Changeset: 8b5cf318bd40 for MonetDB
URL: https://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=8b5cf318bd40
Modified Files:
common/utils/msabaoth.c
monetdb5/mal/mal_authorize.c
tools/merovingian/daemon/snapshot.c
Branch: default
Log Message:
Minor changes
diffs (103 lines):
diff --git a/common/utils/msabaoth.c b/common/utils/msabaoth.c
--- a/common/utils/msabaoth.c
+++ b/common/utils/msabaoth.c
@@ -566,10 +566,11 @@ msab_registerStop(void)
}
#define SECRETFILE ".secret"
+#define SECRET_LENGTH (32)
char *
msab_pickSecret(char **generated_secret)
{
- const size_t secret_size = 32;
+ unsigned char bin_secret[SECRET_LENGTH / 2];
char *secret;
char pathbuf[FILENAME_MAX];
char *e;
@@ -587,19 +588,17 @@ msab_pickSecret(char **generated_secret)
return strdup(err);
}
- secret = malloc(secret_size + 1);
- secret[secret_size] = '\0';
-
- unsigned char *bin_secret = (unsigned char*)secret + secret_size / 2;
+ secret = malloc(SECRET_LENGTH + 1);
+ secret[SECRET_LENGTH] = '\0';
#ifdef HAVE_OPENSSL
- if (RAND_bytes(bin_secret, secret_size / 2) != 1) {
+ if (RAND_bytes(bin_secret, SECRET_LENGTH / 2) != 1) {
free(secret);
return strdup("RAND_bytes failed");
}
#else
#ifdef HAVE_COMMONCRYPTO
- if (CCRandomGenerateBytes(bin_secret, secret_size / 2) != kCCSuccess) {
+ if (CCRandomGenerateBytes(bin_secret, SECRET_LENGTH / 2) != kCCSuccess)
{
free(secret);
return strdup("CCRandomGenerateBytes failed");
}
@@ -612,7 +611,7 @@ msab_pickSecret(char **generated_secret)
#endif
#endif
- for (size_t i = 0; i < secret_size / 2; i++) {
+ for (size_t i = 0; i < SECRET_LENGTH / 2; i++) {
snprintf(
secret + 2 * i, 3,
"%02x",
@@ -634,7 +633,7 @@ msab_pickSecret(char **generated_secret)
(void)remove(pathbuf);
return strdup(err);
}
- if (fwrite(secret, 1, secret_size, f) < secret_size || fclose(f) < 0) {
+ if (fwrite(secret, 1, SECRET_LENGTH, f) < SECRET_LENGTH || fclose(f) <
0) {
char err[512];
snprintf(err, sizeof(err), "cannot write secret: %s",
strerror(errno));
@@ -815,6 +814,7 @@ msab_getSingleStatus(const char *pathbuf
(void)fclose(f);
}
+ // read the secret
do {
struct stat stb;
snprintf(buf, sizeof(buf), "%s/%s/%s", pathbuf, dbname,
SECRETFILE);
@@ -831,10 +831,10 @@ msab_getSingleStatus(const char *pathbuf
if (fread(secret, 1, len, f) != len) {
fclose(f);
free(secret);
+ break;
}
secret[len] = '\0';
sdb->secret = secret;
-
} while (0);
return sdb;
diff --git a/monetdb5/mal/mal_authorize.c b/monetdb5/mal/mal_authorize.c
--- a/monetdb5/mal/mal_authorize.c
+++ b/monetdb5/mal/mal_authorize.c
@@ -465,6 +465,9 @@ AUTHcheckCredentials(
}
free(hash);
+ /* special case: users whose name starts with '.' can authenticate using
+ * the temporary master password.
+ */
const char *master_password = GDKgetenv("master_password");
if (username[0] == '.' && master_password != NULL && master_password[0]
!= '\0') {
// first encrypt the master password as if we've just found it
diff --git a/tools/merovingian/daemon/snapshot.c
b/tools/merovingian/daemon/snapshot.c
--- a/tools/merovingian/daemon/snapshot.c
+++ b/tools/merovingian/daemon/snapshot.c
@@ -87,7 +87,7 @@ snapshot_database_to(char *dbname, char
/* Set up the connection. Connect directly to the unix domain socket */
if (stats->conns == NULL || stats->conns[0].val == NULL) {
- e = newErr("internal error: non conn");
+ e = newErr("internal error: no conn");
goto bailout;
}
conn = mapi_mapiuri(stats->conns[0].val, ".snapshot", stats->secret,
"sql");
_______________________________________________
checkin-list mailing list
checkin-list@monetdb.org
https://www.monetdb.org/mailman/listinfo/checkin-list
