yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: password leaks from rule engine logs

This commit is contained in:
Shawn 2023-06-15 14:58:03 +08:00
parent fd551e92d1
commit e64587f3da
11 changed files with 17 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/emqx_rule_engine/include/rule_engine.hrl
View File

@ -14,6 +14,8 @@
%% limitations under the License. %% limitations under the License.
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
-include_lib("emqx/include/logger.hrl").
-define(APP, emqx_rule_engine). -define(APP, emqx_rule_engine).
-define(KV_TAB, '@rule_engine_db'). -define(KV_TAB, '@rule_engine_db').
@ -186,11 +188,11 @@
case lists:filter(fun(ResParttern) -> false; (_) -> true end, ResL) of case lists:filter(fun(ResParttern) -> false; (_) -> true end, ResL) of
[] -> ResL; [] -> ResL;
ErrL -> ErrL ->
?LOG(error, "cluster_call error found, ResL: ~p", [ResL]), ?LOG_SENSITIVE(error, "cluster_call error found, ResL: ~p", [ResL]),
throw({Func, ErrL}) throw({Func, ErrL})
end; end;
{ResL, BadNodes} -> {ResL, BadNodes} ->
?LOG(error, "cluster_call bad nodes found: ~p, ResL: ~p", [BadNodes, ResL]), ?LOG_SENSITIVE(error, "cluster_call bad nodes found: ~p, ResL: ~p", [BadNodes, ResL]),
throw({Func, {failed_on_nodes, BadNodes}}) throw({Func, {failed_on_nodes, BadNodes}})
end end()). end end()).

1
apps/emqx_rule_engine/src/emqx_rule_actions.erl
View File

@ -20,7 +20,6 @@
-include("rule_engine.hrl"). -include("rule_engine.hrl").
-include("rule_actions.hrl"). -include("rule_actions.hrl").
-include_lib("emqx/include/emqx.hrl"). -include_lib("emqx/include/emqx.hrl").
-include_lib("emqx/include/logger.hrl").
-define(BAD_TOPIC_WITH_WILDCARD, wildcard_topic_not_allowed_for_publish). -define(BAD_TOPIC_WITH_WILDCARD, wildcard_topic_not_allowed_for_publish).

1
apps/emqx_rule_engine/src/emqx_rule_engine.erl
View File

@ -17,7 +17,6 @@
-module(emqx_rule_engine). -module(emqx_rule_engine).
-include("rule_engine.hrl"). -include("rule_engine.hrl").
-include_lib("emqx/include/logger.hrl").
-export([ load_providers/0 -export([ load_providers/0
, unload_providers/0 , unload_providers/0

17
apps/emqx_rule_engine/src/emqx_rule_engine_api.erl
View File

@ -19,7 +19,6 @@
-behaviour(gen_server). -behaviour(gen_server).
-include("rule_engine.hrl"). -include("rule_engine.hrl").
-include_lib("emqx/include/logger.hrl").
-logger_header("[RuleEngineAPI]"). -logger_header("[RuleEngineAPI]").
@ -329,7 +328,7 @@ do_create_rule(Params) ->
error -> do_create_rule2(ParsedParams) error -> do_create_rule2(ParsedParams)
end; end;
{error, Reason} -> {error, Reason} ->
?LOG(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]), ?LOG_SENSITIVE(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]),
return({error, 400, ?ERR_BADARGS(Reason)}) return({error, 400, ?ERR_BADARGS(Reason)})
end. end.
@ -339,7 +338,7 @@ do_create_rule2(ParsedParams) ->
{error, {action_not_found, ActionName}} -> {error, {action_not_found, ActionName}} ->
return({error, 400, ?ERR_NO_ACTION(ActionName)}); return({error, 400, ?ERR_NO_ACTION(ActionName)});
{error, Reason} -> {error, Reason} ->
?LOG(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]), ?LOG_SENSITIVE(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]),
return({error, 400, ?ERR_BADARGS(Reason)}) return({error, 400, ?ERR_BADARGS(Reason)})
end. end.
@ -352,11 +351,11 @@ delegate_update_rule(#{id := Id0}, Params) ->
{error, {not_found, RuleId}} -> {error, {not_found, RuleId}} ->
return({error, 400, ?ERR_NO_RULE(RuleId)}); return({error, 400, ?ERR_NO_RULE(RuleId)});
{error, Reason} -> {error, Reason} ->
?LOG(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]), ?LOG_SENSITIVE(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]),
return({error, 400, ?ERR_BADARGS(Reason)}) return({error, 400, ?ERR_BADARGS(Reason)})
end; end;
{error, Reason} -> {error, Reason} ->
?LOG(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]), ?LOG_SENSITIVE(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]),
return({error, 400, ?ERR_BADARGS(Reason)}) return({error, 400, ?ERR_BADARGS(Reason)})
end. end.
@ -409,7 +408,7 @@ delegate_create_resource(#{}, Params) ->
fun() -> do_create_resource(create_resource, ParsedParams) end, fun() -> do_create_resource(create_resource, ParsedParams) end,
Params); Params);
{error, Reason} -> {error, Reason} ->
?LOG(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]), ?LOG_SENSITIVE(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]),
return({error, 400, ?ERR_BADARGS(Reason)}) return({error, 400, ?ERR_BADARGS(Reason)})
end. end.
@ -434,7 +433,7 @@ do_create_resource2(Create, ParsedParams) ->
{error, {init_resource, _}} -> {error, {init_resource, _}} ->
return({error, 500, <<"Init resource failure!">>}); return({error, 500, <<"Init resource failure!">>});
{error, Reason} -> {error, Reason} ->
?LOG(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]), ?LOG_SENSITIVE(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]),
return({error, 400, ?ERR_BADARGS(Reason)}) return({error, 400, ?ERR_BADARGS(Reason)})
end. end.
@ -483,7 +482,7 @@ delegate_start_resource(#{id := Id0}, _Params) ->
{error, {resource_not_found, ResId}} -> {error, {resource_not_found, ResId}} ->
return({error, 400, ?ERR_NO_RESOURCE(ResId)}); return({error, 400, ?ERR_NO_RESOURCE(ResId)});
{error, Reason} -> {error, Reason} ->
?LOG(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]), ?LOG_SENSITIVE(error, "~p failed: ~0p", [?FUNCTION_NAME, Reason]),
return({error, 400, ?ERR_BADARGS(Reason)}) return({error, 400, ?ERR_BADARGS(Reason)})
end. end.
@ -508,7 +507,7 @@ delegate_update_resource(#{id := Id0}, NewParams) ->
{error, {dependent_rules_exists, RuleIds}} -> {error, {dependent_rules_exists, RuleIds}} ->
return({error, 400, ?ERR_DEP_RULES_EXISTS(RuleIds)}); return({error, 400, ?ERR_DEP_RULES_EXISTS(RuleIds)});
{error, Reason} -> {error, Reason} ->
?LOG(error, "Resource update failed: ~0p", [Reason]), ?LOG_SENSITIVE(error, "Resource update failed: ~0p", [Reason]),
return({error, 400, ?ERR_BADARGS(Reason)}) return({error, 400, ?ERR_BADARGS(Reason)})
end. end.

