From f9a75cb2a9f5404803af26ae02376becfe9c3578 Mon Sep 17 00:00:00 2001
From: Paulo Zulato <paulozulato@gmail.com>
Date: Tue, 16 May 2023 20:48:54 -0300
Subject: [PATCH] fix(oracle): hide password on stacktrace

---
 apps/emqx_oracle/rebar.config            | 2 +-
 apps/emqx_oracle/src/emqx_oracle.app.src | 2 +-
 apps/emqx_oracle/src/emqx_oracle.erl     | 6 ++----
 changes/ee/fix-10741.en.md               | 1 +
 4 files changed, 5 insertions(+), 6 deletions(-)
 create mode 100644 changes/ee/fix-10741.en.md

diff --git a/apps/emqx_oracle/rebar.config b/apps/emqx_oracle/rebar.config
index 14461ba34..c6113fe30 100644
--- a/apps/emqx_oracle/rebar.config
+++ b/apps/emqx_oracle/rebar.config
@@ -1,7 +1,7 @@
 %% -*- mode: erlang; -*-
 
 {erl_opts, [debug_info]}.
-{deps, [ {jamdb_oracle, {git, "https://github.com/emqx/jamdb_oracle", {tag, "0.4.9.4"}}}
+{deps, [ {jamdb_oracle, {git, "https://github.com/emqx/jamdb_oracle", {tag, "0.4.9.5"}}}
        , {emqx_connector, {path, "../../apps/emqx_connector"}}
        , {emqx_resource, {path, "../../apps/emqx_resource"}}
        ]}.
diff --git a/apps/emqx_oracle/src/emqx_oracle.app.src b/apps/emqx_oracle/src/emqx_oracle.app.src
index fa48e8479..3beda05a4 100644
--- a/apps/emqx_oracle/src/emqx_oracle.app.src
+++ b/apps/emqx_oracle/src/emqx_oracle.app.src
@@ -1,6 +1,6 @@
 {application, emqx_oracle, [
     {description, "EMQX Enterprise Oracle Database Connector"},
-    {vsn, "0.1.0"},
+    {vsn, "0.1.1"},
     {registered, []},
     {applications, [
         kernel,
diff --git a/apps/emqx_oracle/src/emqx_oracle.erl b/apps/emqx_oracle/src/emqx_oracle.erl
index a0d7169f3..70d9cfbb2 100644
--- a/apps/emqx_oracle/src/emqx_oracle.erl
+++ b/apps/emqx_oracle/src/emqx_oracle.erl
@@ -96,7 +96,7 @@ on_start(
         {host, Host},
         {port, Port},
         {user, emqx_plugin_libs_rule:str(User)},
-        {password, emqx_secret:wrap(maps:get(password, Config, ""))},
+        {password, jamdb_secret:wrap(maps:get(password, Config, ""))},
         {sid, emqx_plugin_libs_rule:str(Sid)},
         {service_name, emqx_plugin_libs_rule:str(ServiceName)},
         {database, DB},
@@ -258,9 +258,7 @@ oracle_host_options() ->
     ?ORACLE_HOST_OPTIONS.
 
 connect(Opts) ->
-    Password = emqx_secret:unwrap(proplists:get_value(password, Opts)),
-    NewOpts = lists:keyreplace(password, 1, Opts, {password, Password}),
-    jamdb_oracle:start_link(NewOpts).
+    jamdb_oracle:start_link(Opts).
 
 sql_query_to_str(SqlQuery) ->
     emqx_plugin_libs_rule:str(SqlQuery).
diff --git a/changes/ee/fix-10741.en.md b/changes/ee/fix-10741.en.md
new file mode 100644
index 000000000..d6d1e27ac
--- /dev/null
+++ b/changes/ee/fix-10741.en.md
@@ -0,0 +1 @@
+Fix password leaking on stacktrace for Oracle Database.