Add validation of keystore setting names #27626
Conversation
This commit restricts settings added to the keystore to have a lowercase ascii name. The java Keystore javadocs state that case sensitivity of key alias names are implementation dependent. This ensures regardless of case sensitivity in a jvm implementation, the keys will be stored as we expect.
|
Note that this problem was originally found in https://discuss.elastic.co/t/keystore-is-tampered-with-or-corrupted-now-what. Without this change, trying to add a setting name with an uppercase letter results in a corrupt keystore (the wrapper metadata does not match with the keys in the actual keystore). While we don't have any secure setting names using uppercase letters, this ensures both the keystore will not be corrupted trying to store them, and anyone creating a SecureSetting will not be fooled into thinking they can exist. |
| @@ -46,6 +46,7 @@ | |||
| private SecureSetting(String key, Property... properties) { | |||
| super(key, (String)null, null, ArrayUtils.concat(properties, FIXED_PROPERTIES, Property.class)); | |||
There was a problem hiding this comment.
How about super(KeyStoreWrapper.validateSettingName(key), ...) and make validateSettingName return key if it passes validation?
There was a problem hiding this comment.
I don't think that buys anything here, since the object will not be fully constructed until the ctor exits anyways. And it makes the semantics of the validation method a little weird (eg could it mean the return value must be used?). I'm going to keep as is but happy to discuss and modify later if you insist.
This commit restricts settings added to the keystore to have a lowercase ascii name. The java Keystore javadocs state that case sensitivity of key alias names are implementation dependent. This ensures regardless of case sensitivity in a jvm implementation, the keys will be stored as we expect.
* master: Add a new cluster setting to limit the total number of buckets returned by a request (elastic#27581) Allow index settings to be reset by wildcards (elastic#27671) Fix UpdateMappingIntegrationIT test failures Correct docs for binary fields and their default for doc values (elastic#27680) Clarify IntelliJ IDEA Jar Hell fix (elastic#27635) Add validation of keystore setting names (elastic#27626) Prevent constructing index template without patterns (elastic#27662) [DOCS] Fixed typos and broken attribute. Add support for filtering mappings fields (elastic#27603) [DOCS] Added link to upgrade guide and bumped the upgrade topic up to the top level (elastic#27621) [Geo] Add Well Known Text (WKT) Parsing Support to ShapeBuilders Fix up tests now that GeoDistance.*.calculate works (elastic#27541) [Docs] Fix parameter name (elastic#27656)
This commit restricts settings added to the keystore to have a lowercase
ascii name. The java Keystore javadocs state that case sensitivity of
key alias names are implementation dependent. This ensures regardless of
case sensitivity in a jvm implementation, the keys will be stored as we
expect.