From fa7433628cb94c42ad48a54b2b9155cc6dd78339 Mon Sep 17 00:00:00 2001 From: Ilya Averyanov Date: Thu, 22 Dec 2022 13:08:43 +0300 Subject: [PATCH] fix(logs): set password field sensitive for connectors --- apps/emqx_connector/src/emqx_connector_schema_lib.erl | 1 + changes/v5.0.13-en.md | 2 ++ changes/v5.0.13-zh.md | 2 ++ 3 files changed, 5 insertions(+) diff --git a/apps/emqx_connector/src/emqx_connector_schema_lib.erl b/apps/emqx_connector/src/emqx_connector_schema_lib.erl index a8639fefa..7bcfb6d21 100644 --- a/apps/emqx_connector/src/emqx_connector_schema_lib.erl +++ b/apps/emqx_connector/src/emqx_connector_schema_lib.erl @@ -104,6 +104,7 @@ password(type) -> binary(); password(desc) -> ?DESC("password"); password(required) -> false; password(format) -> <<"password">>; +password(sensitive) -> true; password(_) -> undefined. auto_reconnect(type) -> boolean(); diff --git a/changes/v5.0.13-en.md b/changes/v5.0.13-en.md index 38ca0a967..24f09d6f6 100644 --- a/changes/v5.0.13-en.md +++ b/changes/v5.0.13-en.md @@ -22,3 +22,5 @@ Prior to this change, a 'sticky' subscriber may continue to receive messages after unsubscribing. - Add check to ensure that a given key is among the prepared statements on query in the mysql connector [#9571](https://github.com/emqx/emqx/pull/9571). + +- Fix password leak to logs for connectors [#9608](https://github.com/emqx/emqx/pull/9608). diff --git a/changes/v5.0.13-zh.md b/changes/v5.0.13-zh.md index 619803dfc..089324f8d 100644 --- a/changes/v5.0.13-zh.md +++ b/changes/v5.0.13-zh.md @@ -22,3 +22,5 @@ 在此修复前,使用 'sticky' 策略的订阅客户端可能在取消订阅后继续收到消息。 - 增强 mysql 查询流程,确保给定的查询语句在 mysql 连接器的预编译语句中 [#9571](https://github.com/emqx/emqx/pull/9571)。 + +- 修复连接器日志的密码泄漏 [#9608](https://github.com/emqx/emqx/pull/9608)。