Home Explore Help
Register Sign In
lqb
/
canal
mirror of https://github.com/alibaba/canal.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

fixed security bugfix #4941 , process auth failed

jianghang.loujh 1 year ago
parent
93dac2d335
commit
67e0928d80
2 changed files with 4 additions and 2 deletions
Split View Show Diff Stats
  1. 2 2
      deployer/src/main/resources/canal_local.properties
  2. 2 0
      server/src/main/java/com/alibaba/otter/canal/server/netty/handler/ClientAuthenticationHandler.java

+ 2 - 2
deployer/src/main/resources/canal_local.properties
View File 

@@ -5,8 +5,8 @@ canal.register.ip =
 
 canal.admin.manager = 127.0.0.1:8089
 
 canal.admin.port = 11110
 
 canal.admin.user = admin
 
-canal.admin.passwd = 4ACFE3202A5FF5CF467898FC58AAB1D615029441
 
+canal.admin.passwd =
 
 # admin auto register
 
 canal.admin.register.auto = true
 
 canal.admin.register.cluster =
 
-canal.admin.register.name = 
+canal.admin.register.name =

+ 2 - 0
server/src/main/java/com/alibaba/otter/canal/server/netty/handler/ClientAuthenticationHandler.java
View File 

@@ -56,12 +56,14 @@ public class ClientAuthenticationHandler extends SimpleChannelHandler {
 
                     byte[] errorBytes = NettyUtils.errorPacket(400,
 
                         MessageFormatter.format("auth failed for seed is null", clientAuth.getUsername()).getMessage());
 
                     NettyUtils.write(ctx.getChannel(), errorBytes, null);
 
+                    break;
 
                 }
 
 
                 if (!embeddedServer.auth(clientAuth.getUsername(), clientAuth.getPassword().toStringUtf8(), seed)) {
 
                     byte[] errorBytes = NettyUtils.errorPacket(400,
 
                         MessageFormatter.format("auth failed for user:{}", clientAuth.getUsername()).getMessage());
 
                     NettyUtils.write(ctx.getChannel(), errorBytes, null);
 
+                    break;
 
                 }
 
 
                 // 如果存在订阅信息