yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: incorrectly attempt to update the field value when the previous field don't have value

This commit is contained in:
zhongwencool 2024-01-03 16:06:25 +08:00
parent f2f099ff18
commit 90404b62a4
3 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/emqx_utils/src/emqx_utils.app.src
View File

@ -2,7 +2,7 @@
{application, emqx_utils, [ {application, emqx_utils, [
{description, "Miscellaneous utilities for EMQX apps"}, {description, "Miscellaneous utilities for EMQX apps"},
% strict semver, bump manually! % strict semver, bump manually!
{vsn, "5.0.13"}, {vsn, "5.0.14"},
{modules, [ {modules, [
emqx_utils, emqx_utils,
emqx_utils_api, emqx_utils_api,

25
apps/emqx_utils/src/emqx_utils.erl
View File

@ -760,7 +760,11 @@ deobfuscate(NewConf, OldConf) ->
fun(K, V, Acc) -> fun(K, V, Acc) ->
case maps:find(K, OldConf) of case maps:find(K, OldConf) of
error -> error ->
Acc#{K => V}; case is_redacted(K, V) of
%% don't put redacted value into new config
true -> Acc;
false -> Acc#{K => V}
end;
{ok, OldV} when is_map(V), is_map(OldV) -> {ok, OldV} when is_map(V), is_map(OldV) ->
Acc#{K => deobfuscate(V, OldV)}; Acc#{K => deobfuscate(V, OldV)};
{ok, OldV} -> {ok, OldV} ->
@ -879,6 +883,25 @@ redact2_test_() ->
Keys = [secret, passcode], Keys = [secret, passcode],
[{case_name(atom, Key), fun() -> Case(Key, Checker) end} || Key <- Keys]. [{case_name(atom, Key), fun() -> Case(Key, Checker) end} || Key <- Keys].
deobfuscate_test() ->
NewConf0 = #{foo => <<"bar0">>, password => <<"123456">>},
?assertEqual(NewConf0, deobfuscate(NewConf0, #{foo => <<"bar">>, password => <<"654321">>})),
NewConf1 = #{foo => <<"bar1">>, password => <<?REDACT_VAL>>},
?assertEqual(
#{foo => <<"bar1">>, password => <<"654321">>},
deobfuscate(NewConf1, #{foo => <<"bar">>, password => <<"654321">>})
),
%% Don't have password before and ignore to put redact_val into new config
NewConf2 = #{foo => <<"bar2">>, password => ?REDACT_VAL},
?assertEqual(#{foo => <<"bar2">>}, deobfuscate(NewConf2, #{foo => <<"bar">>})),
%% Don't have password before and should allow put non-redact-val into new config
NewConf3 = #{foo => <<"bar3">>, password => <<"123456">>},
?assertEqual(NewConf3, deobfuscate(NewConf3, #{foo => <<"bar">>})),
ok.
redact_is_authorization_test_() -> redact_is_authorization_test_() ->
Types = [string, binary], Types = [string, binary],
Keys = ["auThorization", "Authorization", "authorizaTion"], Keys = ["auThorization", "Authorization", "authorizaTion"],

1
changes/ee/fix-12250.en.md Normal file
View File

@ -0,0 +1 @@
Fixed incorrect attempt to update the file_transfer configuration's secret_access_key value to masked stars ('*****')