hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Cache password hash results

Browse Source 
Since the user authentication stores a SHA2-512 hash of the password on
disk, caching the hash results in memory speeds up the authentication
process significantly. Storing the password on disk in plain-text form
would also speed it up but this would be quite insecure.
This commit is contained in:
Markus Mäkelä
2019-10-26 15:01:43 +03:00
parent 5d96326026
commit e82be12be9
1 changed files with 21 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
server/core/users.cc
View File

@ -272,7 +272,27 @@ private:
std::string hash(const std::string& password)
{
return mxs::crypt(password, ADMIN_SALT);
const int CACHE_MAX_SIZE = 1000;
static std::unordered_map<std::string, std::string> hash_cache;
auto it = hash_cache.find(password);
if (it != hash_cache.end())
{
return it->second;
}
else
{
if (hash_cache.size() > CACHE_MAX_SIZE)
{
auto bucket = rand() % hash_cache.bucket_count();
mxb_assert(bucket < hash_cache.bucket_count());
hash_cache.erase(hash_cache.cbegin(bucket)->first);
}
auto new_hash = mxs::crypt(password, ADMIN_SALT);
hash_cache.insert(std::make_pair(password, new_hash));
return new_hash;
}
}
std::string old_hash(const std::string& password)