diff --git a/src/client/inc/tsclient.h b/src/client/inc/tsclient.h index cd19dae3a88b3dfbb54c0c28d6e6908ec98a82c2..6bb124847bae2a21d6696d3cf2abb4961d29718f 100644 --- a/src/client/inc/tsclient.h +++ b/src/client/inc/tsclient.h @@ -330,7 +330,7 @@ typedef struct STscObj { void * signature; void * pTimer; char user[TSDB_USER_LEN]; - char pass[TSDB_KEY_LEN]; + char pass[TSDB_PASS_LEN]; char acctId[TSDB_ACCT_ID_LEN]; char db[TSDB_ACCT_ID_LEN + TSDB_DB_NAME_LEN]; char sversion[TSDB_VERSION_LEN]; diff --git a/src/client/src/tscSQLParser.c b/src/client/src/tscSQLParser.c index 58c867d7a5fc421bea4781c1002cac88d9b09ca3..9da110ceb1644896354ead40f27f6c925bf7c0fa 100644 --- a/src/client/src/tscSQLParser.c +++ b/src/client/src/tscSQLParser.c @@ -366,7 +366,7 @@ static int32_t handlePassword(SSqlCmd* pCmd, SStrToken* pPwd) { return invalidOperationMsg(tscGetErrorMsgPayload(pCmd), msg1); } - if (pPwd->n >= TSDB_KEY_LEN) { + if (pPwd->n > TSDB_PASS_LEN - 1) { return invalidOperationMsg(tscGetErrorMsgPayload(pCmd), msg2); } diff --git a/src/client/src/tscServer.c b/src/client/src/tscServer.c index b59f7cc4db0c4e0cf6c5d2d04d5aeb1d5aa44154..4ce44fad76568063c8d8ef4184fa2002b36de0f2 100644 --- a/src/client/src/tscServer.c +++ b/src/client/src/tscServer.c @@ -1254,6 +1254,17 @@ int32_t tscBuildCreateDnodeMsg(SSqlObj *pSql, SSqlInfo *pInfo) { return TSDB_CODE_SUCCESS; } +static bool tscIsAlterCommand(char* sqlstr) { + int32_t index = 0; + + do { + SStrToken t0 = tStrGetToken(sqlstr, &index, false); + if (t0.type != TK_LP) { + return t0.type == TK_ALTER; + } + } while (1); +} + int32_t tscBuildAcctMsg(SSqlObj *pSql, SSqlInfo *pInfo) { SSqlCmd *pCmd = &pSql->cmd; pCmd->payloadLen = sizeof(SCreateAcctMsg); @@ -1295,7 +1306,12 @@ int32_t tscBuildAcctMsg(SSqlObj *pSql, SSqlInfo *pInfo) { } } - pCmd->msgType = TSDB_MSG_TYPE_CM_CREATE_ACCT; + if (tscIsAlterCommand(pSql->sqlstr)) { + pCmd->msgType = TSDB_MSG_TYPE_CM_ALTER_ACCT; + } else { + pCmd->msgType = TSDB_MSG_TYPE_CM_CREATE_ACCT; + } + return TSDB_CODE_SUCCESS; } diff --git a/src/client/src/tscSql.c b/src/client/src/tscSql.c index 2b9dda4f0b1e165bab5bcd1f482efe81fe38e590..d5eaa65761a128b05bdaf076ad726e13a54cc661 100644 --- a/src/client/src/tscSql.c +++ b/src/client/src/tscSql.c @@ -49,7 +49,7 @@ static bool validUserName(const char* user) { } static bool validPassword(const char* passwd) { - return validImpl(passwd, TSDB_KEY_LEN - 1); + return validImpl(passwd, TSDB_PASS_LEN - 1); } static SSqlObj *taosConnectImpl(const char *ip, const char *user, const char *pass, const char *auth, const char *db, @@ -64,7 +64,7 @@ static SSqlObj *taosConnectImpl(const char *ip, const char *user, const char *pa } SRpcCorEpSet corMgmtEpSet; - char secretEncrypt[32] = {0}; + char secretEncrypt[TSDB_PASS_LEN] = {0}; int secretEncryptLen = 0; if (auth == NULL) { if (!validPassword(pass)) { @@ -82,6 +82,11 @@ static SSqlObj *taosConnectImpl(const char *ip, const char *user, const char *pa terrno = TSDB_CODE_TSC_INVALID_PASS_LENGTH; return NULL; } else { + if (outlen >= TSDB_PASS_LEN) { + terrno = TSDB_CODE_TSC_INVALID_USER_LENGTH; + tscError("failed to connect DB, too long length of authentication: %s", base64); + return NULL; + } memcpy(secretEncrypt, base64, outlen); free(base64); } @@ -240,11 +245,11 @@ TAOS *taos_connect_c(const char *ip, uint8_t ipLen, const char *user, uint8_t us uint8_t passLen, const char *db, uint8_t dbLen, uint16_t port) { char ipBuf[TSDB_EP_LEN] = {0}; char userBuf[TSDB_USER_LEN] = {0}; - char passBuf[TSDB_KEY_LEN] = {0}; + char passBuf[TSDB_PASS_LEN] = {0}; char dbBuf[TSDB_DB_NAME_LEN] = {0}; strncpy(ipBuf, ip, MIN(TSDB_EP_LEN - 1, ipLen)); strncpy(userBuf, user, MIN(TSDB_USER_LEN - 1, userLen)); - strncpy(passBuf, pass, MIN(TSDB_KEY_LEN - 1, passLen)); + strncpy(passBuf, pass, MIN(TSDB_PASS_LEN - 1, passLen)); strncpy(dbBuf, db, MIN(TSDB_DB_NAME_LEN - 1, dbLen)); return taos_connect(ipBuf, userBuf, passBuf, dbBuf, port); } diff --git a/src/inc/taosdef.h b/src/inc/taosdef.h index e6613027c707b7d46aa70b3b0feb3ebea137e5f0..49086f5e75fd87294208ffe423cd87cc26232ced 100644 --- a/src/inc/taosdef.h +++ b/src/inc/taosdef.h @@ -86,7 +86,9 @@ extern const int32_t TYPE_BYTES[16]; #define TSDB_DEFAULT_USER "root" #define TSDB_DEFAULT_PASS "taosdata" -#define SHELL_MAX_PASSWORD_LEN 20 +#define TSDB_PASS_LEN 129 + +#define SHELL_MAX_PASSWORD_LEN TSDB_PASS_LEN #define TSDB_TRUE 1 #define TSDB_FALSE 0 #define TSDB_OK 0 diff --git a/src/inc/taosmsg.h b/src/inc/taosmsg.h index e5c390f9191f1aad622a9b8787d4643791c2a870..2ef646d734caa3a17fb6b61417e7658afb8b7db8 100644 --- a/src/inc/taosmsg.h +++ b/src/inc/taosmsg.h @@ -372,7 +372,7 @@ typedef struct { typedef struct { int8_t extend; char user[TSDB_USER_LEN]; - char pass[TSDB_KEY_LEN]; + char pass[TSDB_PASS_LEN]; SAcctCfg cfg; } SCreateAcctMsg, SAlterAcctMsg; @@ -384,7 +384,7 @@ typedef struct { typedef struct { int8_t extend; char user[TSDB_USER_LEN]; - char pass[TSDB_KEY_LEN]; + char pass[TSDB_PASS_LEN]; int8_t privilege; int8_t flag; } SCreateUserMsg, SAlterUserMsg; diff --git a/src/kit/shell/src/shellDarwin.c b/src/kit/shell/src/shellDarwin.c index a1413be1ce4ce6f67516fc09121115f30bbc56f0..5a33e182c8473f92f6ac0271b78a9f9c00768a50 100644 --- a/src/kit/shell/src/shellDarwin.c +++ b/src/kit/shell/src/shellDarwin.c @@ -89,7 +89,7 @@ void shellParseArgument(int argc, char *argv[], SShellArguments *arguments) { || (strncmp(argv[i], "--password", 10) == 0)) { printf("Enter password: "); taosSetConsoleEcho(false); - if (scanf("%s", g_password) > 1) { + if (scanf("%128s", g_password) > 1) { fprintf(stderr, "password read error\n"); } taosSetConsoleEcho(true); diff --git a/src/kit/shell/src/shellLinux.c b/src/kit/shell/src/shellLinux.c index 93783b205560604c9d25c9f5dc2e73a239a67b8e..a78590aab8351451585204e0540998082a54a9a7 100644 --- a/src/kit/shell/src/shellLinux.c +++ b/src/kit/shell/src/shellLinux.c @@ -186,7 +186,7 @@ static void parse_args( || (strncmp(argv[i], "--password", 10) == 0)) { printf("Enter password: "); taosSetConsoleEcho(false); - if (scanf("%20s", g_password) > 1) { + if (scanf("%128s", g_password) > 1) { fprintf(stderr, "password reading error\n"); } taosSetConsoleEcho(true); diff --git a/src/kit/shell/src/shellWindows.c b/src/kit/shell/src/shellWindows.c index 131bce04a797f7c1ad7173b6655f1e41dac8d4ec..a685498617530322e2e5f7de182c5329c5c66614 100644 --- a/src/kit/shell/src/shellWindows.c +++ b/src/kit/shell/src/shellWindows.c @@ -93,7 +93,7 @@ void shellParseArgument(int argc, char *argv[], SShellArguments *arguments) { || (strncmp(argv[i], "--password", 10) == 0)) { printf("Enter password: "); taosSetConsoleEcho(false); - if (scanf("%s", g_password) > 1) { + if (scanf("%128s", g_password) > 1) { fprintf(stderr, "password read error!\n"); } taosSetConsoleEcho(true); diff --git a/src/mnode/src/mnodeUser.c b/src/mnode/src/mnodeUser.c index b3e3ba6cd9698b08aceb86841bd858a7c6f05220..2ebe644de189ec459383122837cd82a4d37643bb 100644 --- a/src/mnode/src/mnodeUser.c +++ b/src/mnode/src/mnodeUser.c @@ -625,11 +625,18 @@ int32_t mnodeRetriveAuth(char *user, char *spi, char *encrypt, char *secret, cha mError("user:%s, failed to auth user, reason:%s", user, tstrerror(TSDB_CODE_MND_INVALID_USER)); return TSDB_CODE_MND_INVALID_USER; } else { + if (pUser->superAuth) { + SAcctObj *pAcct = mnodeGetAcct(user); + memcpy(secret, pAcct->pass, TSDB_KEY_LEN); + mnodeDecAcctRef(pAcct); + } else { + memcpy(secret, pUser->pass, TSDB_KEY_LEN); + } + *spi = 1; *encrypt = 0; *ckey = 0; - memcpy(secret, pUser->pass, TSDB_KEY_LEN); mnodeDecUserRef(pUser); mDebug("user:%s, auth info is returned", user); return TSDB_CODE_SUCCESS;