SNOW-837400: set S3 proxy default values to prevent reading from envi…

…ronment variables (#1475) set S3 proxy default values to prevent reading from environment variables
snowflakedb · Jul 18, 2023 · 9b14674 · 9b14674
1 parent 9d625df
commit 9b14674
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 0 deletions.
diff --git a/src/main/java/net/snowflake/client/jdbc/cloud/storage/StorageClientFactory.java b/src/main/java/net/snowflake/client/jdbc/cloud/storage/StorageClientFactory.java
@@ -122,6 +122,13 @@ private SnowflakeS3Client createS3Client(
     clientConfig.setMaxErrorRetry(S3_TRANSFER_MAX_RETRIES);
     clientConfig.setDisableSocketProxy(HttpUtil.isSocksProxyDisabled());
 
+    // If proxy is set via connection properties or JVM settings these will be overridden later.
+    // This is to prevent the aws client builder from reading proxy environment variables.
+    clientConfig.setProxyHost("");
+    clientConfig.setProxyPort(0);
+    clientConfig.setProxyUsername("");
+    clientConfig.setProxyPassword("");
+
     logger.debug(
         "s3 client configuration: maxConnection={}, connectionTimeout={}, "
             + "socketTimeout={}, maxErrorRetry={}",

diff --git a/src/test/java/net/snowflake/client/jdbc/cloud/storage/SnowflakeS3ClientLatestIT.java b/src/test/java/net/snowflake/client/jdbc/cloud/storage/SnowflakeS3ClientLatestIT.java
@@ -7,13 +7,16 @@
 
 import com.amazonaws.ClientConfiguration;
 import java.sql.Connection;
+import java.sql.ResultSet;
 import java.sql.SQLException;
+import java.sql.Statement;
 import net.snowflake.client.ConditionalIgnoreRule;
 import net.snowflake.client.RunningOnGithubAction;
 import net.snowflake.client.core.SFSession;
 import net.snowflake.client.core.SFStatement;
 import net.snowflake.client.jdbc.*;
 import net.snowflake.common.core.RemoteStoreFileEncryptionMaterial;
+import org.junit.Ignore;
 import org.junit.Test;
 
 public class SnowflakeS3ClientLatestIT extends BaseJDBCTest {
@@ -47,4 +50,42 @@ public void testS3Client256Encryption() throws SQLException {
       assertEquals(256, client.getEncryptionKeySize());
     }
   }
+
+  /**
+   * This is a manual test to confirm that the s3 client builder doesn't read from
+   * https_proxy/http_proxy environment variable.
+   *
+   * <p>Prerequisite: 1. Set HTTPS_PROXY/HTTP_PROXY to a proxy that won't connect i.e.
+   * HTTPS_PROXY=https://myproxy:8080
+   *
+   * <p>2. Connect to S3 host.
+   *
+   * @throws SQLException
+   */
+  @Test
+  @Ignore
+  public void testS3ConnectionWithProxyEnvVariablesSet() throws SQLException {
+    Connection connection = null;
+    String testStageName = "s3TestStage";
+    try {
+      connection = getConnection();
+      Statement statement = connection.createStatement();
+      ResultSet resultSet = statement.executeQuery("select 1");
+      assertTrue(resultSet.next());
+      statement.execute("create or replace stage " + testStageName);
+      resultSet =
+          connection
+              .createStatement()
+              .executeQuery(
+                  "PUT file://" + getFullPathFileInResource(TEST_DATA_FILE) + " @" + testStageName);
+      while (resultSet.next()) {
+        assertEquals("UPLOADED", resultSet.getString("status"));
+      }
+    } finally {
+      if (connection != null) {
+        connection.createStatement().execute("DROP STAGE if exists " + testStageName);
+        connection.close();
+      }
+    }
+  }
 }