Fix addition of admin users

The user passwords were stored in plaintext format.
2019-04-04 23:01:40 +03:00 · 2019-04-04 23:01:40 +03:00 · adba581a4d
commit adba581a4d
parent daf5f52c64
3 changed files with 13 additions and 7 deletions
--- a/server/core/adminusers.cc
+++ b/server/core/adminusers.cc
@ -432,8 +432,7 @@ bool admin_linux_account_enabled(const char* uname)
 */
 const char* admin_add_inet_user(const char* uname, const char* password, enum user_account_type type)
 {
-    auto cpassword = mxs::crypt(password, ADMIN_SALT);
-    return admin_add_user(&inet_users, INET_USERS_FILE_NAME, uname, cpassword.c_str(), type);
+    return admin_add_user(&inet_users, INET_USERS_FILE_NAME, uname, password, type);
 }

 /**
--- a/server/core/test/test_users.cc
+++ b/server/core/test/test_users.cc
@ -35,6 +35,8 @@

 #include <maxscale/users.h>

+#include "test_utils.hh"
+
 static int test1()
 {
    USERS* users;
@ -81,6 +83,7 @@ int main(int argc, char** argv)
 {
    int result = 0;

+    init_test_env(nullptr);
    result += test1();

    exit(result);
--- a/server/core/users.cc
+++ b/server/core/users.cc
@ -67,8 +67,7 @@ public:

    bool add(std::string user, std::string password, user_account_type perm)
    {
-        std::lock_guard<std::mutex> guard(m_lock);
-        return m_data.insert(std::make_pair(user, UserInfo(password, perm))).second;
+        return add_hashed(user, mxs::crypt(password, ADMIN_SALT), perm);
    }

    bool remove(std::string user)
@ -209,6 +208,11 @@ public:
    }

 private:
+    bool add_hashed(std::string user, std::string password, user_account_type perm)
+    {
+        std::lock_guard<std::mutex> guard(m_lock);
+        return m_data.insert(std::make_pair(user, UserInfo(password, perm))).second;
+    }

    static bool is_admin(const UserMap::value_type& value)
    {
@ -232,9 +236,9 @@ private:
                && password && json_is_string(password)
                && json_to_account_type(type) != USER_ACCOUNT_UNKNOWN)
            {
-                add(json_string_value(name),
-                    json_string_value(password),
-                    json_to_account_type(type));
+                add_hashed(json_string_value(name),
+                           json_string_value(password),
+                           json_to_account_type(type));
            }
            else
            {