This is an automated email from the ASF dual-hosted git repository. davsclaus pushed a commit to branch camel-3.0.x in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/camel-3.0.x by this push: new e46fa51 CAMEL-14375: camel-kafka - The saslJaasConfig option may contain sensitive information that can be logged e46fa51 is described below commit e46fa51f6481c717850d1bcef7a86be7b9f6f641 Author: Claus Ibsen <claus.ib...@gmail.com> AuthorDate: Wed Jan 8 14:36:41 2020 +0100 CAMEL-14375: camel-kafka - The saslJaasConfig option may contain sensitive information that can be logged --- core/camel-util/src/main/java/org/apache/camel/util/URISupport.java | 2 +- .../src/test/java/org/apache/camel/util/URISupportTest.java | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/core/camel-util/src/main/java/org/apache/camel/util/URISupport.java b/core/camel-util/src/main/java/org/apache/camel/util/URISupport.java index b3dcc2b..c5dcda6 100644 --- a/core/camel-util/src/main/java/org/apache/camel/util/URISupport.java +++ b/core/camel-util/src/main/java/org/apache/camel/util/URISupport.java @@ -39,7 +39,7 @@ public final class URISupport { // Match any key-value pair in the URI query string whose key contains // "passphrase" or "password" or secret key (case-insensitive). // First capture group is the key, second is the value. - private static final Pattern SECRETS = Pattern.compile("([?&][^=]*(?:passphrase|password|secretKey|accessToken|clientSecret|authorizationToken)[^=]*)=(RAW[({].*[)}]|[^&]*)", Pattern.CASE_INSENSITIVE); + private static final Pattern SECRETS = Pattern.compile("([?&][^=]*(?:passphrase|password|secretKey|accessToken|clientSecret|authorizationToken|saslJaasConfig)[^=]*)=(RAW[({].*[)}]|[^&]*)", Pattern.CASE_INSENSITIVE); // Match the user password in the URI as second capture group // (applies to URI with authority component and userinfo token in the form diff --git a/core/camel-util/src/test/java/org/apache/camel/util/URISupportTest.java b/core/camel-util/src/test/java/org/apache/camel/util/URISupportTest.java index ca23e2b..60cad52 100644 --- a/core/camel-util/src/test/java/org/apache/camel/util/URISupportTest.java +++ b/core/camel-util/src/test/java/org/apache/camel/util/URISupportTest.java @@ -304,6 +304,12 @@ public class URISupportTest { } @Test + public void testSanitizeSaslJaasConfig() throws Exception { + String out1 = URISupport.sanitizeUri("kafka://MY-TOPIC-NAME?saslJaasConfig=org.apache.kafka.common.security.plain.PlainLoginModule required username=scott password=tiger"); + assertEquals("kafka://MY-TOPIC-NAME?saslJaasConfig=xxxxxx", out1); + } + + @Test public void testNormalizeEndpointUriWithUserInfoSpecialSign() throws Exception { String out1 = URISupport.normalizeUri("ftp://us%40r:t%st@localhost:21000/tmp3/camel?foo=us@r"); assertEquals("ftp://us%40r:t%25st@localhost:21000/tmp3/camel?foo=us%40r", out1);