From 76ac9464d5e779767fbfce94116f6e034e96337a Mon Sep 17 00:00:00 2001 From: slguan Date: Tue, 16 Jul 2019 10:31:43 +0800 Subject: [PATCH] The password is no longer stored in clear text, so you may need to reinstall the database --- src/client/src/tscSql.c | 2 +- src/inc/tutil.h | 10 ++++++++++ src/system/src/mgmtShell.c | 2 +- src/system/src/mgmtUser.c | 2 +- src/util/src/version.c | 8 ++++---- 5 files changed, 17 insertions(+), 7 deletions(-) diff --git a/src/client/src/tscSql.c b/src/client/src/tscSql.c index a8f9300..f0478d5 100644 --- a/src/client/src/tscSql.c +++ b/src/client/src/tscSql.c @@ -74,7 +74,7 @@ TAOS *taos_connect_imp(char *ip, char *user, char *pass, char *db, int port, voi pObj->signature = pObj; strncpy(pObj->user, user, TSDB_USER_LEN); - strncpy(pObj->pass, pass, TSDB_KEY_LEN); + taosEncryptPass(pass, strlen(pass), pObj->pass); pObj->mgmtPort = port ? port : tsMgmtShellPort; if (db) { diff --git a/src/inc/tutil.h b/src/inc/tutil.h index e4fa116..adeb960 100644 --- a/src/inc/tutil.h +++ b/src/inc/tutil.h @@ -16,6 +16,8 @@ #ifndef TDENGINE_TUTIL_H #define TDENGINE_TUTIL_H +#include "tmd5.h" + #ifdef __cplusplus extern "C" { #endif @@ -199,6 +201,14 @@ bool taosUcs4ToMbs(void *ucs4, int32_t ucs4_max_len, char *mbs); bool taosValidateEncodec(char *encodec); +static FORCE_INLINE void taosEncryptPass(uint8_t *inBuf, unsigned int inLen, char *target) { + MD5_CTX context; + MD5Init(&context); + MD5Update(&context, inBuf, inLen); + MD5Final(&context); + memcpy(target, context.digest, TSDB_KEY_LEN); +} + #define __sync_val_compare_and_swap_64 __sync_val_compare_and_swap #define __sync_val_compare_and_swap_32 __sync_val_compare_and_swap #define __sync_add_and_fetch_64 __sync_add_and_fetch diff --git a/src/system/src/mgmtShell.c b/src/system/src/mgmtShell.c index ef09e88..9c4e4ca 100644 --- a/src/system/src/mgmtShell.c +++ b/src/system/src/mgmtShell.c @@ -440,7 +440,7 @@ int mgmtProcessAlterUserMsg(char *pMsg, int msgLen, SConnObj *pConn) { (strcmp(pConn->pUser->user, "root") == 0)) { if ((pAlter->flag & TSDB_ALTER_USER_PASSWD) != 0) { memset(pUser->pass, 0, sizeof(pUser->pass)); - strcpy(pUser->pass, pAlter->pass); + taosEncryptPass((uint8_t *)(pAlter->pass), strlen(pAlter->pass), pUser->pass); } if ((pAlter->flag & TSDB_ALTER_USER_PRIVILEGES) != 0) { if (pAlter->privilege == 1) { // super diff --git a/src/system/src/mgmtUser.c b/src/system/src/mgmtUser.c index 4371772..da690ff 100644 --- a/src/system/src/mgmtUser.c +++ b/src/system/src/mgmtUser.c @@ -109,7 +109,7 @@ int mgmtCreateUser(SAcctObj *pAcct, char *name, char *pass) { pUser = malloc(sizeof(SUserObj)); memset(pUser, 0, sizeof(SUserObj)); strcpy(pUser->user, name); - strcpy(pUser->pass, pass); + taosEncryptPass((uint8_t *)pass, strlen(pass), pUser->pass); strcpy(pUser->acct, pAcct->user); pUser->createdTime = taosGetTimestampMs(); pUser->superAuth = 0; diff --git a/src/util/src/version.c b/src/util/src/version.c index aad6dc0..b7afb1a 100755 --- a/src/util/src/version.c +++ b/src/util/src/version.c @@ -1,4 +1,4 @@ -char version[64] = "1.6.0.0"; -char compatible_version[64] = "1.6.0.0"; -char gitinfo[128] = "82cbce3261d06ab37c3bd4786c7b2e3d2316c42a"; -char buildinfo[512] = "Built by ubuntu at 2019-07-05 18:42"; +char version[64] = "1.6.1.0"; +char compatible_version[64] = "1.6.1.0"; +char gitinfo[128] = "01eb2fd1402c952689a6874a5b1ec09fca5f4f13"; +char buildinfo[512] = "Built by ubuntu at 2019-07-16 10:18"; -- GitLab