From a4fcc0dcb3ad5d99832a37299b638a25766ccf8a Mon Sep 17 00:00:00 2001
From: Kjell Winblad <kjellwinblad@gmail.com>
Date: Tue, 30 May 2023 12:22:21 +0200
Subject: [PATCH 1/2] fix: password log leak in RabbitMQ bridge

This fixes a vulnerability in the RabbitMQ bridge, which could
potentially expose passwords to log files. This was accomplished by
initializing the encryption library specifically designed for RabbitMQ's
passwords. Consequently, passwords are no longer stored in unencrypted
format. As a result, they will no longer be visible as plain text in log
messages, thereby enhancing the system's security.

Fixes:
https://emqx.atlassian.net/browse/EMQX-9976
---
 .../src/emqx_bridge_rabbitmq.app.src                 |  2 +-
 .../src/emqx_bridge_rabbitmq_connector.erl           | 12 ++++++++++++
 apps/emqx_rule_engine/src/emqx_rule_engine.app.src   |  2 +-
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/apps/emqx_bridge_rabbitmq/src/emqx_bridge_rabbitmq.app.src b/apps/emqx_bridge_rabbitmq/src/emqx_bridge_rabbitmq.app.src
index 2b572a98c..b8f7b3327 100644
--- a/apps/emqx_bridge_rabbitmq/src/emqx_bridge_rabbitmq.app.src
+++ b/apps/emqx_bridge_rabbitmq/src/emqx_bridge_rabbitmq.app.src
@@ -1,6 +1,6 @@
 {application, emqx_bridge_rabbitmq, [
     {description, "EMQX Enterprise RabbitMQ Bridge"},
-    {vsn, "0.1.1"},
+    {vsn, "0.1.2"},
     {registered, []},
     {applications, [kernel, stdlib, ecql, rabbit_common, amqp_client]},
     {env, []},
diff --git a/apps/emqx_bridge_rabbitmq/src/emqx_bridge_rabbitmq_connector.erl b/apps/emqx_bridge_rabbitmq/src/emqx_bridge_rabbitmq_connector.erl
index 3e809d99c..749cb8bc1 100644
--- a/apps/emqx_bridge_rabbitmq/src/emqx_bridge_rabbitmq_connector.erl
+++ b/apps/emqx_bridge_rabbitmq/src/emqx_bridge_rabbitmq_connector.erl
@@ -13,6 +13,7 @@
 
 %% Needed to create RabbitMQ connection
 -include_lib("amqp_client/include/amqp_client.hrl").
+-include_lib("credentials_obfuscation/include/credentials_obfuscation.hrl").
 
 -behaviour(emqx_resource).
 -behaviour(hocon_schema).
@@ -230,6 +231,17 @@ on_start(
         processed_payload_template => ProcessedTemplate,
         config => Config
     },
+    %% Initialize RabbitMQ's secret library so that the password is encrypted
+    %% in the log files.
+    case credentials_obfuscation:secret() of
+        ?PENDING_SECRET ->
+            Bytes = crypto:strong_rand_bytes(128),
+            %% The password can appear in log files if we don't do this
+            credentials_obfuscation:set_secret(Bytes);
+        _ ->
+            %% Already initialized
+            ok
+    end,
     case emqx_resource_pool:start(InstanceID, ?MODULE, Options) of
         ok ->
             {ok, State};
diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine.app.src b/apps/emqx_rule_engine/src/emqx_rule_engine.app.src
index c6f94f5ea..7b4d1ee98 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_engine.app.src
+++ b/apps/emqx_rule_engine/src/emqx_rule_engine.app.src
@@ -2,7 +2,7 @@
 {application, emqx_rule_engine, [
     {description, "EMQX Rule Engine"},
     % strict semver, bump manually!
-    {vsn, "5.0.18"},
+    {vsn, "5.0.19"},
     {modules, []},
     {registered, [emqx_rule_engine_sup, emqx_rule_engine]},
     {applications, [kernel, stdlib, rulesql, getopt, emqx_ctl]},

From b6c4bb311fccf3367de7cfcac613a8a87eaed475 Mon Sep 17 00:00:00 2001
From: Kjell Winblad <kjellwinblad@gmail.com>
Date: Tue, 30 May 2023 12:34:00 +0200
Subject: [PATCH 2/2] docs: add change log entry for RabbitMQ password log leak
 fix

---
 changes/ee/fix-10878.en.md | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changes/ee/fix-10878.en.md

diff --git a/changes/ee/fix-10878.en.md b/changes/ee/fix-10878.en.md
new file mode 100644
index 000000000..dc1ea04d9
--- /dev/null
+++ b/changes/ee/fix-10878.en.md
@@ -0,0 +1 @@
+A vulnerability in the RabbitMQ bridge, which could potentially expose passwords to log files, has been rectified