hcq/MaxScale
hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-1929: Output const strings from serviceGetUser

Browse Source 
The values aren't meant to be modified by the caller.
This commit is contained in:
Markus Mäkelä 2018-08-02 23:01:44 +03:00
parent 7d6338d65b
commit b20decfe1c
No known key found for this signature in database
GPG Key ID: 72D48FCE664F7B19
10 changed files with 60 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/maxscale/service.h
View File

@ -222,7 +222,7 @@ bool serviceStartListener(SERVICE *service, const char *name);
bool serviceAddBackend(SERVICE *service, SERVER *server);
// Used by authenticators
int serviceGetUser(SERVICE *service, char **user, char **auth);
void serviceGetUser(SERVICE *service, const char **user, const char **auth);
// Used by routers
const char* serviceGetWeightingParameter(SERVICE *service);

7
server/core/service.cc
View File

@ -1008,21 +1008,18 @@ bool serviceHasBackend(Service *service, SERVER *server)
}
/**
* Get the service user that is used to log in to the backebd servers
* Get the service user that is used to log in to the backend servers
* associated with this service.
*
* @param service The service we are setting the data for
* @param user The user name to use for connections
* @param auth The authentication data we need, e.g. MySQL SHA1 password
* @return 0 on failure
*/
int
serviceGetUser(SERVICE *svc, char **user, char **auth)
void serviceGetUser(SERVICE *svc, const char **user, const char **auth)
{
Service* service = static_cast<Service*>(svc);
*user = service->credentials.name;
*auth = service->credentials.authdata;
return 1;
}
/**

20
server/modules/authenticator/CDCPlainAuth/cdc_plain_auth.cc
View File

@ -432,18 +432,11 @@ cdc_set_service_user(SERV_LISTENER *listener)
SERVICE *service = listener->service;
char *dpwd = NULL;
char *newpasswd = NULL;
char *service_user = NULL;
char *service_passwd = NULL;
const char *service_user = NULL;
const char *service_passwd = NULL;
if (serviceGetUser(service, &service_user, &service_passwd) == 0)
{
MXS_ERROR("failed to get service user details for service %s",
service->name);
return 1;
}
dpwd = decrypt_password(service->credentials.authdata);
serviceGetUser(service, &service_user, &service_passwd);
dpwd = decrypt_password(service_passwd);
if (!dpwd)
{
@ -466,7 +459,10 @@ cdc_set_service_user(SERV_LISTENER *listener)
}
/* add service user */
(void)users_add(listener->users, service->credentials.name, newpasswd, USER_ACCOUNT_ADMIN);
const char* user;
const char* password;
serviceGetUser(service, &user, &password);
users_add(listener->users, user, newpasswd, USER_ACCOUNT_ADMIN);
MXS_FREE(newpasswd);
MXS_FREE(dpwd);

7
server/modules/authenticator/GSSAPI/GSSAPIAuth/gssapi_auth.cc
View File

@ -599,11 +599,14 @@ static void add_gssapi_user(sqlite3 *handle, const char *user, const char *host,
*/
int gssapi_auth_load_users(SERV_LISTENER *listener)
{
char *user, *pw;
const char* user;
const char* password;
int rval = MXS_AUTH_LOADUSERS_ERROR;
GSSAPI_INSTANCE *inst = (GSSAPI_INSTANCE*)listener->auth_instance;
serviceGetUser(listener->service, &user, &password);
char* pw;
if (serviceGetUser(listener->service, &user, &pw) && (pw = decrypt_password(pw)))
if ((pw = decrypt_password(password)))
{
bool no_active_servers = true;

8
server/modules/authenticator/HTTPAuth/http_auth.cc
View File

@ -108,9 +108,11 @@ http_auth_authenticate(DCB *dcb)
{
int rval = 1;
HTTP_AUTH *ses = (HTTP_AUTH*)dcb->data;
char *user, *pw;
serviceGetUser(dcb->service, &user, &pw);
pw = decrypt_password(pw);
const char* user;
const char* password;
serviceGetUser(dcb->service, &user, &password);
char* pw = decrypt_password(password);
if (ses && strcmp(ses->user, user) == 0 && strcmp(ses->pw, pw) == 0)
{

