From 09062a9ce70da532cdc1f07d9923068f73a82ed6 Mon Sep 17 00:00:00 2001
From: Shengliang Guan <slguan@taosdata.com>
Date: Sun, 23 Jan 2022 19:50:18 +0800
Subject: [PATCH] check user password

---
 source/client/src/clientEnv.c                  |  2 +-
 source/dnode/mgmt/impl/src/dndTransport.c      | 14 ++++++--------
 source/dnode/mgmt/impl/test/sut/src/client.cpp |  6 +++---
 source/dnode/mnode/impl/src/mndAuth.c          |  2 +-
 source/dnode/mnode/impl/src/mndUser.c          | 11 ++++++-----
 source/dnode/mnode/sdb/src/sdbHash.c           |  1 +
 source/libs/executor/src/executorimpl.c        |  2 +-
 tools/shell/src/backup/tnettest.c              |  4 ++--
 8 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/source/client/src/clientEnv.c b/source/client/src/clientEnv.c
index d2696fb355..0780593e7e 100644
--- a/source/client/src/clientEnv.c
+++ b/source/client/src/clientEnv.c
@@ -110,7 +110,7 @@ void* openTransporter(const char *user, const char *auth, int32_t numOfThread) {
   rpcInit.user = (char *)user;
   rpcInit.idleTime = tsShellActivityTimer * 1000;
   rpcInit.ckey = "key";
-//  rpcInit.spi = 1;
+  rpcInit.spi = 1;
   rpcInit.secret = (char *)auth;
 
   void* pDnodeConn = rpcOpen(&rpcInit);
diff --git a/source/dnode/mgmt/impl/src/dndTransport.c b/source/dnode/mgmt/impl/src/dndTransport.c
index cd78c33bfe..79464347f0 100644
--- a/source/dnode/mgmt/impl/src/dndTransport.c
+++ b/source/dnode/mgmt/impl/src/dndTransport.c
@@ -182,8 +182,8 @@ static int32_t dndInitClient(SDnode *pDnode) {
   rpcInit.spi = 1;
   rpcInit.parent = pDnode;
 
-  char pass[TSDB_PASSWORD_LEN] = {0};
-  taosEncryptPass((uint8_t *)(INTERNAL_SECRET), strlen(INTERNAL_SECRET), pass);
+  char pass[TSDB_PASSWORD_LEN + 1] = {0};
+  taosEncryptPass_c((uint8_t *)(INTERNAL_SECRET), strlen(INTERNAL_SECRET), pass);
   rpcInit.secret = pass;
 
   pMgmt->clientRpc = rpcOpen(&rpcInit);
@@ -260,18 +260,16 @@ static void dndSendMsgToMnodeRecv(SDnode *pDnode, SRpcMsg *pRpcMsg, SRpcMsg *pRp
 
 static int32_t dndAuthInternalReq(SDnode *pDnode, char *user, char *spi, char *encrypt, char *secret, char *ckey) {
   if (strcmp(user, INTERNAL_USER) == 0) {
-    // A simple temporary implementation
-    char pass[TSDB_PASSWORD_LEN] = {0};
-    taosEncryptPass((uint8_t *)(INTERNAL_SECRET), strlen(INTERNAL_SECRET), pass);
+    char pass[TSDB_PASSWORD_LEN + 1] = {0};
+    taosEncryptPass_c((uint8_t *)(INTERNAL_SECRET), strlen(INTERNAL_SECRET), pass);
     memcpy(secret, pass, TSDB_PASSWORD_LEN);
     *spi = 1;
     *encrypt = 0;
     *ckey = 0;
     return 0;
   } else if (strcmp(user, TSDB_NETTEST_USER) == 0) {
-    // A simple temporary implementation
-    char pass[TSDB_PASSWORD_LEN] = {0};
-    taosEncryptPass((uint8_t *)(TSDB_NETTEST_USER), strlen(TSDB_NETTEST_USER), pass);
+    char pass[TSDB_PASSWORD_LEN + 1] = {0};
+    taosEncryptPass_c((uint8_t *)(TSDB_NETTEST_USER), strlen(TSDB_NETTEST_USER), pass);
     memcpy(secret, pass, TSDB_PASSWORD_LEN);
     *spi = 1;
     *encrypt = 0;
diff --git a/source/dnode/mgmt/impl/test/sut/src/client.cpp b/source/dnode/mgmt/impl/test/sut/src/client.cpp
index fd5dcd77d9..3d61db8268 100644
--- a/source/dnode/mgmt/impl/test/sut/src/client.cpp
+++ b/source/dnode/mgmt/impl/test/sut/src/client.cpp
@@ -27,8 +27,8 @@ void TestClient::SetRpcRsp(SRpcMsg* pRsp) { this->pRsp = pRsp; };
 tsem_t* TestClient::GetSem() { return &sem; }
 
