diff options
| author | Michael Klishin <klishinm@vmware.com> | 2023-05-10 22:01:37 +0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-05-10 22:01:37 +0400 |
| commit | f0a9130461f6caa23ecfff4f45523089010fcfe2 (patch) | |
| tree | 636830c48f308b630cf57612bd6f3c30feb943b6 | |
| parent | 2058f7b8314adc97a2998ec7b590908b58ce8af7 (diff) | |
| parent | 5eda3d20addfa0562218241d2c6bf6b1f7944e78 (diff) | |
| download | rabbitmq-server-git-f0a9130461f6caa23ecfff4f45523089010fcfe2.tar.gz | |
Merge pull request #8132 from rabbitmq/mergify/bp/v3.11.x/pr-8131
Correctly use AMQP URI query parameter `password` (backport #8130) (backport #8131)
| -rw-r--r-- | deps/amqp_client/src/amqp_uri.erl | 20 | ||||
| -rw-r--r-- | deps/amqp_client/test/unit_SUITE.erl | 10 |
2 files changed, 19 insertions, 11 deletions
diff --git a/deps/amqp_client/src/amqp_uri.erl b/deps/amqp_client/src/amqp_uri.erl index 5ebb11257e..bf650bfb2d 100644 --- a/deps/amqp_client/src/amqp_uri.erl +++ b/deps/amqp_client/src/amqp_uri.erl @@ -204,12 +204,15 @@ broker_add_query(Params, ParsedUri, Fields) -> return({ParamsN, Pos1}); Value -> try - ValueParsed = parse_amqp_param(Field, Value), - return( - {setelement(Pos, ParamsN, ValueParsed), Pos1}) + case parse_amqp_param(Field, Value) of + ignore -> + return({ParamsN, Pos1}); + ValueParsed -> + return({setelement(Pos, ParamsN, ValueParsed), Pos1}) + end catch throw:Reason -> - fail({invalid_amqp_params_parameter, - Field, Value, Query, Reason}) + fail({invalid_amqp_params_parameter, + Field, Value, Query, Reason}) end end end || Field <- Fields], {Params, 2}), @@ -221,8 +224,11 @@ parse_amqp_param(Field, String) when Field =:= channel_max orelse Field =:= connection_timeout orelse Field =:= depth -> find_integer_parameter(String); -parse_amqp_param(Field, String) when Field =:= password -> - find_identity_parameter(String); +parse_amqp_param(Field, _String) when Field =:= password -> + %% https://github.com/rabbitmq/rabbitmq-server/issues/8129 + %% Ignore `password` here since the parameter is used for setting a + %% certificate password, NOT an AMQP login password + return(ignore); parse_amqp_param(Field, String) -> fail({parameter_unconfigurable_in_query, Field, String}). diff --git a/deps/amqp_client/test/unit_SUITE.erl b/deps/amqp_client/test/unit_SUITE.erl index af4bc688e6..aeee31ec9a 100644 --- a/deps/amqp_client/test/unit_SUITE.erl +++ b/deps/amqp_client/test/unit_SUITE.erl @@ -147,8 +147,9 @@ amqp_uri_parsing(_Config) -> {server_name_indication,"host3"}], ?assertEqual(lists:usort(Exp3), lists:usort(TLSOpts3)), - {ok, #amqp_params_network{host = "host4", ssl_options = TLSOpts4}} = - amqp_uri:parse("amqps://host4/%2f?cacertfile=/path/to/cacertfile.pem" + {ok, #amqp_params_network{username = <<"user">>, password = <<"pass">>, + host = "host4", ssl_options = TLSOpts4}} = + amqp_uri:parse("amqps://user:pass@host4/%2f?cacertfile=/path/to/cacertfile.pem" "&certfile=/path/to/certfile.pem" "&password=topsecret" "&depth=5"), @@ -171,8 +172,9 @@ amqp_uri_parsing(_Config) -> {verify, verify_none}]), lists:usort(TLSOpts8)), - {ok, #amqp_params_network{host = "127.0.0.1", ssl_options = TLSOpts9}} = - amqp_uri:parse("amqps://127.0.0.1/%2f?cacertfile=/path/to/cacertfile.pem" + {ok, #amqp_params_network{username = <<"user">>, password = <<"pass">>, + host = "127.0.0.1", ssl_options = TLSOpts9}} = + amqp_uri:parse("amqps://user:pass@127.0.0.1/%2f?cacertfile=/path/to/cacertfile.pem" "&certfile=/path/to/certfile.pem" "&password=topsecret" "&depth=5"), |