yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #11709 from zmstone/0929-fix-ldap-query-crash-when-no-match-returned 

0929 fix ldap query crash when no match returned
This commit is contained in:
Zaiming (Stone) Shi 2023-09-29 11:33:52 +02:00 committed by GitHub
parent b59a7ff2dd c64e599e81
commit c1ed798b69
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 21 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/emqx/include/emqx_release.hrl
View File

@ -35,7 +35,7 @@
-define(EMQX_RELEASE_CE, "5.3.0").
%% Enterprise edition
-define(EMQX_RELEASE_EE, "5.3.0-rc.1").
-define(EMQX_RELEASE_EE, "5.3.0-rc.2").
%% The HTTP API version
-define(EMQX_API_VERSION, "5.0").

2
apps/emqx/src/emqx_channel.erl
View File

@ -1996,6 +1996,8 @@ trim_conninfo(ConnInfo) ->
%% NOTE
%% We remove the peercert because it duplicates what's stored in the socket,
%% otherwise it wastes about 1KB per connection.
%% Retrieve with: esockd_transport:peercert(Socket).
%% Decode with APIs exported from esockd_peercert and esockd_ssl
peercert
],
ConnInfo

10
apps/emqx_dashboard_sso/src/emqx_dashboard_sso_ldap.erl
View File

@ -135,11 +135,13 @@ login(
ensure_user_exists(Username);
{ok, #{result := 'invalidCredentials'} = Reason} ->
{error, Reason};
{error, _} = Error ->
Error
{error, _Reason} ->
%% All error reasons are logged in resource buffer worker
{error, ldap_bind_query_failed}
end;
{error, _} = Error ->
Error
{error, _Reason} ->
%% All error reasons are logged in resource buffer worker
{error, ldap_query_failed}
end.
ensure_user_exists(Username) ->

12
apps/emqx_ldap/src/emqx_ldap.erl
View File

@ -262,10 +262,12 @@ do_ldap_query(
ldap_connector_query_return,
#{result => Result}
),
case Result#eldap_search_result.entries of
[_] = Entry ->
{ok, Entry};
[_ | _] = L ->
Entries = Result#eldap_search_result.entries,
Count = length(Entries),
case Count =< 1 of
true ->
{ok, Entries};
false ->
%% Accept only a single exact match.
%% Multiple matches likely indicate:
%% 1. A misconfiguration in EMQX, allowing overly broad query conditions.
@ -276,7 +278,7 @@ do_ldap_query(
error,
LogMeta#{
msg => "ldap_query_found_more_than_one_match",
count => length(L)
count => length(Entries)
}
),
{error, {unrecoverable_error, Msg}}

2
apps/emqx_resource/src/emqx_resource_buffer_worker.erl
View File

@ -856,7 +856,7 @@ handle_query_result(Id, Result, HasBeenSent) ->
{ack | nack, function(), counters()}.
handle_query_result_pure(_Id, ?RESOURCE_ERROR_M(exception, Msg), _HasBeenSent) ->
PostFn = fun() ->
?SLOG(error, #{msg => "resource_exception", info => Msg}),
?SLOG(error, #{msg => "resource_exception", info => emqx_utils:redact(Msg)}),
ok
end,
{nack, PostFn, #{}};

3
apps/emqx_rule_engine/src/emqx_rule_runtime.erl
View File

@ -361,8 +361,9 @@ do_handle_action(RuleId, {bridge, BridgeType, BridgeName, ResId}, Selected, _Env
Result ->
Result
end;
do_handle_action(RuleId, #{mod := Mod, func := Func, args := Args}, Selected, Envs) ->
do_handle_action(RuleId, #{mod := Mod, func := Func} = Action, Selected, Envs) ->
%% the function can also throw 'out_of_service'
Args = maps:get(args, Action, []),
Result = Mod:Func(Selected, Envs, Args),
inc_action_metrics(RuleId, Result),
Result.

4
deploy/charts/emqx-enterprise/Chart.yaml
View File

@ -14,8 +14,8 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
version: 5.3.0-rc.1
version: 5.3.0-rc.2
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
appVersion: 5.3.0-rc.1
appVersion: 5.3.0-rc.2