xxq250
/
homework-jianmu
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Merge pull request #4982 from taosdata/fix/TD-2808 

[TD-2808]<fix>: fix http password len
This commit is contained in:
huili 2021-01-21 18:56:33 +08:00 committed by GitHub
parent 4e1c533330 1dad0c6bd8
commit 07484b65cb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/plugins/http/inc/httpInt.h
View File

@ -39,7 +39,8 @@
#define HTTP_GC_TARGET_SIZE 512 #define HTTP_GC_TARGET_SIZE 512
#define HTTP_WRITE_RETRY_TIMES 500 #define HTTP_WRITE_RETRY_TIMES 500
#define HTTP_WRITE_WAIT_TIME_MS 5 #define HTTP_WRITE_WAIT_TIME_MS 5
#define HTTP_SESSION_ID_LEN (TSDB_USER_LEN + TSDB_KEY_LEN) #define HTTP_PASSWORD_LEN TSDB_UNI_LEN
#define HTTP_SESSION_ID_LEN (TSDB_USER_LEN + HTTP_PASSWORD_LEN)
typedef enum HttpReqType { typedef enum HttpReqType {
HTTP_REQTYPE_OTHERS = 0, HTTP_REQTYPE_OTHERS = 0,
@ -147,7 +148,7 @@ typedef struct HttpContext {
uint8_t parsed; uint8_t parsed;
char ipstr[22]; char ipstr[22];
char user[TSDB_USER_LEN]; // parsed from auth token or login message char user[TSDB_USER_LEN]; // parsed from auth token or login message
char pass[TSDB_KEY_LEN]; char pass[HTTP_PASSWORD_LEN];
TAOS * taos; TAOS * taos;
void * ppContext; void * ppContext;
HttpSession *session; HttpSession *session;

8
src/plugins/http/src/httpAuth.c
View File

@ -51,7 +51,7 @@ int32_t httpParseBasicAuthToken(HttpContext *pContext, char *token, int32_t len)
char *password = user + 1; char *password = user + 1;
int32_t pass_len = (int32_t)((base64 + outlen) - password); int32_t pass_len = (int32_t)((base64 + outlen) - password);
if (pass_len < 1 || pass_len >= TSDB_KEY_LEN) { if (pass_len < 1 || pass_len >= HTTP_PASSWORD_LEN) {
httpError("context:%p, fd:%d, basic token:%s parse password error", pContext, pContext->fd, token); httpError("context:%p, fd:%d, basic token:%s parse password error", pContext, pContext->fd, token);
free(base64); free(base64);
return -1; return -1;
@ -73,7 +73,7 @@ int32_t httpParseTaosdAuthToken(HttpContext *pContext, char *token, int32_t len)
if (base64) free(base64); if (base64) free(base64);
return 01; return 01;
} }
if (outlen != (TSDB_USER_LEN + TSDB_KEY_LEN)) { if (outlen != (TSDB_USER_LEN + HTTP_PASSWORD_LEN)) {
httpError("context:%p, fd:%d, taosd token:%s length error", pContext, pContext->fd, token); httpError("context:%p, fd:%d, taosd token:%s length error", pContext, pContext->fd, token);
free(base64); free(base64);
return -1; return -1;
@ -103,8 +103,8 @@ int32_t httpGenTaosdAuthToken(HttpContext *pContext, char *token, int32_t maxLen
size = sizeof(pContext->pass); size = sizeof(pContext->pass);
tstrncpy(buffer + sizeof(pContext->user), pContext->pass, size); tstrncpy(buffer + sizeof(pContext->user), pContext->pass, size);
char *encrypt = taosDesEncode(KEY_DES_4, buffer, TSDB_USER_LEN + TSDB_KEY_LEN); char *encrypt = taosDesEncode(KEY_DES_4, buffer, TSDB_USER_LEN + HTTP_PASSWORD_LEN);
char *base64 = base64_encode((const unsigned char *)encrypt, TSDB_USER_LEN + TSDB_KEY_LEN); char *base64 = base64_encode((const unsigned char *)encrypt, TSDB_USER_LEN + HTTP_PASSWORD_LEN);
size_t len = strlen(base64); size_t len = strlen(base64);
tstrncpy(token, base64, len + 1); tstrncpy(token, base64, len + 1);

4
src/plugins/http/src/httpGcHandle.c
View File

@ -59,11 +59,11 @@ bool gcGetUserFromUrl(HttpContext* pContext) {
bool gcGetPassFromUrl(HttpContext* pContext) { bool gcGetPassFromUrl(HttpContext* pContext) {
HttpParser* pParser = pContext->parser; HttpParser* pParser = pContext->parser;
if (pParser->path[GC_PASS_URL_POS].pos >= TSDB_KEY_LEN || pParser->path[GC_PASS_URL_POS].pos <= 0) { if (pParser->path[GC_PASS_URL_POS].pos >= HTTP_PASSWORD_LEN || pParser->path[GC_PASS_URL_POS].pos <= 0) {
return false; return false;
} }
tstrncpy(pContext->pass, pParser->path[GC_PASS_URL_POS].str, TSDB_KEY_LEN); tstrncpy(pContext->pass, pParser->path[GC_PASS_URL_POS].str, HTTP_PASSWORD_LEN);
return true; return true;
} }

4
src/plugins/http/src/httpRestHandle.c
View File

@ -72,11 +72,11 @@ bool restGetUserFromUrl(HttpContext* pContext) {
bool restGetPassFromUrl(HttpContext* pContext) { bool restGetPassFromUrl(HttpContext* pContext) {
HttpParser* pParser = pContext->parser; HttpParser* pParser = pContext->parser;
if (pParser->path[REST_PASS_URL_POS].pos >= TSDB_KEY_LEN || pParser->path[REST_PASS_URL_POS].pos <= 0) { if (pParser->path[REST_PASS_URL_POS].pos >= HTTP_PASSWORD_LEN || pParser->path[REST_PASS_URL_POS].pos <= 0) {
return false; return false;
} }
tstrncpy(pContext->pass, pParser->path[REST_PASS_URL_POS].str, TSDB_KEY_LEN); tstrncpy(pContext->pass, pParser->path[REST_PASS_URL_POS].str, HTTP_PASSWORD_LEN);
return true; return true;
} }

2
src/plugins/http/src/httpTgHandle.c
View File

@ -324,7 +324,7 @@ bool tgGetUserFromUrl(HttpContext *pContext) {
bool tgGetPassFromUrl(HttpContext *pContext) { bool tgGetPassFromUrl(HttpContext *pContext) {
HttpParser *pParser = pContext->parser; HttpParser *pParser = pContext->parser;
if (pParser->path[TG_PASS_URL_POS].pos >= TSDB_KEY_LEN || pParser->path[TG_PASS_URL_POS].pos <= 0) { if (pParser->path[TG_PASS_URL_POS].pos >= HTTP_PASSWORD_LEN || pParser->path[TG_PASS_URL_POS].pos <= 0) {
return false; return false;
} }