From 41a8c764974e88007dcc406ce05a81b59adf9137 Mon Sep 17 00:00:00 2001 From: xywang Date: Mon, 21 Feb 2022 22:32:18 +0800 Subject: [PATCH] [TS-229]: enhance altering password feature --- src/client/src/tscSQLParser.c | 2 +- src/client/src/tscSql.c | 2 +- src/common/inc/tglobal.h | 3 +++ src/common/src/tglobal.c | 13 +++++++++++++ src/inc/taosdef.h | 5 +++-- src/kit/shell/src/shellLinux.c | 2 +- src/mnode/src/mnodeUser.c | 9 ++++++++- 7 files changed, 30 insertions(+), 6 deletions(-) diff --git a/src/client/src/tscSQLParser.c b/src/client/src/tscSQLParser.c index fc43887653..55614f348d 100644 --- a/src/client/src/tscSQLParser.c +++ b/src/client/src/tscSQLParser.c @@ -366,7 +366,7 @@ static int32_t handlePassword(SSqlCmd* pCmd, SStrToken* pPwd) { return invalidOperationMsg(tscGetErrorMsgPayload(pCmd), msg1); } - if (pPwd->n >= TSDB_PASS_LEN) { + if (pPwd->n > tsPasswordLength) { return invalidOperationMsg(tscGetErrorMsgPayload(pCmd), msg2); } diff --git a/src/client/src/tscSql.c b/src/client/src/tscSql.c index d736c322d2..4f2cb405ce 100644 --- a/src/client/src/tscSql.c +++ b/src/client/src/tscSql.c @@ -49,7 +49,7 @@ static bool validUserName(const char* user) { } static bool validPassword(const char* passwd) { - return validImpl(passwd, TSDB_PASS_LEN - 1); + return validImpl(passwd, tsPasswordLength); } static SSqlObj *taosConnectImpl(const char *ip, const char *user, const char *pass, const char *auth, const char *db, diff --git a/src/common/inc/tglobal.h b/src/common/inc/tglobal.h index 06ed93b110..234c254a80 100644 --- a/src/common/inc/tglobal.h +++ b/src/common/inc/tglobal.h @@ -159,6 +159,9 @@ extern int32_t tsMonitorInterval; // stream extern int8_t tsEnableStream; +// password +extern int32_t tsPasswordLength; + // internal extern int8_t tsCompactMnodeWal; extern int8_t tsPrintAuth; diff --git a/src/common/src/tglobal.c b/src/common/src/tglobal.c index af92f264df..33a16b0952 100644 --- a/src/common/src/tglobal.c +++ b/src/common/src/tglobal.c @@ -204,6 +204,9 @@ int32_t tsMonitorInterval = 30; // seconds // stream int8_t tsEnableStream = 1; +// password +int32_t tsPasswordLength = TSDB_PASS_LEN - 1; + // internal int8_t tsCompactMnodeWal = 0; int8_t tsPrintAuth = 0; @@ -1302,6 +1305,16 @@ static void doInitGlobalConfig(void) { cfg.unitType = TAOS_CFG_UTYPE_NONE; taosInitConfigOption(cfg); + cfg.option = "passwordLength"; + cfg.ptr = &tsPasswordLength; + cfg.valType = TAOS_CFG_VTYPE_INT32; + cfg.cfgType = TSDB_CFG_CTYPE_B_CONFIG | TSDB_CFG_CTYPE_B_SHOW; + cfg.minValue = 1; + cfg.maxValue = TSDB_PASS_LEN - 1; + cfg.ptrLength = 0; + cfg.unitType = TAOS_CFG_UTYPE_NONE; + taosInitConfigOption(cfg); + cfg.option = "topicBinaryLen"; cfg.ptr = &tsTopicBianryLen; cfg.valType = TAOS_CFG_VTYPE_INT32; diff --git a/src/inc/taosdef.h b/src/inc/taosdef.h index 65ec8c9340..d2b1e794a4 100644 --- a/src/inc/taosdef.h +++ b/src/inc/taosdef.h @@ -86,7 +86,9 @@ extern const int32_t TYPE_BYTES[16]; #define TSDB_DEFAULT_USER "root" #define TSDB_DEFAULT_PASS "taosdata" -#define SHELL_MAX_PASSWORD_LEN 20 +#define TSDB_PASS_LEN 33 + +#define SHELL_MAX_PASSWORD_LEN TSDB_PASS_LEN #define TSDB_TRUE 1 #define TSDB_FALSE 0 #define TSDB_OK 0 @@ -221,7 +223,6 @@ do { \ #define TSDB_MAX_JSON_KEY_LEN 256 #define TSDB_MAX_JSON_KEY_MD5_LEN 16 -#define TSDB_PASS_LEN 21 #define TSDB_AUTH_LEN 16 #define TSDB_KEY_LEN 16 #define TSDB_VERSION_LEN 12 diff --git a/src/kit/shell/src/shellLinux.c b/src/kit/shell/src/shellLinux.c index 93783b2055..de906f32a3 100644 --- a/src/kit/shell/src/shellLinux.c +++ b/src/kit/shell/src/shellLinux.c @@ -186,7 +186,7 @@ static void parse_args( || (strncmp(argv[i], "--password", 10) == 0)) { printf("Enter password: "); taosSetConsoleEcho(false); - if (scanf("%20s", g_password) > 1) { + if (scanf("%32s", g_password) > 1) { fprintf(stderr, "password reading error\n"); } taosSetConsoleEcho(true); diff --git a/src/mnode/src/mnodeUser.c b/src/mnode/src/mnodeUser.c index b3e3ba6cd9..2ebe644de1 100644 --- a/src/mnode/src/mnodeUser.c +++ b/src/mnode/src/mnodeUser.c @@ -625,11 +625,18 @@ int32_t mnodeRetriveAuth(char *user, char *spi, char *encrypt, char *secret, cha mError("user:%s, failed to auth user, reason:%s", user, tstrerror(TSDB_CODE_MND_INVALID_USER)); return TSDB_CODE_MND_INVALID_USER; } else { + if (pUser->superAuth) { + SAcctObj *pAcct = mnodeGetAcct(user); + memcpy(secret, pAcct->pass, TSDB_KEY_LEN); + mnodeDecAcctRef(pAcct); + } else { + memcpy(secret, pUser->pass, TSDB_KEY_LEN); + } + *spi = 1; *encrypt = 0; *ckey = 0; - memcpy(secret, pUser->pass, TSDB_KEY_LEN); mnodeDecUserRef(pUser); mDebug("user:%s, auth info is returned", user); return TSDB_CODE_SUCCESS; -- GitLab