use of com.mysql.cj.conf.ConnectionUrl in project aws-mysql-jdbc by awslabs.
the class SQLXMLTests method testXXEInjectionAllowance.
@Test
public void testXXEInjectionAllowance() throws SQLException {
final String xmlString = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n" + "<!DOCTYPE foo [\n" + "<!ELEMENT foo ANY >\n" + "<!ENTITY xxe SYSTEM \"file:///dev/nonExistantFile\" >]><foo>&xxe;</foo>";
final String url = "jdbc:mysql://somehost:1234/test?" + PropertyKey.allowXmlUnsafeExternalEntity.getKeyName() + "=true";
final String possibleErrorMsg1 = "(No such file or directory)";
final String possibleErrorMsg2 = "(The system cannot find the path specified)";
final ConnectionUrl connUrl = ConnectionUrl.getConnectionUrlInstance(url, new Properties());
JdbcPropertySetImpl connProperties = new JdbcPropertySetImpl();
connProperties.initializeProperties(connUrl.getMainHost().exposeAsProperties());
MysqlSQLXML xmlTest = new MysqlSQLXML(null, connProperties);
xmlTest.setString(xmlString);
SQLException exception = assertThrows(SQLException.class, () -> xmlTest.getSource(DOMSource.class));
// Assert correct error code was produced
assertSame("S1009", exception.getSQLState());
// Assert that the reason for this exception is because the file does not exist (and not because DTDs is disabled)
assertTrue(exception.getMessage().contains(possibleErrorMsg1) || exception.getMessage().contains(possibleErrorMsg2));
}
use of com.mysql.cj.conf.ConnectionUrl in project aws-mysql-jdbc by awslabs.
the class ConnectionProxyTest method testInvokeThrowsException.
@Test
public void testInvokeThrowsException() throws Throwable {
doThrow(new SQLException()).when(mockPluginManager).execute(any(), eq("createStatement"), any(), any());
final ConnectionUrl conStr = ConnectionUrl.getConnectionUrlInstance(DEFAULT_CONNECTION_STR, new Properties());
final ConnectionProxy proxy = getConnectionProxy(conStr);
assertSame(mockConnection, proxy.getCurrentConnection());
assertThrows(SQLException.class, () -> proxy.invoke(null, Connection.class.getMethod("createStatement"), null));
}
use of com.mysql.cj.conf.ConnectionUrl in project aws-mysql-jdbc by awslabs.
the class AWSSecretsManagerPluginTest method testFailedToGetSecrets.
/**
* The plugin will attempt to open a connection with a cached secret, but it will fail with an access error.
* In this case, the plugin will attempt to fetch the secret and retry the connection,
* but it will fail because an exception was thrown by the AWS Secrets Manager.
*/
@Test
public void testFailedToGetSecrets() throws SQLException {
// Fail initial connection attempt so secrets will be retrieved.
final SQLException failedFirstConnectionAccessException = new SQLException(TEST_SQL_ERROR, AWSSecretsManagerPlugin.SQLSTATE_ACCESS_ERROR);
doThrow(failedFirstConnectionAccessException).doNothing().when(nextPlugin).openInitialConnection(any(ConnectionUrl.class));
doThrow(SecretsManagerException.class).when(this.mockSecretsManagerClient).getSecretValue(this.mockGetValueRequest);
final SQLException getSecretsFailedException = assertThrows(SQLException.class, () -> this.plugin.openInitialConnection(this.connectionUrl));
assertEquals(getSecretsFailedException.getMessage(), AWSSecretsManagerPlugin.ERROR_GET_SECRETS_FAILED);
assertEquals(0, AWSSecretsManagerPlugin.SECRET_CACHE.size());
verify(this.mockSecretsManagerClient).getSecretValue(this.mockGetValueRequest);
verify(this.nextPlugin).openInitialConnection(this.captor.capture());
final List<ConnectionUrl> connectionUrls = this.captor.getAllValues();
final Map<String, String> connectionProperties = connectionUrls.get(0).getOriginalProperties();
assertNull(connectionProperties.get("user"));
assertNull(connectionProperties.get("password"));
}
use of com.mysql.cj.conf.ConnectionUrl in project aws-mysql-jdbc by awslabs.
the class NonRegisteringDriver method getPropertyInfo.
@Override
public DriverPropertyInfo[] getPropertyInfo(String url, Properties info) throws SQLException {
String host = "";
String port = "";
String database = "";
String user = "";
String password = "";
if (!isNullOrEmpty(url)) {
ConnectionUrl connStr = ConnectionUrl.getConnectionUrlInstance(url, info);
if (connStr.getType() == Type.SINGLE_CONNECTION || connStr.getType() == Type.SINGLE_CONNECTION_AWS) {
HostInfo hostInfo = connStr.getMainHost();
info = hostInfo.exposeAsProperties();
}
}
if (info != null) {
host = info.getProperty(PropertyKey.HOST.getKeyName());
port = info.getProperty(PropertyKey.PORT.getKeyName());
database = info.getProperty(PropertyKey.DBNAME.getKeyName());
user = info.getProperty(PropertyKey.USER.getKeyName());
password = info.getProperty(PropertyKey.PASSWORD.getKeyName());
}
DriverPropertyInfo hostProp = new DriverPropertyInfo(PropertyKey.HOST.getKeyName(), host);
hostProp.required = true;
hostProp.description = Messages.getString("NonRegisteringDriver.3");
DriverPropertyInfo portProp = new DriverPropertyInfo(PropertyKey.PORT.getKeyName(), port);
portProp.required = false;
portProp.description = Messages.getString("NonRegisteringDriver.7");
DriverPropertyInfo dbProp = new DriverPropertyInfo(PropertyKey.DBNAME.getKeyName(), database);
dbProp.required = false;
dbProp.description = Messages.getString("NonRegisteringDriver.10");
DriverPropertyInfo userProp = new DriverPropertyInfo(PropertyKey.USER.getKeyName(), user);
userProp.required = true;
userProp.description = Messages.getString("NonRegisteringDriver.13");
DriverPropertyInfo passwordProp = new DriverPropertyInfo(PropertyKey.PASSWORD.getKeyName(), password);
passwordProp.required = true;
passwordProp.description = Messages.getString("NonRegisteringDriver.16");
JdbcPropertySet propSet = new JdbcPropertySetImpl();
propSet.initializeProperties(info);
List<DriverPropertyInfo> driverPropInfo = propSet.exposeAsDriverPropertyInfo();
DriverPropertyInfo[] dpi = new DriverPropertyInfo[5 + driverPropInfo.size()];
dpi[0] = hostProp;
dpi[1] = portProp;
dpi[2] = dbProp;
dpi[3] = userProp;
dpi[4] = passwordProp;
System.arraycopy(driverPropInfo.toArray(new DriverPropertyInfo[0]), 0, dpi, 5, driverPropInfo.size());
return dpi;
}
use of com.mysql.cj.conf.ConnectionUrl in project aws-mysql-jdbc by awslabs.
the class NonRegisteringDriver method isAcceptAwsProtocolOnly.
private boolean isAcceptAwsProtocolOnly(String url) {
Properties info = new Properties();
ConnectionUrl conStr = ConnectionUrl.getConnectionUrlInstance(url, info);
Map<String, String> connProps = conStr.getOriginalProperties();
if (connProps.containsKey("acceptAwsProtocolOnly")) {
return Boolean.parseBoolean(connProps.get("acceptAwsProtocolOnly"));
} else {
return acceptAwsProtocolOnly;
}
}
Aggregations