19
server/modules/authenticator/MySQLAuth/dbusers.cc
View File

@ -727,14 +727,10 @@ bool check_service_permissions(SERVICE* service)
return true;
}
char *user, *password;
const char* user;
const char* password;
if (serviceGetUser(service, &user, &password) == 0)
{
MXS_ERROR("[%s] Service is missing the user credentials for authentication.",
service->name);
return false;
}
serviceGetUser(service, &user, &password);
char *dpasswd = decrypt_password(password);
bool rval = false;
@ -919,14 +915,11 @@ int get_users_from_server(MYSQL *con, SERVER_REF *server_ref, SERVICE *service,
*/
static int get_users(SERV_LISTENER *listener, bool skip_local)
{
char *service_user = NULL;
char *service_passwd = NULL;
const char *service_user = NULL;
const char *service_passwd = NULL;
SERVICE *service = listener->service;
if (serviceGetUser(service, &service_user, &service_passwd) == 0)
{
return -1;
}
serviceGetUser(service, &service_user, &service_passwd);
char *dpwd = decrypt_password(service_passwd);

39
server/modules/authenticator/MySQLAuth/mysql_auth.cc
View File

@ -540,37 +540,32 @@ mysql_auth_free_client_data(DCB *dcb)
*/
static bool add_service_user(SERV_LISTENER *port)
{
char *user = NULL;
char *pw = NULL;
const char *user = NULL;
const char *password = NULL;
bool rval = false;
if (serviceGetUser(port->service, &user, &pw))
serviceGetUser(port->service, &user, &password);
char* pw;
if ((pw = decrypt_password(password)))
{
pw = decrypt_password(pw);
char *newpw = create_hex_sha1_sha1_passwd(pw);
if (pw)
if (newpw)
{
char *newpw = create_hex_sha1_sha1_passwd(pw);
if (newpw)
{
MYSQL_AUTH *inst = (MYSQL_AUTH*)port->auth_instance;
sqlite3* handle = get_handle(inst);
add_mysql_user(handle, user, "%", "", "Y", newpw);
add_mysql_user(handle, user, "localhost", "", "Y", newpw);
MXS_FREE(newpw);
rval = true;
}
MXS_FREE(pw);
}
else
{
MXS_ERROR("[%s] Failed to decrypt service user password.", port->service->name);
MYSQL_AUTH *inst = (MYSQL_AUTH*)port->auth_instance;
sqlite3* handle = get_handle(inst);
add_mysql_user(handle, user, "%", "", "Y", newpw);
add_mysql_user(handle, user, "localhost", "", "Y", newpw);
MXS_FREE(newpw);
rval = true;
}
MXS_FREE(pw);
}
else
{
MXS_ERROR("[%s] Failed to retrieve service credentials.", port->service->name);
MXS_ERROR("[%s] Failed to decrypt service user password.", port->service->name);
}
return rval;

7
server/modules/authenticator/PAM/PAMAuth/pam_instance.cc
View File

@ -185,10 +185,13 @@ int PamInstance::load_users(SERVICE* service)
const unsigned int PAM_USERS_QUERY_NUM_FIELDS = 5;
#endif
char *user, *pw;
const char* user;
const char* password;
serviceGetUser(service, &user, &password);
int rval = MXS_AUTH_LOADUSERS_ERROR;
char* pw;
if (serviceGetUser(service, &user, &pw) && (pw = decrypt_password(pw)))
if ((pw = decrypt_password(password)))
{
for (SERVER_REF *servers = service->dbref; servers; servers = servers->next)
{

10
server/modules/routing/binlogrouter/blr.cc
View File

@ -240,9 +240,11 @@ static MXS_ROUTER* createInstance(SERVICE *service, MXS_CONFIG_PARAMETER* params
uuid_t defuuid;
int rc = 0;
char task_name[BLRM_TASK_NAME_LEN + 1] = "";
const char* user;
const char* password;
serviceGetUser(service, &user, &password);
if (!service->credentials.name[0] ||
!service->credentials.authdata[0])
if (!user[0] || !password[0])
{
MXS_ERROR("%s: Error: Service is missing user credentials."
" Add the missing username or passwd parameter to the service.",
@ -287,8 +289,8 @@ static MXS_ROUTER* createInstance(SERVICE *service, MXS_CONFIG_PARAMETER* params
inst->master = NULL;
inst->client = NULL;
inst->user = MXS_STRDUP_A(service->credentials.name);
inst->password = MXS_STRDUP_A(service->credentials.authdata);
inst->user = MXS_STRDUP_A(user);
inst->password = MXS_STRDUP_A(password);
inst->retry_count = 0;
inst->m_errno = 0;
inst->m_errmsg = NULL;

8
server/modules/routing/binlogrouter/test/testbinlog.cc
View File

@ -167,10 +167,12 @@ int main(int argc, char **argv)
return 1;
}
const char* user;
const char* password;
serviceGetUser(service, &user, &password);
inst->service = service;
inst->user = MXS_STRDUP_A(service->credentials.name);
inst->password = MXS_STRDUP_A(service->credentials.authdata);
inst->user = MXS_STRDUP_A(user);
inst->password = MXS_STRDUP_A(password);
MXS_NOTICE("testbinlog v1.0");