From 406a15e7a90b39d7ed209983d1f90045bba7e0f2 Mon Sep 17 00:00:00 2001 From: Simon Willnauer Date: Wed, 21 Jun 2017 08:13:56 +0200 Subject: [PATCH] Fix settings serialization to not serialize secure settings or not take the total size into account (#25323) --- .../common/settings/Settings.java | 6 ++++-- .../common/settings/SettingsTests.java | 20 +++++++++++++++++++ 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/core/src/main/java/org/elasticsearch/common/settings/Settings.java b/core/src/main/java/org/elasticsearch/common/settings/Settings.java index f71ddccd9d3..e444dea6b79 100644 --- a/core/src/main/java/org/elasticsearch/common/settings/Settings.java +++ b/core/src/main/java/org/elasticsearch/common/settings/Settings.java @@ -610,8 +610,10 @@ public final class Settings implements ToXContent { } public static void writeSettingsToStream(Settings settings, StreamOutput out) throws IOException { - out.writeVInt(settings.size()); - for (Map.Entry entry : settings.getAsMap().entrySet()) { + // pull getAsMap() to exclude secure settings in size() + Set> entries = settings.getAsMap().entrySet(); + out.writeVInt(entries.size()); + for (Map.Entry entry : entries) { out.writeString(entry.getKey()); out.writeOptionalString(entry.getValue()); } diff --git a/core/src/test/java/org/elasticsearch/common/settings/SettingsTests.java b/core/src/test/java/org/elasticsearch/common/settings/SettingsTests.java index 9fbad982bdb..72c4aca544c 100644 --- a/core/src/test/java/org/elasticsearch/common/settings/SettingsTests.java +++ b/core/src/test/java/org/elasticsearch/common/settings/SettingsTests.java @@ -21,6 +21,8 @@ package org.elasticsearch.common.settings; import org.elasticsearch.Version; import org.elasticsearch.common.Booleans; +import org.elasticsearch.common.io.stream.BytesStreamOutput; +import org.elasticsearch.common.io.stream.StreamInput; import org.elasticsearch.common.logging.DeprecationLogger; import org.elasticsearch.common.logging.ESLoggerFactory; import org.elasticsearch.common.settings.loader.YamlSettingsLoader; @@ -590,6 +592,24 @@ public class SettingsTests extends ESTestCase { assertTrue(Settings.builder().setSecureSettings(secureSettings).build().isEmpty()); } + public void testWriteSettingsToStream() throws IOException { + BytesStreamOutput out = new BytesStreamOutput(); + MockSecureSettings secureSettings = new MockSecureSettings(); + secureSettings.setString("test.key1.foo", "somethingsecure"); + secureSettings.setString("test.key1.bar", "somethingsecure"); + secureSettings.setString("test.key2.foo", "somethingsecure"); + secureSettings.setString("test.key2.bog", "somethingsecure"); + Settings.Builder builder = Settings.builder(); + builder.put("test.key1.baz", "blah1"); + builder.setSecureSettings(secureSettings); + assertEquals(5, builder.build().size()); + Settings.writeSettingsToStream(builder.build(), out); + StreamInput in = StreamInput.wrap(out.bytes().toBytesRef().bytes); + Settings settings = Settings.readSettingsFromStream(in); + assertEquals(1, settings.size()); + assertEquals("blah1", settings.get("test.key1.baz")); + } + public void testSecureSettingConflict() { Setting setting = SecureSetting.secureString("something.secure", null); Settings settings = Settings.builder().put("something.secure", "notreallysecure").build();