hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-1929: Output const strings from serviceGetUser

Browse Source 
The values aren't meant to be modified by the caller.
This commit is contained in:
Markus Mäkelä
2018-08-02 23:01:44 +03:00
parent 7d6338d65b
commit b20decfe1c
10 changed files with 60 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
server/modules/authenticator/CDCPlainAuth/cdc_plain_auth.cc
View File

@ -432,18 +432,11 @@ cdc_set_service_user(SERV_LISTENER *listener)
SERVICE *service = listener->service;
char *dpwd = NULL;
char *newpasswd = NULL;
char *service_user = NULL;
char *service_passwd = NULL;
const char *service_user = NULL;
const char *service_passwd = NULL;
if (serviceGetUser(service, &service_user, &service_passwd) == 0)
{
MXS_ERROR("failed to get service user details for service %s",
service->name);
return 1;
}
dpwd = decrypt_password(service->credentials.authdata);
serviceGetUser(service, &service_user, &service_passwd);
dpwd = decrypt_password(service_passwd);
if (!dpwd)
{
@ -466,7 +459,10 @@ cdc_set_service_user(SERV_LISTENER *listener)
}
/* add service user */
(void)users_add(listener->users, service->credentials.name, newpasswd, USER_ACCOUNT_ADMIN);
const char* user;
const char* password;
serviceGetUser(service, &user, &password);
users_add(listener->users, user, newpasswd, USER_ACCOUNT_ADMIN);
MXS_FREE(newpasswd);
MXS_FREE(dpwd);

7
server/modules/authenticator/GSSAPI/GSSAPIAuth/gssapi_auth.cc
View File

@ -599,11 +599,14 @@ static void add_gssapi_user(sqlite3 *handle, const char *user, const char *host,
*/
int gssapi_auth_load_users(SERV_LISTENER *listener)
{
char *user, *pw;
const char* user;
const char* password;
int rval = MXS_AUTH_LOADUSERS_ERROR;
GSSAPI_INSTANCE *inst = (GSSAPI_INSTANCE*)listener->auth_instance;
serviceGetUser(listener->service, &user, &password);
char* pw;
if (serviceGetUser(listener->service, &user, &pw) && (pw = decrypt_password(pw)))
if ((pw = decrypt_password(password)))
{
bool no_active_servers = true;

8
server/modules/authenticator/HTTPAuth/http_auth.cc
View File

@ -108,9 +108,11 @@ http_auth_authenticate(DCB *dcb)
{
int rval = 1;
HTTP_AUTH *ses = (HTTP_AUTH*)dcb->data;
char *user, *pw;
serviceGetUser(dcb->service, &user, &pw);
pw = decrypt_password(pw);
const char* user;
const char* password;
serviceGetUser(dcb->service, &user, &password);
char* pw = decrypt_password(password);
if (ses && strcmp(ses->user, user) == 0 && strcmp(ses->pw, pw) == 0)
{

19
server/modules/authenticator/MySQLAuth/dbusers.cc
View File

@ -727,14 +727,10 @@ bool check_service_permissions(SERVICE* service)
return true;
}
char *user, *password;
const char* user;
const char* password;
if (serviceGetUser(service, &user, &password) == 0)
{
MXS_ERROR("[%s] Service is missing the user credentials for authentication.",
service->name);
return false;
}
serviceGetUser(service, &user, &password);
char *dpasswd = decrypt_password(password);
bool rval = false;
@ -919,14 +915,11 @@ int get_users_from_server(MYSQL *con, SERVER_REF *server_ref, SERVICE *service,
*/
static int get_users(SERV_LISTENER *listener, bool skip_local)
{
char *service_user = NULL;
char *service_passwd = NULL;
const char *service_user = NULL;
const char *service_passwd = NULL;
SERVICE *service = listener->service;
if (serviceGetUser(service, &service_user, &service_passwd) == 0)
{
return -1;
}
serviceGetUser(service, &service_user, &service_passwd);
char *dpwd = decrypt_password(service_passwd);

39
server/modules/authenticator/MySQLAuth/mysql_auth.cc
View File

@ -540,37 +540,32 @@ mysql_auth_free_client_data(DCB *dcb)
*/
static bool add_service_user(SERV_LISTENER *port)
{
char *user = NULL;
char *pw = NULL;
const char *user = NULL;
const char *password = NULL;
bool rval = false;
if (serviceGetUser(port->service, &user, &pw))
serviceGetUser(port->service, &user, &password);
char* pw;
if ((pw = decrypt_password(password)))
{
pw = decrypt_password(pw);
char *newpw = create_hex_sha1_sha1_passwd(pw);
if (pw)
if (newpw)
{
char *newpw = create_hex_sha1_sha1_passwd(pw);
if (newpw)
{
MYSQL_AUTH *inst = (MYSQL_AUTH*)port->auth_instance;
sqlite3* handle = get_handle(inst);
add_mysql_user(handle, user, "%", "", "Y", newpw);
add_mysql_user(handle, user, "localhost", "", "Y", newpw);
MXS_FREE(newpw);
rval = true;
}
MXS_FREE(pw);
}
else
{
MXS_ERROR("[%s] Failed to decrypt service user password.", port->service->name);
MYSQL_AUTH *inst = (MYSQL_AUTH*)port->auth_instance;
sqlite3* handle = get_handle(inst);
add_mysql_user(handle, user, "%", "", "Y", newpw);
add_mysql_user(handle, user, "localhost", "", "Y", newpw);
MXS_FREE(newpw);
rval = true;
}
MXS_FREE(pw);
}
else
{
MXS_ERROR("[%s] Failed to retrieve service credentials.", port->service->name);
MXS_ERROR("[%s] Failed to decrypt service user password.", port->service->name);
}
return rval;

7
server/modules/authenticator/PAM/PAMAuth/pam_instance.cc
View File

@ -185,10 +185,13 @@ int PamInstance::load_users(SERVICE* service)
const unsigned int PAM_USERS_QUERY_NUM_FIELDS = 5;
#endif
char *user, *pw;
const char* user;
const char* password;
serviceGetUser(service, &user, &password);
int rval = MXS_AUTH_LOADUSERS_ERROR;
char* pw;
if (serviceGetUser(service, &user, &pw) && (pw = decrypt_password(pw)))
if ((pw = decrypt_password(password)))
{
for (SERVER_REF *servers = service->dbref; servers; servers = servers->next)
{