 bool TestClient::Init(const char* user, const char* pass, const char* fqdn, uint16_t port) {
-  char secretEncrypt[TSDB_PASSWORD_LEN] = {0};
-  taosEncryptPass((uint8_t*)pass, strlen(pass), secretEncrypt);
+  char secretEncrypt[TSDB_PASSWORD_LEN + 1] = {0};
+  taosEncryptPass_c((uint8_t*)pass, strlen(pass), secretEncrypt);
 
   SRpcInit rpcInit;
   memset(&rpcInit, 0, sizeof(rpcInit));
@@ -42,7 +42,7 @@ bool TestClient::Init(const char* user, const char* pass, const char* fqdn, uint
   rpcInit.ckey = (char*)"key";
   rpcInit.parent = this;
   rpcInit.secret = (char*)secretEncrypt;
-  // rpcInit.spi = 1;
+  rpcInit.spi = 1;
 
   clientRpc = rpcOpen(&rpcInit);
   ASSERT(clientRpc);
diff --git a/source/dnode/mnode/impl/src/mndAuth.c b/source/dnode/mnode/impl/src/mndAuth.c
index 15d2734841..44a5836bd6 100644
--- a/source/dnode/mnode/impl/src/mndAuth.c
+++ b/source/dnode/mnode/impl/src/mndAuth.c
@@ -34,7 +34,7 @@ int32_t mndRetriveAuth(SMnode *pMnode, char *user, char *spi, char *encrypt, cha
     return -1;
   }
 
-  *spi = 0;
+  *spi = 1;
   *encrypt = 0;
   *ckey = 0;
 
diff --git a/source/dnode/mnode/impl/src/mndUser.c b/source/dnode/mnode/impl/src/mndUser.c
index ad378953eb..c36e128893 100644
--- a/source/dnode/mnode/impl/src/mndUser.c
+++ b/source/dnode/mnode/impl/src/mndUser.c
@@ -60,9 +60,9 @@ void mndCleanupUser(SMnode *pMnode) {}
 
 static int32_t mndCreateDefaultUser(SMnode *pMnode, char *acct, char *user, char *pass) {
   SUserObj userObj = {0};
+  taosEncryptPass_c((uint8_t *)pass, strlen(pass), userObj.pass);
   tstrncpy(userObj.user, user, TSDB_USER_LEN);
   tstrncpy(userObj.acct, acct, TSDB_USER_LEN);
-  taosEncryptPass((uint8_t *)pass, strlen(pass), userObj.pass);
   userObj.createdTime = taosGetTimestampMs();
   userObj.updateTime = userObj.createdTime;
 
@@ -202,7 +202,7 @@ SUserObj *mndAcquireUser(SMnode *pMnode, char *userName) {
   SSdb     *pSdb = pMnode->pSdb;
   SUserObj *pUser = sdbAcquire(pSdb, SDB_USER, userName);
   if (pUser == NULL) {
-    terrno = TSDB_CODE_MND_DB_NOT_EXIST;
+    terrno = TSDB_CODE_MND_USER_NOT_EXIST;
   }
   return pUser;
 }
@@ -214,9 +214,9 @@ void mndReleaseUser(SMnode *pMnode, SUserObj *pUser) {
 
 static int32_t mndCreateUser(SMnode *pMnode, char *acct, char *user, char *pass, SMnodeMsg *pReq) {
   SUserObj userObj = {0};
+  taosEncryptPass_c((uint8_t *)pass, strlen(pass), userObj.pass);
   tstrncpy(userObj.user, user, TSDB_USER_LEN);
   tstrncpy(userObj.acct, acct, TSDB_USER_LEN);
-  taosEncryptPass((uint8_t *)pass, strlen(pass), userObj.pass);
   userObj.createdTime = taosGetTimestampMs();
   userObj.updateTime = userObj.createdTime;
   userObj.superUser = 0;
@@ -351,8 +351,9 @@ static int32_t mndProcessAlterUserReq(SMnodeMsg *pReq) {
 
