hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix addition of admin users

Browse Source 
The user passwords were stored in plaintext format.
This commit is contained in:
Markus Mäkelä
2019-04-04 23:01:40 +03:00
parent daf5f52c64
commit adba581a4d
3 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
server/core/adminusers.cc
View File

@ -432,8 +432,7 @@ bool admin_linux_account_enabled(const char* uname)
*/ */
const char* admin_add_inet_user(const char* uname, const char* password, enum user_account_type type) const char* admin_add_inet_user(const char* uname, const char* password, enum user_account_type type)
{ {
auto cpassword = mxs::crypt(password, ADMIN_SALT); return admin_add_user(&inet_users, INET_USERS_FILE_NAME, uname, password, type);
return admin_add_user(&inet_users, INET_USERS_FILE_NAME, uname, cpassword.c_str(), type);
} }
/** /**

3
server/core/test/test_users.cc
View File

@ -35,6 +35,8 @@
#include <maxscale/users.h> #include <maxscale/users.h>
#include "test_utils.hh"
static int test1() static int test1()
{ {
USERS* users; USERS* users;
@ -81,6 +83,7 @@ int main(int argc, char** argv)
{ {
int result = 0; int result = 0;
init_test_env(nullptr);
result += test1(); result += test1();
exit(result); exit(result);

14
server/core/users.cc
View File

@ -67,8 +67,7 @@ public:
bool add(std::string user, std::string password, user_account_type perm) bool add(std::string user, std::string password, user_account_type perm)
{ {
std::lock_guard<std::mutex> guard(m_lock); return add_hashed(user, mxs::crypt(password, ADMIN_SALT), perm);
return m_data.insert(std::make_pair(user, UserInfo(password, perm))).second;
} }
bool remove(std::string user) bool remove(std::string user)
@ -209,6 +208,11 @@ public:
} }
private: private:
bool add_hashed(std::string user, std::string password, user_account_type perm)
{
std::lock_guard<std::mutex> guard(m_lock);
return m_data.insert(std::make_pair(user, UserInfo(password, perm))).second;
}
static bool is_admin(const UserMap::value_type& value) static bool is_admin(const UserMap::value_type& value)
{ {
@ -232,9 +236,9 @@ private:
&& password && json_is_string(password) && password && json_is_string(password)
&& json_to_account_type(type) != USER_ACCOUNT_UNKNOWN) && json_to_account_type(type) != USER_ACCOUNT_UNKNOWN)
{ {
add(json_string_value(name), add_hashed(json_string_value(name),
json_string_value(password), json_string_value(password),
json_to_account_type(type)); json_to_account_type(type));
} }
else else
{ {