hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-1929: Output const strings from serviceGetUser

Browse Source 
The values aren't meant to be modified by the caller.
This commit is contained in:
Markus Mäkelä
2018-08-02 23:01:44 +03:00
parent 7d6338d65b
commit b20decfe1c
10 changed files with 60 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/maxscale/service.h
View File

@ -222,7 +222,7 @@ bool serviceStartListener(SERVICE *service, const char *name);
bool serviceAddBackend(SERVICE *service, SERVER *server); bool serviceAddBackend(SERVICE *service, SERVER *server);
// Used by authenticators // Used by authenticators
int serviceGetUser(SERVICE *service, char **user, char **auth); void serviceGetUser(SERVICE *service, const char **user, const char **auth);
// Used by routers // Used by routers
const char* serviceGetWeightingParameter(SERVICE *service); const char* serviceGetWeightingParameter(SERVICE *service);

7
server/core/service.cc
View File

@ -1008,21 +1008,18 @@ bool serviceHasBackend(Service *service, SERVER *server)
} }
/** /**
* Get the service user that is used to log in to the backebd servers * Get the service user that is used to log in to the backend servers
* associated with this service. * associated with this service.
* *
* @param service The service we are setting the data for * @param service The service we are setting the data for
* @param user The user name to use for connections * @param user The user name to use for connections
* @param auth The authentication data we need, e.g. MySQL SHA1 password * @param auth The authentication data we need, e.g. MySQL SHA1 password
* @return 0 on failure
*/ */
int void serviceGetUser(SERVICE *svc, const char **user, const char **auth)
serviceGetUser(SERVICE *svc, char **user, char **auth)
{ {
Service* service = static_cast<Service*>(svc); Service* service = static_cast<Service*>(svc);
*user = service->credentials.name; *user = service->credentials.name;
*auth = service->credentials.authdata; *auth = service->credentials.authdata;
return 1;
} }
/** /**

20
server/modules/authenticator/CDCPlainAuth/cdc_plain_auth.cc
View File

@ -432,18 +432,11 @@ cdc_set_service_user(SERV_LISTENER *listener)
SERVICE *service = listener->service; SERVICE *service = listener->service;
char *dpwd = NULL; char *dpwd = NULL;
char *newpasswd = NULL; char *newpasswd = NULL;
char *service_user = NULL; const char *service_user = NULL;
char *service_passwd = NULL; const char *service_passwd = NULL;
if (serviceGetUser(service, &service_user, &service_passwd) == 0) serviceGetUser(service, &service_user, &service_passwd);
{ dpwd = decrypt_password(service_passwd);
MXS_ERROR("failed to get service user details for service %s",
service->name);
return 1;
}
dpwd = decrypt_password(service->credentials.authdata);
if (!dpwd) if (!dpwd)
{ {
@ -466,7 +459,10 @@ cdc_set_service_user(SERV_LISTENER *listener)
} }
/* add service user */ /* add service user */
(void)users_add(listener->users, service->credentials.name, newpasswd, USER_ACCOUNT_ADMIN); const char* user;
const char* password;
serviceGetUser(service, &user, &password);
users_add(listener->users, user, newpasswd, USER_ACCOUNT_ADMIN);
MXS_FREE(newpasswd); MXS_FREE(newpasswd);
MXS_FREE(dpwd); MXS_FREE(dpwd);

7
server/modules/authenticator/GSSAPI/GSSAPIAuth/gssapi_auth.cc
View File

@ -599,11 +599,14 @@ static void add_gssapi_user(sqlite3 *handle, const char *user, const char *host,
*/ */
int gssapi_auth_load_users(SERV_LISTENER *listener) int gssapi_auth_load_users(SERV_LISTENER *listener)
{ {
char *user, *pw; const char* user;
const char* password;
int rval = MXS_AUTH_LOADUSERS_ERROR; int rval = MXS_AUTH_LOADUSERS_ERROR;
GSSAPI_INSTANCE *inst = (GSSAPI_INSTANCE*)listener->auth_instance; GSSAPI_INSTANCE *inst = (GSSAPI_INSTANCE*)listener->auth_instance;
serviceGetUser(listener->service, &user, &password);
char* pw;
if (serviceGetUser(listener->service, &user, &pw) && (pw = decrypt_password(pw))) if ((pw = decrypt_password(password)))
{ {
bool no_active_servers = true; bool no_active_servers = true;

8
server/modules/authenticator/HTTPAuth/http_auth.cc
View File

@ -108,9 +108,11 @@ http_auth_authenticate(DCB *dcb)
{ {
int rval = 1; int rval = 1;
HTTP_AUTH *ses = (HTTP_AUTH*)dcb->data; HTTP_AUTH *ses = (HTTP_AUTH*)dcb->data;
char *user, *pw; const char* user;
serviceGetUser(dcb->service, &user, &pw); const char* password;
pw = decrypt_password(pw);
serviceGetUser(dcb->service, &user, &password);
char* pw = decrypt_password(password);
if (ses && strcmp(ses->user, user) == 0 && strcmp(ses->pw, pw) == 0) if (ses && strcmp(ses->user, user) == 0 && strcmp(ses->pw, pw) == 0)
{ {