   SUserObj newUser = {0};
   memcpy(&newUser, pUser, sizeof(SUserObj));
-  memset(pUser->pass, 0, sizeof(pUser->pass));
-  taosEncryptPass((uint8_t *)pAlter->pass, strlen(pAlter->pass), pUser->pass);
+  char pass[TSDB_PASSWORD_LEN + 1] = {0};
+  taosEncryptPass_c((uint8_t *)pAlter->pass, strlen(pAlter->pass), pass);
+  memcpy(pUser->pass, pass, TSDB_PASSWORD_LEN);
   newUser.updateTime = taosGetTimestampMs();
 
   int32_t code = mndUpdateUser(pMnode, pUser, &newUser, pReq);
diff --git a/source/dnode/mnode/sdb/src/sdbHash.c b/source/dnode/mnode/sdb/src/sdbHash.c
index a9267b0ea3..62472c8c8e 100644
--- a/source/dnode/mnode/sdb/src/sdbHash.c
+++ b/source/dnode/mnode/sdb/src/sdbHash.c
@@ -152,6 +152,7 @@ static int32_t sdbInsertRow(SSdb *pSdb, SHashObj *hash, SSdbRaw *pRaw, SSdbRow *
   if (insertFp != NULL) {
     code = (*insertFp)(pSdb, pRow->pObj);
     if (code != 0) {
+      code = terrno;
       taosWLockLatch(pLock);
       taosHashRemove(hash, pRow->pObj, keySize);
       taosWUnLockLatch(pLock);
diff --git a/source/libs/executor/src/executorimpl.c b/source/libs/executor/src/executorimpl.c
index 4ce652f5fd..2645b3eac8 100644
--- a/source/libs/executor/src/executorimpl.c
+++ b/source/libs/executor/src/executorimpl.c
@@ -5302,7 +5302,7 @@ SOperatorInfo* createExchangeOperatorInfo(const SArray* pSources, const SArray*
     rpcInit.user = (char *)"root";
     rpcInit.idleTime = tsShellActivityTimer * 1000;
     rpcInit.ckey = "key";
-//  rpcInit.spi = 1;
+    rpcInit.spi = 1;
     rpcInit.secret = (char *)"dcc5bed04851fec854c035b2e40263b6";
 
     pInfo->pTransporter = rpcOpen(&rpcInit);
diff --git a/tools/shell/src/backup/tnettest.c b/tools/shell/src/backup/tnettest.c
index 7b5dbd2405..be8714387f 100644
--- a/tools/shell/src/backup/tnettest.c
+++ b/tools/shell/src/backup/tnettest.c
@@ -319,7 +319,7 @@ void *taosNetInitRpc(char *secretEncrypt, char spi) {
 
   char user[] = "nettestinternal";
   char pass[] = "nettestinternal";
-  taosEncryptPass((uint8_t *)pass, strlen(pass), secretEncrypt);
+  taosEncryptPass_c((uint8_t *)pass, strlen(pass), secretEncrypt);
 
   memset(&rpcInit, 0, sizeof(rpcInit));
   rpcInit.localPort = 0;
@@ -344,7 +344,7 @@ static int32_t taosNetCheckRpc(const char* serverFqdn, uint16_t port, uint16_t p
   SRpcMsg   rspMsg;
   void *    pRpcConn;
 
-  char secretEncrypt[32] = {0};
+  char secretEncrypt[TSDB_PASSWORD_LEN + 1] = {0};
 
   pRpcConn = taosNetInitRpc(secretEncrypt, spi);
   if (NULL == pRpcConn) {
-- 
GitLab