5
apps/emqx_rule_engine/src/emqx_rule_events.erl
View File

@ -16,11 +16,10 @@
-module(emqx_rule_events). -module(emqx_rule_events).
-logger_header("[RuleEvents]").
-include("rule_engine.hrl"). -include("rule_engine.hrl").
-include_lib("emqx/include/emqx.hrl"). -include_lib("emqx/include/emqx.hrl").
-include_lib("emqx/include/logger.hrl").
-logger_header("[RuleEvents]").
-export([ load/1 -export([ load/1
, unload/0 , unload/0

3
apps/emqx_rule_engine/src/emqx_rule_monitor.erl
View File

@ -18,9 +18,8 @@
-behavior(gen_server). -behavior(gen_server).
-include("rule_engine.hrl").
-include_lib("emqx/include/logger.hrl").
-logger_header("[Rule Monitor]"). -logger_header("[Rule Monitor]").
-include("rule_engine.hrl").
-export([init/1, -export([init/1,
handle_call/3, handle_call/3,

4
apps/emqx_rule_engine/src/emqx_rule_registry.erl
View File

@ -18,10 +18,8 @@
-behaviour(gen_server). -behaviour(gen_server).
-include("rule_engine.hrl").
-include_lib("emqx/include/logger.hrl").
-logger_header("[RuleRegistry]"). -logger_header("[RuleRegistry]").
-include("rule_engine.hrl").
-export([start_link/0]). -export([start_link/0]).

1
apps/emqx_rule_engine/src/emqx_rule_runtime.erl
View File

@ -19,7 +19,6 @@
-include("rule_engine.hrl"). -include("rule_engine.hrl").
-include("rule_actions.hrl"). -include("rule_actions.hrl").
-include_lib("emqx/include/emqx.hrl"). -include_lib("emqx/include/emqx.hrl").
-include_lib("emqx/include/logger.hrl").
-export([ apply_rule/2 -export([ apply_rule/2
, apply_rules/2 , apply_rules/2

1
apps/emqx_rule_engine/src/emqx_rule_sqltester.erl
View File

@ -15,7 +15,6 @@
-module(emqx_rule_sqltester). -module(emqx_rule_sqltester).
-include("rule_engine.hrl"). -include("rule_engine.hrl").
-include_lib("emqx/include/logger.hrl").
-export([ test/1 -export([ test/1
]). ]).

1
apps/emqx_rule_engine/src/emqx_rule_utils.erl
View File

@ -17,7 +17,6 @@
-module(emqx_rule_utils). -module(emqx_rule_utils).
-include("rule_engine.hrl"). -include("rule_engine.hrl").
-include_lib("emqx/include/logger.hrl").
-export([ replace_var/2 -export([ replace_var/2
]). ]).

2
rebar.config
View File

@ -52,7 +52,7 @@
, {ekka, {git, "https://github.com/emqx/ekka", {tag, "0.8.1.11"}}} , {ekka, {git, "https://github.com/emqx/ekka", {tag, "0.8.1.11"}}}
, {gen_rpc, {git, "https://github.com/emqx/gen_rpc", {tag, "3.0.1"}}} , {gen_rpc, {git, "https://github.com/emqx/gen_rpc", {tag, "3.0.1"}}}
, {cuttlefish, {git, "https://github.com/emqx/cuttlefish", {tag, "v3.3.6"}}} , {cuttlefish, {git, "https://github.com/emqx/cuttlefish", {tag, "v3.3.6"}}}
, {minirest, {git, "https://github.com/emqx/minirest", {tag, "0.3.11"}}} , {minirest, {git, "https://github.com/emqx/minirest", {tag, "0.3.12"}}}
, {ecpool, {git, "https://github.com/emqx/ecpool", {tag, "0.5.2"}}} , {ecpool, {git, "https://github.com/emqx/ecpool", {tag, "0.5.2"}}}
, {replayq, {git, "https://github.com/emqx/replayq", {tag, "0.3.5"}}} , {replayq, {git, "https://github.com/emqx/replayq", {tag, "0.3.5"}}}
, {pbkdf2, {git, "https://github.com/emqx/erlang-pbkdf2.git", {branch, "2.0.4"}}} , {pbkdf2, {git, "https://github.com/emqx/erlang-pbkdf2.git", {branch, "2.0.4"}}}