19
server/modules/authenticator/MySQLAuth/dbusers.cc
View File

@ -727,14 +727,10 @@ bool check_service_permissions(SERVICE* service)
return true; return true;
} }
char *user, *password; const char* user;
const char* password;
if (serviceGetUser(service, &user, &password) == 0) serviceGetUser(service, &user, &password);
{
MXS_ERROR("[%s] Service is missing the user credentials for authentication.",
service->name);
return false;
}
char *dpasswd = decrypt_password(password); char *dpasswd = decrypt_password(password);
bool rval = false; bool rval = false;
@ -919,14 +915,11 @@ int get_users_from_server(MYSQL *con, SERVER_REF *server_ref, SERVICE *service,
*/ */
static int get_users(SERV_LISTENER *listener, bool skip_local) static int get_users(SERV_LISTENER *listener, bool skip_local)
{ {
char *service_user = NULL; const char *service_user = NULL;
char *service_passwd = NULL; const char *service_passwd = NULL;
SERVICE *service = listener->service; SERVICE *service = listener->service;
if (serviceGetUser(service, &service_user, &service_passwd) == 0) serviceGetUser(service, &service_user, &service_passwd);
{
return -1;
}
char *dpwd = decrypt_password(service_passwd); char *dpwd = decrypt_password(service_passwd);

39
server/modules/authenticator/MySQLAuth/mysql_auth.cc
View File

@ -540,37 +540,32 @@ mysql_auth_free_client_data(DCB *dcb)
*/ */
static bool add_service_user(SERV_LISTENER *port) static bool add_service_user(SERV_LISTENER *port)
{ {
char *user = NULL; const char *user = NULL;
char *pw = NULL; const char *password = NULL;
bool rval = false; bool rval = false;
if (serviceGetUser(port->service, &user, &pw)) serviceGetUser(port->service, &user, &password);
char* pw;
if ((pw = decrypt_password(password)))
{ {
pw = decrypt_password(pw); char *newpw = create_hex_sha1_sha1_passwd(pw);
if (pw) if (newpw)
{ {
char *newpw = create_hex_sha1_sha1_passwd(pw); MYSQL_AUTH *inst = (MYSQL_AUTH*)port->auth_instance;
sqlite3* handle = get_handle(inst);
if (newpw) add_mysql_user(handle, user, "%", "", "Y", newpw);
{ add_mysql_user(handle, user, "localhost", "", "Y", newpw);
MYSQL_AUTH *inst = (MYSQL_AUTH*)port->auth_instance; MXS_FREE(newpw);
sqlite3* handle = get_handle(inst); rval = true;
add_mysql_user(handle, user, "%", "", "Y", newpw);
add_mysql_user(handle, user, "localhost", "", "Y", newpw);
MXS_FREE(newpw);
rval = true;
}
MXS_FREE(pw);
}
else
{
MXS_ERROR("[%s] Failed to decrypt service user password.", port->service->name);
} }
MXS_FREE(pw);
} }
else else
{ {
MXS_ERROR("[%s] Failed to retrieve service credentials.", port->service->name); MXS_ERROR("[%s] Failed to decrypt service user password.", port->service->name);
} }
return rval; return rval;

7
server/modules/authenticator/PAM/PAMAuth/pam_instance.cc
View File

@ -185,10 +185,13 @@ int PamInstance::load_users(SERVICE* service)
const unsigned int PAM_USERS_QUERY_NUM_FIELDS = 5; const unsigned int PAM_USERS_QUERY_NUM_FIELDS = 5;
#endif #endif
char *user, *pw; const char* user;
const char* password;
serviceGetUser(service, &user, &password);
int rval = MXS_AUTH_LOADUSERS_ERROR; int rval = MXS_AUTH_LOADUSERS_ERROR;
char* pw;
if (serviceGetUser(service, &user, &pw) && (pw = decrypt_password(pw))) if ((pw = decrypt_password(password)))
{ {
for (SERVER_REF *servers = service->dbref; servers; servers = servers->next) for (SERVER_REF *servers = service->dbref; servers; servers = servers->next)
{ {

10
server/modules/routing/binlogrouter/blr.cc
View File

@ -240,9 +240,11 @@ static MXS_ROUTER* createInstance(SERVICE *service, MXS_CONFIG_PARAMETER* params
uuid_t defuuid; uuid_t defuuid;
int rc = 0; int rc = 0;
char task_name[BLRM_TASK_NAME_LEN + 1] = ""; char task_name[BLRM_TASK_NAME_LEN + 1] = "";
const char* user;
const char* password;
serviceGetUser(service, &user, &password);
if (!service->credentials.name[0] || if (!user[0] || !password[0])
!service->credentials.authdata[0])
{ {
MXS_ERROR("%s: Error: Service is missing user credentials." MXS_ERROR("%s: Error: Service is missing user credentials."
" Add the missing username or passwd parameter to the service.", " Add the missing username or passwd parameter to the service.",
@ -287,8 +289,8 @@ static MXS_ROUTER* createInstance(SERVICE *service, MXS_CONFIG_PARAMETER* params
inst->master = NULL; inst->master = NULL;
inst->client = NULL; inst->client = NULL;
inst->user = MXS_STRDUP_A(service->credentials.name); inst->user = MXS_STRDUP_A(user);
inst->password = MXS_STRDUP_A(service->credentials.authdata); inst->password = MXS_STRDUP_A(password);
inst->retry_count = 0; inst->retry_count = 0;
inst->m_errno = 0; inst->m_errno = 0;
inst->m_errmsg = NULL; inst->m_errmsg = NULL;

8
server/modules/routing/binlogrouter/test/testbinlog.cc
View File

@ -167,10 +167,12 @@ int main(int argc, char **argv)
return 1; return 1;
} }
const char* user;
const char* password;
serviceGetUser(service, &user, &password);
inst->service = service; inst->service = service;
inst->user = MXS_STRDUP_A(service->credentials.name); inst->user = MXS_STRDUP_A(user);
inst->password = MXS_STRDUP_A(service->credentials.authdata); inst->password = MXS_STRDUP_A(password);
MXS_NOTICE("testbinlog v1.0"); MXS_NOTICE("testbinlog v1.0");