From 62e97c96afe7e1400eda5c085dc3619a81691638 Mon Sep 17 00:00:00 2001 From: efiacor Date: Thu, 10 Mar 2022 15:35:58 +0000 Subject: [DMAAP-DR] Fix sec hotspots Signed-off-by: efiacor Change-Id: I4fb02bd7874d51e340faec17dad985e2382234f8 Issue-ID: DMAAP-1624 --- .../src/main/java/org/onap/dmaap/datarouter/node/DeliveryTask.java | 2 +- .../src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java | 4 ++-- .../java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java | 2 +- .../src/test/java/org/onap/dmaap/datarouter/node/NodeConfigTest.java | 4 ++-- .../org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java | 1 - 5 files changed, 6 insertions(+), 7 deletions(-) diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DeliveryTask.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DeliveryTask.java index eb79b563..55ad6aa8 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DeliveryTask.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DeliveryTask.java @@ -117,7 +117,7 @@ public class DeliveryTask implements Runnable, Comparable { String header = line.substring(0, index); String headerValue = line.substring(index + 1); if ("x-dmaap-dr-routing".equalsIgnoreCase(header)) { - subid = headerValue.replaceAll("[^ ]*/", ""); + subid = headerValue.replaceAll("[^ ]*/+", ""); feedid = deliveryTaskHelper.getFeedId(subid.replaceAll(" .*", "")); } if (length == 0 && header.toLowerCase().startsWith("content-")) { diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java index 37e5db60..2c8dcdb0 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java @@ -99,14 +99,14 @@ public class NodeUtils { */ public static String getNodeAuthHdr(String node, String key) { try { - MessageDigest md = MessageDigest.getInstance("SHA"); + MessageDigest md = MessageDigest.getInstance("SHA-512"); md.update(key.getBytes()); md.update(node.getBytes()); md.update(key.getBytes()); return (getAuthHdr(node, base64Encode(md.digest()))); } catch (Exception exception) { eelfLogger - .error("Exception in generating Credentials for given node name:= " + exception.toString(), + .error("Exception in generating Credentials for given node name:= " + exception.getMessage(), exception); return (null); } diff --git a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java index 88e6e48d..e64579ed 100644 --- a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java +++ b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java @@ -133,7 +133,7 @@ public class NodeConfigManagerTest { Assert.assertFalse(nodeConfigManager.isFollowRedirects()); Assert.assertNotNull(nodeConfigManager.getTimer()); Assert.assertEquals("1", nodeConfigManager.getFeedId("1")); - Assert.assertEquals("Basic ZG1hYXAtZHItbm9kZTpsaEFUNHY2N3F3blY3QVFxV3ByMm84WXNuVjg9", nodeConfigManager.getMyAuth()); + Assert.assertEquals("Basic ZG1hYXAtZHItbm9kZTp2OStFanZpWVBXSURrazVxRlF5ZkoxSC9LdHBuYWo4K0NVTXlNL0lRRUp2UGdjOUxpU2s5ZnpKTjdFazl3SzZkaG11S1E4S3RtcC9kelpBU3BRUGZCdz09", nodeConfigManager.getMyAuth()); Assert.assertEquals(0.05, nodeConfigManager.getFreeDiskStart(), 0.0); Assert.assertEquals(0.2, nodeConfigManager.getFreeDiskStop(), 0.0); Assert.assertEquals("org.onap.dmaap-dr.feed|legacy|publish", nodeConfigManager.getPermission("legacy")); diff --git a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigTest.java b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigTest.java index 05cd0dce..6804ebfe 100644 --- a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigTest.java +++ b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigTest.java @@ -239,7 +239,7 @@ public class NodeConfigTest { @Test public void Given_Different_Ip_Then_Is_Another_Node_Returns_True() { Boolean isAnotherNode = - nodeConfig.isAnotherNode("Basic MTcyLjAuMC40OmtCTmhkWVFvbzhXNUphZ2g4T1N4Zmp6Mzl1ND0=", "172.0.0.4"); + nodeConfig.isAnotherNode("Basic MTcyLjAuMC40OjlKOEFMUEhWQ2FpZ3FnZFpMMlRMYVRKSE1QQS8wNjdjR2JhV2RaUU1XSG1MNk5KbEtBVmpPbWtoZTR6ZmVlYjJzbElNMVR0REc2b0tYb0dLSDRMa1BBPT0=", "172.0.0.4"); Assert.assertTrue(isAnotherNode); } @@ -258,6 +258,6 @@ public class NodeConfigTest { @Test public void Validate_Get_MyAuth_Returns_Correct_Auth() { String auth = nodeConfig.getMyAuth(); - Assert.assertEquals("Basic TmFtZTp6Z04wMFkyS3gybFppbXltNy94ZDhuMkdEYjA9", auth); + Assert.assertEquals("Basic TmFtZTo3YTRsQkxqMENQQ3lEbVVPaUI5Tks3b0pSeGROVUxqZzNNUHpkcEFYNHcvN09DNVR5S1hhWFA0MGR5aHhzbm90bXM4d1BGeXdHVlQ3MTJhcldXSFR1dz09", auth); } } diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java index 6049eea0..1a07ffae 100755 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java @@ -542,7 +542,6 @@ public class StatisticsServlet extends BaseServlet { intlogger.debug("Time: " + (System.currentTimeMillis() - start) + " ms"); } catch (SQLException e) { eventlogger.error("SQLException:" + e.getMessage()); - e.printStackTrace(); } catch (IOException e) { eventlogger.error("IOException - Generating JSON/CSV:" + e); } catch (JSONException e) { -- cgit 1.2.3-korg