修复hardcode password漏洞
This commit is contained in:
weiweiw
parent
33ec131668
commit
60ee0247fa
|
|
@ -204,4 +204,4 @@ aes.key=${KK_AESKEY_KEY:zhgd@bonus@zhgd@bonus@1234567890}
|
||||||
#???
|
#???
|
||||||
aes.iv=${KK_AESKEY_IV:1234567812345678}
|
aes.iv=${KK_AESKEY_IV:1234567812345678}
|
||||||
|
|
||||||
|
password.error.msg = ${PASSWORD_ERROR_MSG:password}
|
||||||
|
|
@ -76,6 +76,8 @@ public class ConfigConstants {
|
||||||
private static String aesKey;
|
private static String aesKey;
|
||||||
private static String aesIv;
|
private static String aesIv;
|
||||||
|
|
||||||
|
private static String passwordErrorMsg;
|
||||||
|
|
||||||
public static final String DEFAULT_CACHE_ENABLED = "true";
|
public static final String DEFAULT_CACHE_ENABLED = "true";
|
||||||
public static final String DEFAULT_TXT_TYPE = "txt,html,htm,asp,jsp,xml,json,properties,md,gitignore,log,java,py,c,cpp,sql,sh,bat,m,bas,prg,cmd,xbrl";
|
public static final String DEFAULT_TXT_TYPE = "txt,html,htm,asp,jsp,xml,json,properties,md,gitignore,log,java,py,c,cpp,sql,sh,bat,m,bas,prg,cmd,xbrl";
|
||||||
public static final String DEFAULT_MEDIA_TYPE = "mp3,wav,mp4,flv";
|
public static final String DEFAULT_MEDIA_TYPE = "mp3,wav,mp4,flv";
|
||||||
|
|
@ -830,4 +832,18 @@ public class ConfigConstants {
|
||||||
public static void setEncryptionProviderValue(String encryptionProvider){
|
public static void setEncryptionProviderValue(String encryptionProvider){
|
||||||
ConfigConstants.aesEncrptionProvider = encryptionProvider;}
|
ConfigConstants.aesEncrptionProvider = encryptionProvider;}
|
||||||
|
|
||||||
|
|
||||||
|
public static String getPasswordErrorMsg() {
|
||||||
|
return passwordErrorMsg;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Value("${password.error.msg:}")
|
||||||
|
public void setPasswordErrorMsg(String passwordErrorMsg) {
|
||||||
|
setPasswordErrorMsgValue(passwordErrorMsg);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static void setPasswordErrorMsgValue(String passwordErrorMsg){
|
||||||
|
ConfigConstants.passwordErrorMsg = passwordErrorMsg;}
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -50,7 +50,7 @@ import java.util.stream.IntStream;
|
||||||
public class FileHandlerService implements InitializingBean {
|
public class FileHandlerService implements InitializingBean {
|
||||||
|
|
||||||
private static final String PDF2JPG_IMAGE_FORMAT = ".jpg";
|
private static final String PDF2JPG_IMAGE_FORMAT = ".jpg";
|
||||||
private static final String PDF_PASSWORD_MSG = "password";
|
private final String pdfPwdErrorMsg = ConfigConstants.getPasswordErrorMsg();
|
||||||
private final Logger logger = LoggerFactory.getLogger(FileHandlerService.class);
|
private final Logger logger = LoggerFactory.getLogger(FileHandlerService.class);
|
||||||
private final String fileDir = ConfigConstants.getFileDir();
|
private final String fileDir = ConfigConstants.getFileDir();
|
||||||
private final CacheService cacheService;
|
private final CacheService cacheService;
|
||||||
|
|
@ -277,12 +277,12 @@ public class FileHandlerService implements InitializingBean {
|
||||||
Throwable[] throwableArray = ExceptionUtils.getThrowables(e);
|
Throwable[] throwableArray = ExceptionUtils.getThrowables(e);
|
||||||
for (Throwable throwable : throwableArray) {
|
for (Throwable throwable : throwableArray) {
|
||||||
if (throwable instanceof IOException || throwable instanceof EncryptedDocumentException) {
|
if (throwable instanceof IOException || throwable instanceof EncryptedDocumentException) {
|
||||||
if (e.getMessage().toLowerCase().contains(PDF_PASSWORD_MSG)) {
|
if (e.getMessage().toLowerCase().contains(pdfPwdErrorMsg)) {
|
||||||
pdfPassword = PDF_PASSWORD_MSG; //查询到该文件是密码文件 输出带密码的值
|
pdfPassword = pdfPwdErrorMsg; //查询到该文件是密码文件 输出带密码的值
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!PDF_PASSWORD_MSG.equals(pdfPassword)) { //该文件异常 错误原因非密码原因输出错误
|
if (!pdfPwdErrorMsg.equals(pdfPassword)) { //该文件异常 错误原因非密码原因输出错误
|
||||||
logger.error("Convert pdf exception, pdfFilePath:{}", pdfFilePath, e);
|
