hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix addition of admin users

Browse Source 
The user passwords were stored in plaintext format.
This commit is contained in:
Markus Mäkelä
2019-04-04 23:01:40 +03:00
parent daf5f52c64
commit adba581a4d
3 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/core/users.cc
View File

@ -67,8 +67,7 @@ public:
bool add(std::string user, std::string password, user_account_type perm)
{
std::lock_guard<std::mutex> guard(m_lock);
return m_data.insert(std::make_pair(user, UserInfo(password, perm))).second;
return add_hashed(user, mxs::crypt(password, ADMIN_SALT), perm);
}
bool remove(std::string user)
@ -209,6 +208,11 @@ public:
}
private:
bool add_hashed(std::string user, std::string password, user_account_type perm)
{
std::lock_guard<std::mutex> guard(m_lock);
return m_data.insert(std::make_pair(user, UserInfo(password, perm))).second;
}
static bool is_admin(const UserMap::value_type& value)
{
@ -232,9 +236,9 @@ private:
&& password && json_is_string(password)
&& json_to_account_type(type) != USER_ACCOUNT_UNKNOWN)
{
add(json_string_value(name),
json_string_value(password),
json_to_account_type(type));
add_hashed(json_string_value(name),
json_string_value(password),
json_to_account_type(type));
}
else
{