/src/main/java/org/apache/linkis/common/utils/SecurityUtils.java
+++ b/linkis-commons/linkis-common/src/main/java/org/apache/linkis/common/utils/SecurityUtils.java
@@ -66,11 +66,16 @@ public abstract class SecurityUtils {
   private static final CommonVars<String> MYSQL_STRONG_SECURITY_ENABLE =
       CommonVars$.MODULE$.apply("linkis.mysql.strong.security.enable", "false");
 
+  private static final CommonVars<String> MYSQL_SECURITY_CHECK_ENABLE =
+      CommonVars$.MODULE$.apply("linkis.mysql.security.check.enable", "true");
+
   private static final CommonVars<String> MYSQL_CONNECT_URL =
       CommonVars.apply("linkis.security.mysql.url.template", "jdbc:mysql://%s:%s/%s");
 
-  private static final String JDBC_MATCH_REGEX =
-      "(?i)jdbc:(?i)(mysql)://([a-zA-Z0-9]+\\.)*[a-zA-Z0-9]+(:[0-9]+)?(/[a-zA-Z0-9_-]*[\\.\\-]?)?";
+  private static final CommonVars<String> JDBC_MATCH_REGEX =
+      CommonVars$.MODULE$.apply(
+          "linkis.mysql.jdbc.match.regex",
+          "(?i)jdbc:(?i)(mysql)://([^:]+)(:[0-9]+)?(/[a-zA-Z0-9_-]*[\\.\\-]?)?");
 
   private static final String JDBC_MYSQL_PROTOCOL = "jdbc:mysql";
 
@@ -91,6 +96,12 @@ public abstract class SecurityUtils {
       String password,
       String database,
       Map<String, Object> extraParams) {
+
+    // check switch
+    if (!Boolean.valueOf(MYSQL_SECURITY_CHECK_ENABLE.getValue())) {
+      return;
+    }
+
     // 1. Check blank params
     if (StringUtils.isAnyBlank(host, username)) {
       logger.error(
@@ -111,6 +122,12 @@ public abstract class SecurityUtils {
 
   /** @param url */
   public static void checkJdbcConnUrl(String url) {
+
+    // check switch
+    if (!Boolean.valueOf(MYSQL_SECURITY_CHECK_ENABLE.getValue())) {
+      return;
+    }
+
     logger.info("jdbc url: {}", url);
     if (StringUtils.isBlank(url)) {
       throw new LinkisSecurityException(35000, "Invalid jdbc connection url.");
@@ -217,7 +234,7 @@ public abstract class SecurityUtils {
     if (url != null && !url.toLowerCase().startsWith(JDBC_MYSQL_PROTOCOL)) {
       return;
     }
-    Pattern regex = Pattern.compile(JDBC_MATCH_REGEX);
+    Pattern regex = Pattern.compile(JDBC_MATCH_REGEX.getValue());
     Matcher matcher = regex.matcher(url);
     if (!matcher.matches()) {
       logger.info("Invalid mysql connection url: {}", url);
diff --git a/linkis-commons/linkis-common/src/test/java/org/apache/linkis/common/utils/SecurityUtilsTest.java b/linkis-commons/linkis-common/src/test/java/org/apache/linkis/common/utils/SecurityUtilsTest.java
index d17f3d08f..d1f2d5d12 100644
--- a/linkis-commons/linkis-common/src/test/java/org/apache/linkis/common/utils/SecurityUtilsTest.java
+++ b/linkis-commons/linkis-common/src/test/java/org/apache/linkis/common/utils/SecurityUtilsTest.java
@@ -81,6 +81,18 @@ public class SecurityUtilsTest {
         () -> {
           SecurityUtils.checkUrl(url5);
         });
+    // true
+    String url6 = "JDBC:H2://test-example.com:10000/db_name";
+    Assertions.assertDoesNotThrow(
+        () -> {
+          SecurityUtils.checkUrl(url6);
+        });
+    // true
+    String url7 = "JDBC:H2://example.测试:10000/db_name";
+    Assertions.assertDoesNotThrow(
+        () -> {
+          SecurityUtils.checkUrl(url7);
+        });
   }
 
   @Test
@@ -142,13 +154,6 @@ public class SecurityUtilsTest {
           SecurityUtils.checkJdbcConnParams(host4, port, username, password, database, extraParams);
         });
 
-    String host5 = "localhost/test";
-    Assertions.assertThrows(
-        LinkisSecurityException.class,
-        () -> {
-          SecurityUtils.checkJdbcConnParams(host5, port, username, password, database, extraParams);
-        });
-
     // error port
     Assertions.assertThrows(
         LinkisSecurityException.class,


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@linkis.apache.org
For additional commands, e-mail: commits-help@linkis.apache.org