logger.error("Convert pdf exception, pdfFilePath:{}", pdfFilePath, e);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -292,11 +292,11 @@ public class FileHandlerService implements InitializingBean {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (usePasswordCache || !PDF_PASSWORD_MSG.equals(pdfPassword)) { //加密文件 判断是否启用缓存命令
|
if (usePasswordCache || !pdfPwdErrorMsg.equals(pdfPassword)) { //加密文件 判断是否启用缓存命令
|
||||||
this.addPdf2jpgCache(pdfFilePath, pageCount);
|
this.addPdf2jpgCache(pdfFilePath, pageCount);
|
||||||
}
|
}
|
||||||
} catch (IOException e) {
|
} catch (IOException e) {
|
||||||
if (!e.getMessage().contains(PDF_PASSWORD_MSG)) {
|
if (!e.getMessage().contains(pdfPwdErrorMsg)) {
|
||||||
logger.error("Convert pdf to jpg exception, pdfFilePath:{}", pdfFilePath, e);
|
logger.error("Convert pdf to jpg exception, pdfFilePath:{}", pdfFilePath, e);
|
||||||
}
|
}
|
||||||
throw new Exception(e);
|
throw new Exception(e);
|
||||||
|
|
@ -502,7 +502,7 @@ public class FileHandlerService implements InitializingBean {
|
||||||
if (req != null) {
|
if (req != null) {
|
||||||
String officePreviewType = req.getParameter("officePreviewType");
|
String officePreviewType = req.getParameter("officePreviewType");
|
||||||
String forceUpdatedCache = req.getParameter("forceUpdatedCache");
|
String forceUpdatedCache = req.getParameter("forceUpdatedCache");
|
||||||
String usePasswordCache = req.getParameter("usePasswordCache");
|
String useCache = req.getParameter("usePasswordCache");
|
||||||
if (StringUtils.hasText(officePreviewType)) {
|
if (StringUtils.hasText(officePreviewType)) {
|
||||||
attribute.setOfficePreviewType(officePreviewType);
|
attribute.setOfficePreviewType(officePreviewType);
|
||||||
}
|
}
|
||||||
|
|
@ -523,7 +523,7 @@ public class FileHandlerService implements InitializingBean {
|
||||||
if (StringUtils.hasText(filePassword)) {
|
if (StringUtils.hasText(filePassword)) {
|
||||||
attribute.setFilePassword(filePassword);
|
attribute.setFilePassword(filePassword);
|
||||||
}
|
}
|
||||||
if ("true".equalsIgnoreCase(usePasswordCache)) {
|
if ("true".equalsIgnoreCase(useCache)) {
|
||||||
attribute.setUsePasswordCache(true);
|
attribute.setUsePasswordCache(true);
|
||||||
}
|
}
|
||||||
String kkProxyAuthorization = req.getHeader("kk-proxy-authorization");
|
String kkProxyAuthorization = req.getHeader("kk-proxy-authorization");
|
||||||
|
|
|
||||||
|
|
@ -28,7 +28,7 @@ public class CompressFilePreviewImpl implements FilePreview {
|
||||||
private final FileHandlerService fileHandlerService;
|
private final FileHandlerService fileHandlerService;
|
||||||
private final CompressFileReader compressFileReader;
|
private final CompressFileReader compressFileReader;
|
||||||
private final OtherFilePreviewImpl otherFilePreview;
|
private final OtherFilePreviewImpl otherFilePreview;
|
||||||
private static final String Rar_PASSWORD_MSG = "password";
|
private static final String Rar_PASSWORD_MSG = ConfigConstants.getPasswordErrorMsg();
|
||||||
private static final Logger logger = org.slf4j.LoggerFactory.getLogger(CompressFileReader.class);
|
private static final Logger logger = org.slf4j.LoggerFactory.getLogger(CompressFileReader.class);
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -30,7 +30,7 @@ public class OfficeFilePreviewImpl implements FilePreview {
|
||||||
|
|
||||||
public static final String OFFICE_PREVIEW_TYPE_IMAGE = "image";
|
public static final String OFFICE_PREVIEW_TYPE_IMAGE = "image";
|
||||||
public static final String OFFICE_PREVIEW_TYPE_ALL_IMAGES = "allImages";
|
public static final String OFFICE_PREVIEW_TYPE_ALL_IMAGES = "allImages";
|
||||||
private static final String OFFICE_PASSWORD_MSG = "password";
|
private static final String OFFICE_PASSWORD_MSG = ConfigConstants.getPasswordErrorMsg();
|
||||||
|
|
||||||
private final FileHandlerService fileHandlerService;
|
private final FileHandlerService fileHandlerService;
|
||||||
private final OfficeToPdfService officeToPdfService;
|
private final OfficeToPdfService officeToPdfService;
