xxq250
/
homework-jianmu
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Merge branch 'enh/ipWhiteList' of https://github.com/taosdata/TDengine into enh/ipWhiteList

This commit is contained in:
yihaoDeng 2023-09-14 17:23:31 +08:00
parent a7d4547a2d
commit 02f5f4f017
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
source/dnode/mnode/impl/src/mndUser.c
View File

@ -39,6 +39,8 @@ static bool isIpRangeEqual(SIpV4Range *a, SIpV4Range *b);
void destroyIpWhiteTab(SHashObj *pIpWhiteTab); void destroyIpWhiteTab(SHashObj *pIpWhiteTab);
#define MND_MAX_USE_HOST (TSDB_PRIVILEDGE_HOST_LEN / 24)
static int32_t mndCreateDefaultUsers(SMnode *pMnode); static int32_t mndCreateDefaultUsers(SMnode *pMnode);
static SSdbRow *mndUserActionDecode(SSdbRaw *pRaw); static SSdbRow *mndUserActionDecode(SSdbRaw *pRaw);
static int32_t mndUserActionInsert(SSdb *pSdb, SUserObj *pUser); static int32_t mndUserActionInsert(SSdb *pSdb, SUserObj *pUser);
@ -66,6 +68,8 @@ typedef struct {
static SIpWhiteMgt ipWhiteMgt; static SIpWhiteMgt ipWhiteMgt;
const static SIpV4Range defaultIpRange = {.ip = 16777343, .mask = 32};
void ipWhiteMgtInit() { void ipWhiteMgtInit() {
ipWhiteMgt.pIpWhiteTab = taosHashInit(8, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), 1, HASH_ENTRY_LOCK); ipWhiteMgt.pIpWhiteTab = taosHashInit(8, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), 1, HASH_ENTRY_LOCK);
ipWhiteMgt.ver = 0; ipWhiteMgt.ver = 0;
@ -446,7 +450,6 @@ static int32_t ipRangeListToStr(SIpV4Range *range, int32_t num, char *buf) {
for (int i = 0; i < num; i++) { for (int i = 0; i < num; i++) {
char tbuf[36] = {0}; char tbuf[36] = {0};
SIpV4Range *pRange = &range[i]; SIpV4Range *pRange = &range[i];
// if (isDefaultRange(pRange)) continue;
ipRangeToStr(&range[i], tbuf); ipRangeToStr(&range[i], tbuf);
len += sprintf(buf + len, "%s,", tbuf); len += sprintf(buf + len, "%s,", tbuf);
@ -1118,7 +1121,12 @@ static int32_t mndCreateUser(SMnode *pMnode, char *acct, SCreateUserReq *pCreate
userObj.pIpWhiteList = createDefaultIpWhiteList(); userObj.pIpWhiteList = createDefaultIpWhiteList();
} else { } else {
SIpWhiteList *p = taosMemoryCalloc(1, sizeof(SIpWhiteList) + pCreate->numIpRanges * sizeof(SIpV4Range) + 1); if (pCreate->numIpRanges > MND_MAX_USE_HOST) {
terrno = TSDB_CODE_MND_TOO_MANY_USER_HOST;
return terrno;
}
SIpWhiteList *p = taosMemoryCalloc(1, sizeof(SIpWhiteList) + (pCreate->numIpRanges + 1) * sizeof(SIpV4Range));
bool localHost = false; bool localHost = false;
for (int i = 0; i < pCreate->numIpRanges; i++) { for (int i = 0; i < pCreate->numIpRanges; i++) {
p->pIpRange[i].ip = pCreate->pIpRanges[i].ip; p->pIpRange[i].ip = pCreate->pIpRanges[i].ip;
@ -1129,8 +1137,8 @@ static int32_t mndCreateUser(SMnode *pMnode, char *acct, SCreateUserReq *pCreate
} }
} }
if (localHost == false) { if (localHost == false) {
p->pIpRange[pCreate->numIpRanges].ip = 16777343; p->pIpRange[pCreate->numIpRanges].ip = defaultIpRange.ip;
p->pIpRange[pCreate->numIpRanges].mask = 32; p->pIpRange[pCreate->numIpRanges].mask = defaultIpRange.mask;
p->num = pCreate->numIpRanges + 1; p->num = pCreate->numIpRanges + 1;
} else { } else {
p->num = pCreate->numIpRanges; p->num = pCreate->numIpRanges;
@ -1704,7 +1712,7 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) {
newUser.pIpWhiteList = pNew; newUser.pIpWhiteList = pNew;
newUser.ipWhiteListVer = pUser->ipWhiteListVer + 1; newUser.ipWhiteListVer = pUser->ipWhiteListVer + 1;
if (pNew->num >= TSDB_PRIVILEDGE_HOST_LEN / 24) { if (pNew->num > MND_MAX_USE_HOST) {
terrno = TSDB_CODE_MND_TOO_MANY_USER_HOST; terrno = TSDB_CODE_MND_TOO_MANY_USER_HOST;
code = terrno; code = terrno;
goto _OVER; goto _OVER;