directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From zengl...@apache.org
Subject directory-kerby git commit: DIRKRB-703 Reduce client-side information leakage of MySQL plugin
Date Mon, 19 Mar 2018 09:50:46 GMT
Repository: directory-kerby
Updated Branches:
  refs/heads/trunk a4ee9e832 -> a3007464b


DIRKRB-703 Reduce client-side information leakage of MySQL plugin


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/a3007464
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/a3007464
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/a3007464

Branch: refs/heads/trunk
Commit: a3007464bc6ceb6fbd5cd9561082c139928038b5
Parents: a4ee9e8
Author: zenglinx <frank.zeng@intel.com>
Authored: Mon Mar 19 17:50:04 2018 +0800
Committer: zenglinx <frank.zeng@intel.com>
Committed: Mon Mar 19 17:50:04 2018 +0800

----------------------------------------------------------------------
 .../plugins/client/mysql/MySQLHasClientPlugin.java    | 14 +++-----------
 .../plugins/server/mysql/MySQLHasServerPlugin.java    |  8 ++++----
 2 files changed, 7 insertions(+), 15 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a3007464/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java
----------------------------------------------------------------------
diff --git a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java
b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java
index 675f295..5ff56fe 100644
--- a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java
+++ b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java
@@ -38,20 +38,15 @@ public class MySQLHasClientPlugin extends AbstractHasClientPlugin {
     @Override
     protected void doLogin(AuthToken authToken) {
 
-        //Get the ak info from env
+        //Get the user info from env
         String userName = System.getenv("userName");
         String password = System.getenv("password");
-
-        String mysqlUrl = System.getenv("mysqlUrl");
-        String mysqlUser = System.getenv("mysqlUser");
-        String mysqlPasswd = System.getenv("mysqlPasswd");
-
-        LOG.debug("Get the mysql login info successfully.");
+        LOG.debug("Get the user info successfully.");
 
         authToken.setIssuer("has");
         authToken.setSubject(userName);
 
-        final Date now = new Date(new Date().getTime() / 1000 * 1000);
+        final Date now = new Date(System.currentTimeMillis() / 1000 * 1000);
         authToken.setIssueTime(now);
         // Set expiration in 60 minutes
         Date exp = new Date(now.getTime() + 1000 * 60 * 60);
@@ -59,9 +54,6 @@ public class MySQLHasClientPlugin extends AbstractHasClientPlugin {
 
         authToken.addAttribute("user", userName);
         authToken.addAttribute("secret", password);
-        authToken.addAttribute("mysqlUrl", mysqlUrl);
-        authToken.addAttribute("mysqlUser", mysqlUser);
-        authToken.addAttribute("mysqlPasswd", mysqlPasswd);
 
         authToken.addAttribute("passPhrase", userName + password);
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a3007464/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
----------------------------------------------------------------------
diff --git a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
index 982860e..98f0675 100644
--- a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
+++ b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
@@ -49,7 +49,7 @@ public class MySQLHasServerPlugin extends AbstractHasServerPlugin {
     public void doAuthenticate(AuthToken userToken, AuthToken authToken)
         throws HasAuthenException {
 
-        // Check if the token is expired.
+        // Check if the token is expired
         Date expiredTime = userToken.getExpiredTime();
         Date now = new Date();
         if (now.after(expiredTime)) {
@@ -60,10 +60,10 @@ public class MySQLHasServerPlugin extends AbstractHasServerPlugin {
         String user = (String) userToken.getAttributes().get("user");
         String secret = (String) userToken.getAttributes().get("secret");
 
-        String mysqlUrl = (String) userToken.getAttributes().get("mysqlUrl");
+        String mysqlUrl = System.getenv("mysqlUrl");
         mysqlUrl = mysqlUrl.replace("jdbc:mysql:", "jdbc:mysql:thin:");
-        String mysqlUser = (String) userToken.getAttributes().get("mysqlUser");
-        String mysqlPasswd = (String) userToken.getAttributes().get("mysqlPasswd");
+        String mysqlUser = System.getenv("mysqlUser");
+        String mysqlPasswd = System.getenv("mysqlPasswd");
         Connection connection = startConnection(mysqlUrl, mysqlUser, mysqlPasswd);
 
         ResultSet res = null;


Mime
View raw message