File fix-CVE-2022-31008-3.patch of Package rabbitmq-server

Overview Repositories Revisions Requests Users Attributes Meta

File fix-CVE-2022-31008-3.patch of Package rabbitmq-server

From b175647f47398efc311026f8b1f13dcb994f92d9 Mon Sep 17 00:00:00 2001
From: Michael Klishin <michael@clojurewerkz.org>
Date: Thu, 19 May 2022 16:53:29 +0400
Subject: [PATCH] Resolve conflicts

---
 deps/rabbit/Makefile                          | 14 +---
 .../src/rabbit_prelaunch_conf.erl             | 68 -------------------
 .../src/rabbit_prelaunch_dist.erl             | 10 ++-
 4 files changed, 6 insertions(+), 100 deletions(-)

Index: rabbitmq-server-3.8.11/deps/rabbit/Makefile
===================================================================
--- rabbitmq-server-3.8.11.orig/deps/rabbit/Makefile
+++ rabbitmq-server-3.8.11/deps/rabbit/Makefile
@@ -118,20 +118,8 @@ define PROJECT_ENV
 	    {writer_gc_threshold, 1000000000},
 	    %% interval at which connection/channel tracking executes post operations
 	    {tracking_execution_timeout, 15000},
-<<<<<<< HEAD
-        {track_auth_attempt_source, false}
-=======
-	    {stream_messages_soft_limit, 256},
-      {track_auth_attempt_source, false},
-<<<<<<< HEAD
-			{credentials_obfuscation_fallback_secret, <<"nocookie">>},
-      {dead_letter_worker_consumer_prefetch, 32},
-      {dead_letter_worker_publisher_confirm_timeout, 180000}
->>>>>>> 8b67133dd2 (implement fallback secret for credentials obfuscation)
->>>>>>> fe1e1668a2 (implement fallback secret for credentials obfuscation)
-=======
+	    {track_auth_attempt_source, false},
 			{credentials_obfuscation_fallback_secret, <<"nocookie">>}
->>>>>>> eaa0d85e95 (Resolve conflicts)
 	  ]
 endef
 
Index: rabbitmq-server-3.8.11/deps/rabbit/apps/rabbitmq_prelaunch/src/rabbit_prelaunch_conf.erl
===================================================================
--- rabbitmq-server-3.8.11.orig/deps/rabbit/apps/rabbitmq_prelaunch/src/rabbit_prelaunch_conf.erl
+++ rabbitmq-server-3.8.11/deps/rabbit/apps/rabbitmq_prelaunch/src/rabbit_prelaunch_conf.erl
@@ -66,16 +66,9 @@ setup(Context) ->
                     #{config_files => [],
                       config_advanced_file => undefined}
             end,
-<<<<<<< HEAD
     ok = override_with_hard_coded_critical_config(),
-    ok = set_credentials_obfuscation_secret(),
     rabbit_log_prelaunch:debug(
       "Saving config state to application env: ~p", [State]),
-=======
-    ?LOG_DEBUG(
-      "Saving config state to application env: ~p", [State],
-      #{domain => ?RMQLOG_DOMAIN_PRELAUNCH}),
->>>>>>> fe1e1668a2 (implement fallback secret for credentials obfuscation)
     store_config_state(State).
 
 store_config_state(ConfigState) ->
@@ -385,46 +378,6 @@ apply_app_env_vars(App, [{Var, Value} |
 apply_app_env_vars(_, []) ->
     ok.
 
-<<<<<<< HEAD
-<<<<<<< HEAD
-set_credentials_obfuscation_secret() ->
-    rabbit_log_prelaunch:debug(
-      "Refreshing credentials obfuscation configuration from env: ~p",
-      [application:get_all_env(credentials_obfuscation)]),
-    ok = credentials_obfuscation:refresh_config(),
-    CookieBin = rabbit_data_coercion:to_binary(erlang:get_cookie()),
-    rabbit_log_prelaunch:debug(
-      "Setting credentials obfuscation secret to '~s'", [CookieBin]),
-    ok = credentials_obfuscation:set_secret(CookieBin).
-=======
-log_app_env_var(password = Var, _) ->
-    ?LOG_DEBUG("    - ~s = ********", [Var],
-               #{domain => ?RMQLOG_DOMAIN_PRELAUNCH});
-log_app_env_var(Var, Value) when is_list(Value) ->
-    %% To redact sensitive entries,
-    %% e.g. {password,"********"} for stream replication over TLS
-    Redacted = redact_env_var(Value),
-    ?LOG_DEBUG("    - ~s = ~p", [Var, Redacted],
-               #{domain => ?RMQLOG_DOMAIN_PRELAUNCH});
-log_app_env_var(Var, Value) ->
-    ?LOG_DEBUG("    - ~s = ~p", [Var, Value],
-               #{domain => ?RMQLOG_DOMAIN_PRELAUNCH}).
-
-redact_env_var(Value) when is_list(Value) ->
-    redact_env_var(Value, []);
-redact_env_var(Value) ->
-    Value.
-
-redact_env_var([], Acc) ->
-    lists:reverse(Acc);
-redact_env_var([{password, _Value} | Rest], Acc) ->
-    redact_env_var(Rest, Acc ++ [{password, "********"}]);
-redact_env_var([AppVar | Rest], Acc) ->
-    redact_env_var(Rest, [AppVar | Acc]).
->>>>>>> 8b67133dd2 (implement fallback secret for credentials obfuscation)
-
-=======
->>>>>>> eaa0d85e95 (Resolve conflicts)
 %% -------------------------------------------------------------------
 %% Config decryption.
 %% -------------------------------------------------------------------
Index: rabbitmq-server-3.8.11/deps/rabbit/apps/rabbitmq_prelaunch/src/rabbit_prelaunch_dist.erl
===================================================================
--- rabbitmq-server-3.8.11.orig/deps/rabbit/apps/rabbitmq_prelaunch/src/rabbit_prelaunch_dist.erl
+++ rabbitmq-server-3.8.11/deps/rabbit/apps/rabbitmq_prelaunch/src/rabbit_prelaunch_dist.erl
@@ -106,15 +106,13 @@ dist_port_use_check_fail(Port, Host) ->
     end.
 
 set_credentials_obfuscation_secret() ->
-    ?LOG_DEBUG(
+    _ = rabbit_log_prelaunch:debug(
         "Refreshing credentials obfuscation configuration from env: ~p",
-        [application:get_all_env(credentials_obfuscation)],
-        #{domain => ?RMQLOG_DOMAIN_PRELAUNCH}),
+        [application:get_all_env(credentials_obfuscation)]),
     ok = credentials_obfuscation:refresh_config(),
     CookieBin = rabbit_data_coercion:to_binary(erlang:get_cookie()),
-    ?LOG_DEBUG(
-        "Setting credentials obfuscation secret to '~s'", [CookieBin],
-        #{domain => ?RMQLOG_DOMAIN_PRELAUNCH}),
+    _ = rabbit_log_prelaunch:debug(
+        "Setting credentials obfuscation secret to '~s'", [CookieBin]),
     ok = credentials_obfuscation:set_secret(CookieBin),
     Fallback = application:get_env(rabbit, 
                                    credentials_obfuscation_fallback_secret,

Places

File fix-CVE-2022-31008-3.patch of Package rabbitmq-server

Places