> On March 16, 2017, 9:27 p.m., Peter Vary wrote:
> > jdbc/src/java/org/apache/hive/jdbc/Utils.java
> > Lines 423-426 (patched)
> > <https://reviews.apache.org/r/56763/diff/3-4/?file=1665965#file1665965line423>
> >
> > I think you will kick me around after this. Most probably I was not
> > clear enough what I ment with my comment.
> >
> > The HIDDEN_CONF_LIST contains configuration keys, which values should
> > be kept secret. (Comma separated list of configuration options which should
> > not be read by normal user like passwords)
> >
> > So I was thinkig about somethig like this:
> > // Remove hive.conf.hidden.list values
> > for (String entry : HiveConfUtil.getHiddenSet(conf)) {
> > anonymizedUriString = anonymizedUriString.replaceAll("(?i)" + entry +
> > "=[^;?#]*", entry + "=xxxxx");
> > }
> >
> > Only when I wrote down the code did I realize, that we are on the
> > client side so we can not use this configuration value.
> > Sorry for the extra rounds. This should be removed.
>
> Vaibhav Gumashta wrote:
> Actually it's good to remove that from logging because a client can pass
> hive conf parameters from client side as well
> (https://github.com/apache/hive/blob/master/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java#L148).
Then we should remember, that the hive.conf.hidden.list only contains the keys,
that we have to remove, so we should use the code like this:
```java
// Remove hive.conf.hidden.list values
Pattern pattern = Pattern.compile("[?;](?i)"
+ HiveConf.ConfVars.HIVE_CONF_HIDDEN_LIST.varname + "=([^;?#]*)");
Matcher hiddenMatcher = pattern.matcher(anonymizedUriString);
String hiddenListStr = null;
if (hiddenMatcher.find()) {
hiddenListStr = hiddenMatcher.group(1);
}
Set<String> hiddenSet = new HashSet<String>();
if (!StringUtils.isEmpty(hiddenListStr)) {
for (String entry : hiddenListStr.split(",")) {
hiddenSet.add(entry.trim());
}
}
for (String entry : hiddenSet) {
anonymizedUriString = anonymizedUriString.replaceAll("([?;])(?i)" + entry
+ "=[^;?#]*",
"$1" + entry + "=xxxxx");
}
```
- Peter
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56763/#review169212
-----------------------------------------------------------
On March 17, 2017, 9:14 a.m., Vaibhav Gumashta wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/56763/
> -----------------------------------------------------------
>
> (Updated March 17, 2017, 9:14 a.m.)
>
>
> Review request for hive, Peter Vary and Thejas Nair.
>
>
> Bugs: HIVE-15931
> https://issues.apache.org/jira/browse/HIVE-15931
>
>
> Repository: hive-git
>
>
> Description
> -------
>
> https://issues.apache.org/jira/browse/HIVE-15931
>
>
> Diffs
> -----
>
> beeline/src/java/org/apache/hive/beeline/Commands.java 99ee82c
> itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java
> 4a82aa5
> jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java 1695c5d
> jdbc/src/java/org/apache/hive/jdbc/HiveDriver.java a349f8b
> jdbc/src/java/org/apache/hive/jdbc/Utils.java bfae8b9
> jdbc/src/java/org/apache/hive/jdbc/ZooKeeperHiveClientHelper.java 8d6003a
> jdbc/src/test/org/apache/hive/jdbc/TestJdbcDriver.java 162e42f
>
>
> Diff: https://reviews.apache.org/r/56763/diff/6/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Vaibhav Gumashta
>
>
