From 1dad0c6bd8e25f59ca11fcd2dc89d45066b84d75 Mon Sep 17 00:00:00 2001
From: Minglei Jin <mljin@taosdata.com>
Date: Thu, 21 Jan 2021 17:21:28 +0800
Subject: [PATCH] [TD-2808]<fix>: fix http password len

---
 src/plugins/http/inc/httpInt.h        | 5 +++--
 src/plugins/http/src/httpAuth.c       | 8 ++++----
 src/plugins/http/src/httpGcHandle.c   | 4 ++--
 src/plugins/http/src/httpRestHandle.c | 4 ++--
 src/plugins/http/src/httpTgHandle.c   | 2 +-
 5 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/src/plugins/http/inc/httpInt.h b/src/plugins/http/inc/httpInt.h
index ac182b707b..3dac0dec93 100644
--- a/src/plugins/http/inc/httpInt.h
+++ b/src/plugins/http/inc/httpInt.h
@@ -39,7 +39,8 @@
 #define HTTP_GC_TARGET_SIZE         512
 #define HTTP_WRITE_RETRY_TIMES      500
 #define HTTP_WRITE_WAIT_TIME_MS     5
-#define HTTP_SESSION_ID_LEN         (TSDB_USER_LEN + TSDB_KEY_LEN)
+#define HTTP_PASSWORD_LEN           TSDB_UNI_LEN
+#define HTTP_SESSION_ID_LEN         (TSDB_USER_LEN + HTTP_PASSWORD_LEN)
 
 typedef enum HttpReqType {
   HTTP_REQTYPE_OTHERS = 0,
@@ -147,7 +148,7 @@ typedef struct HttpContext {
   uint8_t      parsed;
   char         ipstr[22];
   char         user[TSDB_USER_LEN];  // parsed from auth token or login message
-  char         pass[TSDB_KEY_LEN];
+  char         pass[HTTP_PASSWORD_LEN];
   TAOS *       taos;
   void *       ppContext;
   HttpSession *session;
diff --git a/src/plugins/http/src/httpAuth.c b/src/plugins/http/src/httpAuth.c
index 56da8a7089..973f69f24e 100644
--- a/src/plugins/http/src/httpAuth.c
+++ b/src/plugins/http/src/httpAuth.c
@@ -51,7 +51,7 @@ int32_t httpParseBasicAuthToken(HttpContext *pContext, char *token, int32_t len)
 
   char *password = user + 1;
   int32_t pass_len = (int32_t)((base64 + outlen) - password);
-  if (pass_len < 1 || pass_len >= TSDB_KEY_LEN) {
+  if (pass_len < 1 || pass_len >= HTTP_PASSWORD_LEN) {
     httpError("context:%p, fd:%d, basic token:%s parse password error", pContext, pContext->fd, token);
     free(base64);
     return -1;
@@ -73,7 +73,7 @@ int32_t httpParseTaosdAuthToken(HttpContext *pContext, char *token, int32_t len)
     if (base64) free(base64);
     return 01;
   }
-  if (outlen != (TSDB_USER_LEN + TSDB_KEY_LEN)) {
+  if (outlen != (TSDB_USER_LEN + HTTP_PASSWORD_LEN)) {
     httpError("context:%p, fd:%d, taosd token:%s length error", pContext, pContext->fd, token);
     free(base64);
     return -1;
@@ -103,8 +103,8 @@ int32_t httpGenTaosdAuthToken(HttpContext *pContext, char *token, int32_t maxLen
   size = sizeof(pContext->pass);
   tstrncpy(buffer + sizeof(pContext->user), pContext->pass, size);
 
-  char *encrypt = taosDesEncode(KEY_DES_4, buffer, TSDB_USER_LEN + TSDB_KEY_LEN);
-  char *base64 = base64_encode((const unsigned char *)encrypt, TSDB_USER_LEN + TSDB_KEY_LEN);
+  char *encrypt = taosDesEncode(KEY_DES_4, buffer, TSDB_USER_LEN + HTTP_PASSWORD_LEN);
+  char *base64 = base64_encode((const unsigned char *)encrypt, TSDB_USER_LEN + HTTP_PASSWORD_LEN);
 
   size_t len = strlen(base64);
   tstrncpy(token, base64, len + 1);
diff --git a/src/plugins/http/src/httpGcHandle.c b/src/plugins/http/src/httpGcHandle.c
index c21799e736..4c10249672 100644
--- a/src/plugins/http/src/httpGcHandle.c
+++ b/src/plugins/http/src/httpGcHandle.c
@@ -59,11 +59,11 @@ bool gcGetUserFromUrl(HttpContext* pContext) {
 
 bool gcGetPassFromUrl(HttpContext* pContext) {
   HttpParser* pParser = pContext->parser;
-  if (pParser->path[GC_PASS_URL_POS].pos >= TSDB_KEY_LEN || pParser->path[GC_PASS_URL_POS].pos <= 0) {
+  if (pParser->path[GC_PASS_URL_POS].pos >= HTTP_PASSWORD_LEN || pParser->path[GC_PASS_URL_POS].pos <= 0) {
     return false;
   }
 
-  tstrncpy(pContext->pass, pParser->path[GC_PASS_URL_POS].str, TSDB_KEY_LEN);
+  tstrncpy(pContext->pass, pParser->path[GC_PASS_URL_POS].str, HTTP_PASSWORD_LEN);
   return true;
 }
 
diff --git a/src/plugins/http/src/httpRestHandle.c b/src/plugins/http/src/httpRestHandle.c
index 66f1db1a54..112137b3df 100644
--- a/src/plugins/http/src/httpRestHandle.c
+++ b/src/plugins/http/src/httpRestHandle.c
@@ -72,11 +72,11 @@ bool restGetUserFromUrl(HttpContext* pContext) {
 
 bool restGetPassFromUrl(HttpContext* pContext) {
   HttpParser* pParser = pContext->parser;
-  if (pParser->path[REST_PASS_URL_POS].pos >= TSDB_KEY_LEN || pParser->path[REST_PASS_URL_POS].pos <= 0) {
+  if (pParser->path[REST_PASS_URL_POS].pos >= HTTP_PASSWORD_LEN || pParser->path[REST_PASS_URL_POS].pos <= 0) {
     return false;
   }
 
-  tstrncpy(pContext->pass, pParser->path[REST_PASS_URL_POS].str, TSDB_KEY_LEN);
+  tstrncpy(pContext->pass, pParser->path[REST_PASS_URL_POS].str, HTTP_PASSWORD_LEN);
   return true;
 }
 
diff --git a/src/plugins/http/src/httpTgHandle.c b/src/plugins/http/src/httpTgHandle.c
index 0a3ef539e3..bae8c44490 100644
--- a/src/plugins/http/src/httpTgHandle.c
+++ b/src/plugins/http/src/httpTgHandle.c
@@ -324,7 +324,7 @@ bool tgGetUserFromUrl(HttpContext *pContext) {
 
 bool tgGetPassFromUrl(HttpContext *pContext) {
   HttpParser *pParser = pContext->parser;
-  if (pParser->path[TG_PASS_URL_POS].pos >= TSDB_KEY_LEN || pParser->path[TG_PASS_URL_POS].pos <= 0) {
+  if (pParser->path[TG_PASS_URL_POS].pos >= HTTP_PASSWORD_LEN || pParser->path[TG_PASS_URL_POS].pos <= 0) {
     return false;
   }