This is an automated email from the ASF dual-hosted git repository.
jamesnetherton pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
The following commit(s) were added to refs/heads/main by this push:
new 294f70ce46 MySql test does not work on FIPS enabled system
294f70ce46 is described below
commit 294f70ce46b2aee22d782550a573cb05bf7410a1
Author: JiriOndrusek <ondrusek.j...@gmail.com>
AuthorDate: Thu May 2 09:53:28 2024 +0200
MySql test does not work on FIPS enabled system
---
integration-test-groups/jdbc/mysql/README.adoc | 26 ++++++++++++++
integration-test-groups/jdbc/mysql/pom.xml | 41 +++++++++++++++++++++-
.../jdbc/mysql/Sha256FIPSPasswordPlugin.java | 36 +++++++++++++++++++
3 files changed, 102 insertions(+), 1 deletion(-)
diff --git a/integration-test-groups/jdbc/mysql/README.adoc
b/integration-test-groups/jdbc/mysql/README.adoc
new file mode 100644
index 0000000000..14b0704560
--- /dev/null
+++ b/integration-test-groups/jdbc/mysql/README.adoc
@@ -0,0 +1,26 @@
+== JDBC MySql tests
+
+=== FIPS
+
+* To execute the tests on FIPS enabled system add `-Dfips` property so that
tests will use prooper transformation for the password. Example of usage:
+
+`mvn clean test -Dfips`
+
+* Dev service (MySql docker image) does not start correctly on FIPS enabled
system. Please use external database.
+
+To execute the tests against external database, provide the database's
connection information by setting environment variables
+
+```
+export MYSQL_JDBC_URL=#jdbc_url
+export MYSQL_JDBC_USERNAME=#username
+export MYSQL_JDBC_PASSWORD=#password
+```
+
+or for windows:
+
+```
+$Env:MYSQL_JDBC_URL = "#jdbc_url"
+$Env:MYSQL_JDBC_USERNAME="#username"
+$Env:MYSQL_JDBC_PASSWORD
+```
+.
\ No newline at end of file
diff --git a/integration-test-groups/jdbc/mysql/pom.xml
b/integration-test-groups/jdbc/mysql/pom.xml
index 171de324a4..af5c79e8e3 100644
--- a/integration-test-groups/jdbc/mysql/pom.xml
+++ b/integration-test-groups/jdbc/mysql/pom.xml
@@ -265,6 +265,45 @@
<skipTests>true</skipTests>
</properties>
</profile>
+ <profile>
+ <id>fips</id>
+ <activation>
+ <property>
+ <name>fips</name>
+ </property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <systemPropertyVariables>
+
<quarkus.datasource.mysql.jdbc.additional-jdbc-properties.authenticationPlugins>org.apache.camel.quarkus.component.jdbc.mysql.Sha256FIPSPasswordPlugin</quarkus.datasource.mysql.jdbc.additional-jdbc-properties.authenticationPlugins>
+
<quarkus.datasource.mysql.jdbc.additional-jdbc-properties.defaultAuthenticationPlugin>cq_fips_plugin</quarkus.datasource.mysql.jdbc.additional-jdbc-properties.defaultAuthenticationPlugin>
+
<quarkus.datasource.mysql.devservices.enabled>false</quarkus.datasource.mysql.devservices.enabled>
+
<quarkus.datasource.mysql.username>${env.MYSQL_JDBC_USERNAME}</quarkus.datasource.mysql.username>
+
<quarkus.datasource.mysql.password>${env.MYSQL_JDBC_PASSWORD}</quarkus.datasource.mysql.password>
+
<quarkus.datasource.mysql.jdbc.url>${env.MYSQL_JDBC_URL}</quarkus.datasource.mysql.jdbc.url>
+ </systemPropertyVariables>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-failsafe-plugin</artifactId>
+ <configuration>
+ <systemPropertyVariables>
+
<quarkus.datasource.mysql.jdbc.additional-jdbc-properties.authenticationPlugins>org.apache.camel.quarkus.component.jdbc.mysql.Sha256FIPSPasswordPlugin</quarkus.datasource.mysql.jdbc.additional-jdbc-properties.authenticationPlugins>
+
<quarkus.datasource.mysql.jdbc.additional-jdbc-properties.defaultAuthenticationPlugin>cq_fips_plugin</quarkus.datasource.mysql.jdbc.additional-jdbc-properties.defaultAuthenticationPlugin>
+
<quarkus.datasource.mysql.devservices.enabled>false</quarkus.datasource.mysql.devservices.enabled>
+
<quarkus.datasource.mysql.username>${env.MYSQL_JDBC_USERNAME}</quarkus.datasource.mysql.username>
+
<quarkus.datasource.mysql.password>${env.MYSQL_JDBC_PASSWORD}</quarkus.datasource.mysql.password>
+
<quarkus.datasource.mysql.jdbc.url>${env.MYSQL_JDBC_URL}</quarkus.datasource.mysql.jdbc.url>
+ </systemPropertyVariables>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
</profiles>
-
</project>
\ No newline at end of file
diff --git
a/integration-test-groups/jdbc/mysql/src/main/java/org/apache/camel/quarkus/component/jdbc/mysql/Sha256FIPSPasswordPlugin.java
b/integration-test-groups/jdbc/mysql/src/main/java/org/apache/camel/quarkus/component/jdbc/mysql/Sha256FIPSPasswordPlugin.java
new file mode 100644
index 0000000000..58d3977f5f
--- /dev/null
+++
b/integration-test-groups/jdbc/mysql/src/main/java/org/apache/camel/quarkus/component/jdbc/mysql/Sha256FIPSPasswordPlugin.java
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.jdbc.mysql;
+
+import com.mysql.cj.protocol.a.authentication.Sha256PasswordPlugin;
+
+public class Sha256FIPSPasswordPlugin extends Sha256PasswordPlugin {
+
+ public Sha256FIPSPasswordPlugin() {
+ super();
+ }
+
+ @Override
+ public String getProtocolPluginName() {
+ return "cq_fips_plugin";
+ }
+
+ @Override
+ protected byte[] encryptPassword() {
+ return encryptPassword("RSA/ECB/PKCS1Padding");
+ }
+}