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,7 @@ public class PdfFilePreviewImpl implements FilePreview {
|
||||||
|
|
||||||
private final FileHandlerService fileHandlerService;
|
private final FileHandlerService fileHandlerService;
|
||||||
private final OtherFilePreviewImpl otherFilePreview;
|
private final OtherFilePreviewImpl otherFilePreview;
|
||||||
private static final String PDF_PASSWORD_MSG = "password";
|
private final String pdfPwdErrorMsg = ConfigConstants.getPasswordErrorMsg();
|
||||||
public PdfFilePreviewImpl(FileHandlerService fileHandlerService, OtherFilePreviewImpl otherFilePreview) {
|
public PdfFilePreviewImpl(FileHandlerService fileHandlerService, OtherFilePreviewImpl otherFilePreview) {
|
||||||
this.fileHandlerService = fileHandlerService;
|
this.fileHandlerService = fileHandlerService;
|
||||||
this.otherFilePreview = otherFilePreview;
|
this.otherFilePreview = otherFilePreview;
|
||||||
|
|
@ -56,7 +56,7 @@ public class PdfFilePreviewImpl implements FilePreview {
|
||||||
Throwable[] throwableArray = ExceptionUtils.getThrowables(e);
|
Throwable[] throwableArray = ExceptionUtils.getThrowables(e);
|
||||||
for (Throwable throwable : throwableArray) {
|
for (Throwable throwable : throwableArray) {
|
||||||
if (throwable instanceof IOException || throwable instanceof EncryptedDocumentException) {
|
if (throwable instanceof IOException || throwable instanceof EncryptedDocumentException) {
|
||||||
if (e.getMessage().toLowerCase().contains(PDF_PASSWORD_MSG)) {
|
if (e.getMessage().toLowerCase().contains(pdfPwdErrorMsg)) {
|
||||||
model.addAttribute("needFilePassword", true);
|
model.addAttribute("needFilePassword", true);
|
||||||
return EXEL_FILE_PREVIEW_PAGE;
|
return EXEL_FILE_PREVIEW_PAGE;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -37,7 +37,7 @@ public class DownloadUtils {
|
||||||
private final static Logger logger = LoggerFactory.getLogger(DownloadUtils.class);
|
private final static Logger logger = LoggerFactory.getLogger(DownloadUtils.class);
|
||||||
private static final String fileDir = ConfigConstants.getFileDir();
|
private static final String fileDir = ConfigConstants.getFileDir();
|
||||||
private static final String URL_PARAM_FTP_USERNAME = "ftp.username";
|
private static final String URL_PARAM_FTP_USERNAME = "ftp.username";
|
||||||
private static final String URL_PARAM_FTP_PASSWORD = "ftp.password";
|
private static final String URL_PARAM_FTP_PASSWORD = "ftp."+ ConfigConstants.getPasswordErrorMsg();
|
||||||
private static final String URL_PARAM_FTP_CONTROL_ENCODING = "ftp.control.encoding";
|
private static final String URL_PARAM_FTP_CONTROL_ENCODING = "ftp.control.encoding";
|
||||||
private static final RestTemplate restTemplate = new RestTemplate();
|
private static final RestTemplate restTemplate = new RestTemplate();
|
||||||
private static final HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory();
|
private static final HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory();
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,6 @@
|
||||||
package cn.keking.utils;
|
package cn.keking.utils;
|
||||||
|
|
||||||
|
import cn.keking.config.ConfigConstants;
|
||||||
import org.apache.commons.lang3.exception.ExceptionUtils;
|
import org.apache.commons.lang3.exception.ExceptionUtils;
|
||||||
import org.apache.poi.EncryptedDocumentException;
|
import org.apache.poi.EncryptedDocumentException;
|
||||||
import org.apache.poi.extractor.ExtractorFactory;
|
import org.apache.poi.extractor.ExtractorFactory;
|
||||||
|
|
@ -18,7 +19,7 @@ import java.nio.file.Paths;
|
||||||
*/
|
*/
|
||||||
public class OfficeUtils {
|
public class OfficeUtils {
|
||||||
|
|
||||||
private static final String POI_INVALID_PASSWORD_MSG = "password";
|
private static final String POI_INVALID_PASSWORD_MSG = ConfigConstants.getPasswordErrorMsg();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 判断office(word,excel,ppt)文件是否受密码保护
|
* 判断office(word,excel,ppt)文件是否受密码保护
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue