yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore(sync-apps): sync emqx_auth_mnesia e4.2.3

This commit is contained in:
Zaiming Shi 2021-01-18 20:05:08 +01:00
parent a2b4e50a8d
commit 86895ddc24
5 changed files with 35 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/emqx_auth_mnesia/src/emqx_acl_mnesia_cli.erl
View File

@ -192,7 +192,7 @@ cli(_) ->
, {"acl add _all <Topic> <Action> <Access>", "Add $all acl"}
, {"acl del clientid <Clientid> <Topic>", "Delete clientid acl"}
, {"acl del username <Username> <Topic>", "Delete username acl"}
, {"acl del _all, <Topic>", "Delete $all acl"}
, {"acl del _all <Topic>", "Delete $all acl"}
]).

33
apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl
View File

@ -63,10 +63,8 @@ check(ClientInfo = #{ clientid := Clientid
emqx_metrics:inc(?AUTH_METRICS(ignore)),
ok;
List ->
case [ Hash || <<Salt:4/binary, Hash/binary>> <- lists:sort(fun emqx_auth_mnesia_cli:comparing/2, List),
Hash =:= hash(NPassword, Salt, HashType)
] of
[] ->
case match_password(NPassword, HashType, List) of
false ->
?LOG(error, "[Mnesia] Auth from mnesia failed: ~p", [ClientInfo]),
emqx_metrics:inc(?AUTH_METRICS(failure)),
{stop, AuthResult#{anonymous => false, auth_result => password_error}};
@ -78,7 +76,34 @@ check(ClientInfo = #{ clientid := Clientid
description() -> "Authentication with Mnesia".
match_password(Password, HashType, HashList) ->
lists:any(
fun(Secret) ->
case is_salt_hash(Secret, HashType) of
true ->
<<Salt:4/binary, Hash/binary>> = Secret,
Hash =:= hash(Password, Salt, HashType);
_ ->
Secret =:= hash(Password, HashType)
end
end, HashList).
hash(undefined, HashType) ->
hash(<<>>, HashType);
hash(Password, HashType) ->
emqx_passwd:hash(HashType, Password).
hash(undefined, SaltBin, HashType) ->
hash(<<>>, SaltBin, HashType);
hash(Password, SaltBin, HashType) ->
emqx_passwd:hash(HashType, <<SaltBin/binary, Password/binary>>).
is_salt_hash(_, plain) ->
true;
is_salt_hash(Secret, HashType) ->
not (byte_size(Secret) == len(HashType)).
len(md5) -> 32;
len(sha) -> 40;
len(sha256) -> 64;
len(sha512) -> 128.

2
apps/emqx_auth_mnesia/src/emqx_auth_mnesia_app.erl
View File

@ -35,7 +35,6 @@
start(_StartType, _StartArgs) ->
{ok, Sup} = emqx_auth_mnesia_sup:start_link(),
emqx_ctl:register_command(clientid, {emqx_auth_mnesia_cli, auth_clientid_cli}, []),
emqx_ctl:register_command(username, {emqx_auth_mnesia_cli, auth_username_cli}, []),
emqx_ctl:register_command(user, {emqx_auth_mnesia_cli, auth_username_cli}, []),
emqx_ctl:register_command(acl, {emqx_acl_mnesia_cli, cli}, []),
load_auth_hook(),
@ -46,7 +45,6 @@ prep_stop(State) ->
emqx:unhook('client.authenticate', fun emqx_auth_mnesia:check/3),
emqx:unhook('client.check_acl', fun emqx_acl_mnesia:check_acl/5),
emqx_ctl:unregister_command(clientid),
emqx_ctl:unregister_command(username),
emqx_ctl:unregister_command(user),
emqx_ctl:unregister_command(acl),
State.

8
apps/emqx_auth_mnesia/src/emqx_auth_mnesia_cli.erl
View File

@ -175,7 +175,7 @@ auth_username_cli(["del", Username]) ->
end;
auth_username_cli(_) ->
emqx_ctl:usage([{"users list", "List username auth rules"},
{"users add <Username> <Password>", "Add username auth rule"},
{"users update <Username> <NewPassword>", "Update username auth rule"},
{"users del <Username>", "Delete username auth rule"}]).
emqx_ctl:usage([{"user list", "List username auth rules"},
{"user add <Username> <Password>", "Add username auth rule"},
{"user update <Username> <NewPassword>", "Update username auth rule"},
{"user del <Username>", "Delete username auth rule"}]).

2
sync-apps.sh
View File

@ -78,7 +78,7 @@ extract_zip(){
mv "apps/${repo}-${vsn}/" "apps/$app/"
}
extract_zip "emqx_auth_mnesia" "e4.2.2" "e4.2.2"
extract_zip "emqx_auth_mnesia" "e4.2.3" "e4.2.3"
for app in ${apps[@]}; do
extract_zip "$app" "$default_vsn"
done