Merge branch 'fix-127' into feature-MAX-2

Conflicts: server/core/dbusers.c server/core/service.c server/core/users.c server/include/dbusers.h server/include/users.h server/modules/protocol/mysql_client.c server/modules/protocol/mysql_common.c
2014-02-28 12:28:14 +01:00
parent 17b328cb9a
commit 45543eceed
12 changed files with 322 additions and 79 deletions
--- a/server/modules/protocol/mysql_client.c
+++ b/server/modules/protocol/mysql_client.c
@ -29,7 +29,10 @@
 * 24/06/2013	Massimiliano Pinto	Added: fetch passwords from service users' hashtable
 * 02/09/2013	Massimiliano Pinto	Added: session refcount
 * 16/12/2013	Massimiliano Pinto	Added: client closed socket detection with recv(..., MSG_PEEK)
- * 07/02/2014   Massimiliano Pinto	Added: client IPv4 in dcb->ipv4 and inet_ntop for string representation
+ * 24/02/2014	Massimiliano Pinto	Added: on failed authentication a new users' table is loaded with time and frequency limitations
+ * 					If current user is authenticated the new users' table will replace the old one
+ * 28/02/2014   Massimiliano Pinto	Added: client IPv4 in dcb->ipv4 and inet_ntop for string representation
+ *
 */

 #include <skygw_utils.h>
@ -445,6 +448,15 @@ static int gw_mysql_do_authentication(DCB *dcb, GWBUF *queue) {
                                                username,
                                                stage1_hash);

+	/* On failed auth try to load users' table from backend database */
+	if (auth_ret != 0) {
+		if (!service_refresh_users(dcb->service)) {
+			/* Try authentication again with new repository data */
+			/* Note: if no auth client authentication will fail */
+			auth_ret = gw_check_mysql_scramble_data(dcb, auth_token, auth_token_len, protocol->scramble, sizeof(protocol->scramble), username, stage1_hash);
+		}
+	}
+
 	/* let's free the auth_token now */
 	if (auth_token)
 		free(auth_token);