This is an automated email from the ASF dual-hosted git repository. robbie pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/qpid-jms.git
The following commit(s) were added to refs/heads/main by this push: new b42d890e QPIDJMS-588: throw IAE on attempt to create connection factory with invalid failover URI components containing User-Info b42d890e is described below commit b42d890e60308881eb654c4f115a786eaa7ba118 Author: Robbie Gemmell <rob...@apache.org> AuthorDate: Wed May 17 14:52:07 2023 +0100 QPIDJMS-588: throw IAE on attempt to create connection factory with invalid failover URI components containing User-Info --- .../org/apache/qpid/jms/JmsConnectionFactory.java | 32 +++++++++---- .../ConnectionFactoryIntegrationTest.java | 54 ++++++++++++++++++++-- 2 files changed, 74 insertions(+), 12 deletions(-) diff --git a/qpid-jms-client/src/main/java/org/apache/qpid/jms/JmsConnectionFactory.java b/qpid-jms-client/src/main/java/org/apache/qpid/jms/JmsConnectionFactory.java index 664f0a67..24991295 100644 --- a/qpid-jms-client/src/main/java/org/apache/qpid/jms/JmsConnectionFactory.java +++ b/qpid-jms-client/src/main/java/org/apache/qpid/jms/JmsConnectionFactory.java @@ -21,6 +21,7 @@ import java.net.URISyntaxException; import java.security.AccessController; import java.security.PrivilegedAction; import java.util.EnumMap; +import java.util.List; import java.util.Map; import java.util.function.BiFunction; @@ -396,28 +397,41 @@ public class JmsConnectionFactory extends JNDIStorable implements ConnectionFact * @param remoteURI * the remoteURI to set */ - public void setRemoteURI(String remoteURI) { + public void setRemoteURI(final String remoteURI) { if (remoteURI == null || remoteURI.isEmpty()) { throw new IllegalArgumentException("Invalid URI: cannot be null or empty"); } - this.remoteURI = createURI(remoteURI); - if (this.remoteURI.getRawUserInfo() != null) { + final URI uri = createURI(remoteURI); + + if (uri.getRawUserInfo() != null) { throw new IllegalArgumentException("The supplied URI cannot contain a User-Info section"); } try { - if (URISupport.isCompositeURI(this.remoteURI)) { - CompositeData data = URISupport.parseComposite(this.remoteURI); + if (URISupport.isCompositeURI(uri)) { + final CompositeData data = URISupport.parseComposite(uri); + + final List<URI> components = data.getComponents(); + components.forEach(component -> { + if (component.getRawUserInfo() != null) { + throw new IllegalArgumentException("The component server URIs cannot contain a User-Info section"); + } + }); + applyURIOptions(data.getParameters()); this.remoteURI = data.toURI(); - } else if (this.remoteURI.getRawQuery() != null) { - Map<String, String> map = PropertyUtil.parseQuery(this.remoteURI); + } else if (uri.getRawQuery() != null) { + final Map<String, String> map = PropertyUtil.parseQuery(uri); applyURIOptions(map); - this.remoteURI = PropertyUtil.replaceQuery(this.remoteURI, map); + this.remoteURI = PropertyUtil.replaceQuery(uri, map); + } else { + this.remoteURI = uri; } + } catch (IllegalArgumentException iae) { + throw iae; } catch (Exception e) { - throw new IllegalArgumentException(e.getMessage()); + throw new IllegalArgumentException(e.getMessage(), e); } } diff --git a/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/ConnectionFactoryIntegrationTest.java b/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/ConnectionFactoryIntegrationTest.java index acaa259b..30f0aa9e 100644 --- a/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/ConnectionFactoryIntegrationTest.java +++ b/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/ConnectionFactoryIntegrationTest.java @@ -23,6 +23,7 @@ package org.apache.qpid.jms.integration; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNotSame; +import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; @@ -185,16 +186,63 @@ public class ConnectionFactoryIntegrationTest extends QpidJmsTestCase { } @Test(timeout=20000) - public void testCreateAmqpConnectionWithUserInfoThrowsJMSEx() throws Exception { + public void testCreateAmqpConnectionFactoryWithUserInfoThrowsIAE() throws Exception { try (TestAmqpPeer testPeer = new TestAmqpPeer();) { // DONT create a test fixture, we will drive everything directly. String uri = "amqp://user:pass@127.0.0.1:" + testPeer.getServerPort(); try { new JmsConnectionFactory(uri); fail("Should not be able to create a factory with user info value set."); - } catch (Exception ex) { - LOG.debug("Caught expected exception on invalid message ID format: {}", ex); + } catch (IllegalArgumentException iae) { + LOG.debug("Caught expected exception on invalid URI: {}", iae); + assertNotNull(iae.getMessage()); + assertEquals("The supplied URI cannot contain a User-Info section", iae.getMessage()); } + + testPeer.close(); + assertNull("Peer should not have accepted any connection", testPeer.getClientSocket()); + } + } + + @Test(timeout=20000) + public void testCreateFailoverConnectionFactoryWithComponentUriHavingUserInfoThrowsIAE() throws Exception { + try (TestAmqpPeer testPeer = new TestAmqpPeer();) { + // DONT create a test fixture, we will drive everything directly. + int peerPort = testPeer.getServerPort(); + + // Have sole server component URI be invalid + final String failoverURIsingle = "failover:(amqp://user:pass@localhost:" + peerPort + ")?failover.maxReconnectAttempts=1"; + doCreateFailoverConnectionFactoryWithComponentUriHavingUserInfoThrowsIAETestImpl(failoverURIsingle); + + // Have first server component URI be invalid + final String failoverURIfirst = "failover:(amqp://user:pass@localhost:" + peerPort + ",amqp://127.0.0.1:" + peerPort + ")?failover.maxReconnectAttempts=1"; + doCreateFailoverConnectionFactoryWithComponentUriHavingUserInfoThrowsIAETestImpl(failoverURIfirst); + + // Have last server component URI be invalid + final String failoverURIlast = "failover:(amqp://127.0.0.1:" + peerPort + ",amqp://user:pass@localhost:" + peerPort + ")?failover.maxReconnectAttempts=1"; + doCreateFailoverConnectionFactoryWithComponentUriHavingUserInfoThrowsIAETestImpl(failoverURIlast); + + // Have a middle server component URI be invalid + final String failoverURImiddle = "failover:(amqp://127.0.0.1:" + peerPort + ",amqp://user:pass@localhost:" + peerPort + ",amqp://127.0.0.1:" + peerPort + ")?failover.maxReconnectAttempts=1"; + doCreateFailoverConnectionFactoryWithComponentUriHavingUserInfoThrowsIAETestImpl(failoverURImiddle); + + // Have multiple server component URIs be invalid + final String failoverURImultiple = "failover:(amqp://user:pass@127.0.0.1:" + peerPort + ",amqp://user:pass@localhost:" + peerPort + ",amqp://user:pass@127.0.0.1:" + peerPort + ")?failover.maxReconnectAttempts=1"; + doCreateFailoverConnectionFactoryWithComponentUriHavingUserInfoThrowsIAETestImpl(failoverURImultiple); + + testPeer.close(); + assertNull("Peer should not have accepted any connection", testPeer.getClientSocket()); + } + } + + private void doCreateFailoverConnectionFactoryWithComponentUriHavingUserInfoThrowsIAETestImpl(String failoverURI) { + try { + new JmsConnectionFactory(failoverURI); + fail("Should not be able to create a factory when failover URI contains component entry with user info value set."); + } catch (IllegalArgumentException iae) { + LOG.debug("Caught expected exception on invalid URI: {}", iae); + assertNotNull(iae.getMessage()); + assertEquals("The component server URIs cannot contain a User-Info section", iae.getMessage()); } } --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org