You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by ad...@apache.org on 2022/04/01 10:58:28 UTC
[nifi-minifi-cpp] 02/05: MINIFICPP-1783 Encrypted values in agent manifest should remain in encrypted form
This is an automated email from the ASF dual-hosted git repository.
adebreceni pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi-minifi-cpp.git
commit aa654309676a3a063706c70b3b5d369d90ab31db
Author: Gabor Gyimesi <ga...@gmail.com>
AuthorDate: Fri Apr 1 12:53:10 2022 +0200
MINIFICPP-1783 Encrypted values in agent manifest should remain in encrypted form
Signed-off-by: Adam Debreceni <ad...@apache.org>
This closes #1289
---
extensions/http-curl/tests/C2DescribeManifestTest.cpp | 10 ++++++++++
extensions/http-curl/tests/HTTPHandlers.h | 2 +-
libminifi/src/FlowController.cpp | 2 +-
libminifi/src/c2/C2Client.cpp | 2 +-
libminifi/test/integration/IntegrationBase.h | 4 ++++
5 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/extensions/http-curl/tests/C2DescribeManifestTest.cpp b/extensions/http-curl/tests/C2DescribeManifestTest.cpp
index 5c46f5c..a6a9a38 100644
--- a/extensions/http-curl/tests/C2DescribeManifestTest.cpp
+++ b/extensions/http-curl/tests/C2DescribeManifestTest.cpp
@@ -22,6 +22,7 @@
#include "Catch.h"
#include "HTTPIntegrationBase.h"
#include "HTTPHandlers.h"
+#include "properties/Configuration.h"
class DescribeManifestHandler: public HeartbeatHandler {
public:
@@ -41,8 +42,17 @@ class DescribeManifestHandler: public HeartbeatHandler {
int main(int argc, char **argv) {
const cmd_args args = parse_cmdline_args(argc, argv, "heartbeat");
VerifyC2Describe harness;
+ utils::crypto::Bytes encryption_key = utils::StringUtils::from_hex("4024b327fdc987ce3eb43dd1f690b9987e4072e0020e3edf4349ce1ad91a4e38");
+ minifi::Decryptor decryptor{utils::crypto::EncryptionProvider{encryption_key}};
+ std::string encrypted_value = "l3WY1V27knTiPa6jVX0jrq4qjmKsySOu||ErntqZpHP1M+6OkA14p5sdnqJhuNHWHDVUU5EyMloTtSytKk9a5xNKo=";
+
+ harness.setConfiguration(std::make_shared<minifi::Configure>(decryptor));
harness.setKeyDir(args.key_dir);
DescribeManifestHandler responder(harness.getConfiguration());
+
+ harness.getConfiguration()->set(minifi::Configuration::nifi_rest_api_password, encrypted_value);
+ harness.getConfiguration()->set(std::string(minifi::Configuration::nifi_rest_api_password) + ".protected", utils::crypto::EncryptionType::name());
+
harness.setUrl(args.url, &responder);
harness.run(args.test_file);
}
diff --git a/extensions/http-curl/tests/HTTPHandlers.h b/extensions/http-curl/tests/HTTPHandlers.h
index a0acc6b..c136ab1 100644
--- a/extensions/http-curl/tests/HTTPHandlers.h
+++ b/extensions/http-curl/tests/HTTPHandlers.h
@@ -556,7 +556,7 @@ class HeartbeatHandler : public ServerAwareHandler {
std::unordered_map<std::string, std::string> config_property;
if (ranges::find(disallowed_properties, property.name) == ranges::end(disallowed_properties)) {
config_property.emplace("propertyName", property.name);
- if (auto value = configuration_->get(std::string(property.name))) {
+ if (auto value = configuration_->getString(std::string(property.name))) {
config_property.emplace("propertyValue", *value);
}
config_property.emplace("validator", property.validator->getName());
diff --git a/libminifi/src/FlowController.cpp b/libminifi/src/FlowController.cpp
index f518572..b6fe4cc 100644
--- a/libminifi/src/FlowController.cpp
+++ b/libminifi/src/FlowController.cpp
@@ -431,7 +431,7 @@ std::shared_ptr<state::response::ResponseNode> FlowController::getAgentManifest(
agentInfo->setUpdatePolicyController(std::static_pointer_cast<controllers::UpdatePolicyControllerService>(getControllerService(c2::C2Agent::UPDATE_NAME)).get());
agentInfo->setAgentIdentificationProvider(configuration_);
agentInfo->setConfigurationReader([this](const std::string& key){
- return configuration_->get(key);
+ return configuration_->getString(key);
});
agentInfo->includeAgentStatus(false);
return agentInfo;
diff --git a/libminifi/src/c2/C2Client.cpp b/libminifi/src/c2/C2Client.cpp
index 3a195ef..f6f067e 100644
--- a/libminifi/src/c2/C2Client.cpp
+++ b/libminifi/src/c2/C2Client.cpp
@@ -111,7 +111,7 @@ void C2Client::initialize(core::controller::ControllerServiceProvider *controlle
}
if (agent_node != nullptr) {
agent_node->setConfigurationReader([this](const std::string& key){
- return configuration_->get(key);
+ return configuration_->getString(key);
});
}
auto configuration_checksums = dynamic_cast<state::response::ConfigurationChecksums*>(response_node.get());
diff --git a/libminifi/test/integration/IntegrationBase.h b/libminifi/test/integration/IntegrationBase.h
index db64e13..d247bd4 100644
--- a/libminifi/test/integration/IntegrationBase.h
+++ b/libminifi/test/integration/IntegrationBase.h
@@ -61,6 +61,10 @@ class IntegrationBase {
return configuration;
}
+ void setConfiguration(std::shared_ptr<minifi::Configure> configuration) {
+ this->configuration = std::move(configuration);
+ }
+
virtual void cleanup() {
if (!state_dir.empty()) {
utils::file::delete_dir(state_dir);