enh: add password character rules
This commit is contained in:
Shengliang Guan
parent
64bdc0ce82
commit
1553d507e5
|
|
@ -162,3 +162,12 @@ geos_c.h
|
|||
source/libs/parser/src/sql.c
|
||||
include/common/ttokenauto.h
|
||||
!packaging/smokeTest/pytest_require.txt
|
||||
tdengine-test-dir/
|
||||
localtime.c
|
||||
private.h
|
||||
strftime.c
|
||||
tzdir.h
|
||||
tzfile.h
|
||||
coverage.info
|
||||
taos
|
||||
taosd
|
||||
|
|
@ -318,6 +318,8 @@ typedef enum ELogicConditionType {
|
|||
#define TSDB_MAX_JSON_KEY_LEN 256
|
||||
|
||||
#define TSDB_AUTH_LEN 16
|
||||
#define TSDB_PASSWORD_MIN_LEN 8
|
||||
#define TSDB_PASSWORD_MAX_LEN 16
|
||||
#define TSDB_PASSWORD_LEN 32
|
||||
#define TSDB_USET_PASSWORD_LEN 129
|
||||
#define TSDB_VERSION_LEN 32
|
||||
|
|
|
|||
|
|
@ -230,6 +230,11 @@ static FORCE_INLINE int32_t taosGetTbHashVal(const char *tbname, int32_t tblen,
|
|||
|
||||
#define TAOS_UNUSED(expr) (void)(expr)
|
||||
|
||||
bool taosIsBigChar(char c);
|
||||
bool taosIsSmallChar(char c);
|
||||
bool taosIsNumberChar(char c);
|
||||
bool taosIsSpecialChar(char c);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -1803,6 +1803,43 @@ _OVER:
|
|||
TAOS_RETURN(code);
|
||||
}
|
||||
|
||||
static int32_t mndCheckPasswordFmt(const char *pwd) {
|
||||
int32_t len = strlen(pwd);
|
||||
if (len < TSDB_PASSWORD_MIN_LEN || len > TSDB_PASSWORD_MAX_LEN) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (strcmp(pwd, "taosdata") == 0) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
bool charTypes[4] = {0};
|
||||
for (int32_t i = 0; i < len; ++i) {
|
||||
if (taosIsBigChar(pwd[i])) {
|
||||
charTypes[0] = true;
|
||||
} else if (taosIsSmallChar(pwd[i])) {
|
||||
charTypes[1] = true;
|
||||
} else if (taosIsNumberChar(pwd[i])) {
|
||||
charTypes[2] = true;
|
||||
} else if (taosIsSpecialChar(pwd[i])) {
|
||||
charTypes[3] = true;
|
||||
} else {
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
int32_t numOfTypes = 0;
|
||||
for (int32_t i = 0; i < 4; ++i) {
|
||||
numOfTypes += charTypes[i];
|
||||
}
|
||||
|
||||
if (numOfTypes < 3) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int32_t mndProcessCreateUserReq(SRpcMsg *pReq) {
|
||||
SMnode *pMnode = pReq->info.node;
|
||||
int32_t code = 0;
|
||||
|
|
@ -1836,7 +1873,7 @@ static int32_t mndProcessCreateUserReq(SRpcMsg *pReq) {
|
|||
TAOS_CHECK_GOTO(TSDB_CODE_MND_INVALID_USER_FORMAT, &lino, _OVER);
|
||||
}
|
||||
|
||||
if (createReq.pass[0] == 0) {
|
||||
if (mndCheckPasswordFmt(createReq.pass) != 0) {
|
||||
TAOS_CHECK_GOTO(TSDB_CODE_MND_INVALID_PASS_FORMAT, &lino, _OVER);
|
||||
}
|
||||
|
||||
|
|
@ -2325,8 +2362,7 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) {
|
|||
TAOS_CHECK_GOTO(TSDB_CODE_MND_INVALID_USER_FORMAT, &lino, _OVER);
|
||||
}
|
||||
|
||||
if (TSDB_ALTER_USER_PASSWD == alterReq.alterType &&
|
||||
(alterReq.pass[0] == 0 || strlen(alterReq.pass) >= TSDB_PASSWORD_LEN)) {
|
||||
if (TSDB_ALTER_USER_PASSWD == alterReq.alterType && mndCheckPasswordFmt(alterReq.pass) != 0) {
|
||||
TAOS_CHECK_GOTO(TSDB_CODE_MND_INVALID_PASS_FORMAT, &lino, _OVER);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -520,3 +520,63 @@ int32_t parseCfgReal(const char *str, float *out) {
|
|||
*out = val;
|
||||
return TSDB_CODE_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
bool taosIsBigChar(char c) {
|
||||
if (c >= 'A' && c <= 'Z') {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
bool taosIsSmallChar(char c) {
|
||||
if (c >= 'a' && c <= 'z') {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
bool taosIsNumberChar(char c) {
|
||||
if (c >= '0' && c <= '9') {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
bool taosIsSpecialChar(char c) {
|
||||
switch (c) {
|
||||
case '!':
|
||||
case '@':
|
||||
case '#':
|
||||
case '$':
|
||||
case '%':
|
||||
case '^':
|
||||
case '&':
|
||||
case '*':
|
||||
case '(':
|
||||
case ')':
|
||||
case '-':
|
||||
case '_':
|
||||
case '+':
|
||||
case '=':
|
||||
case '[':
|
||||
case ']':
|
||||
case '{':
|
||||
case '}':
|
||||
case ':':
|
||||
case ';':
|
||||
case '>':
|
||||
case '<':
|
||||
case '?':
|
||||
case '|':
|
||||
case '~':
|
||||
case ',':
|
||||
case '.':
|
||||
return true;
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -67,7 +67,7 @@ if $data(2)[2] != follower then
|
|||
endi
|
||||
|
||||
print =============== create user
|
||||
sql create user user1 PASS 'user1'
|
||||
sql create user user1 PASS 'user1@#xy'
|
||||
sql select * from information_schema.ins_users
|
||||
if $rows != 2 then
|
||||
return -1
|
||||
|
|
|
|||
|
|
@ -68,7 +68,7 @@ if $leaderExist != 1 then
|
|||
endi
|
||||
|
||||
print =============== step3: create user
|
||||
sql create user user1 PASS 'user1'
|
||||
sql create user user1 PASS 'user121$*'
|
||||
sql select * from information_schema.ins_users
|
||||
if $rows != 2 then
|
||||
return -1
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ system sh/deploy.sh -n dnode1 -i 1
|
|||
system sh/cfg.sh -n dnode1 -c udf -v 1
|
||||
system sh/exec.sh -n dnode1 -s start
|
||||
sql connect
|
||||
sql alter user root pass 'taosdata2'
|
||||
sql alter user root pass '12s34(*&xx'
|
||||
system sh/exec.sh -n dnode1 -s stop
|
||||
system sh/exec.sh -n dnode1 -s start
|
||||
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ sql create mnode on dnode 3
|
|||
sleep 3000
|
||||
|
||||
print =============== create user
|
||||
sql create user user1 PASS 'user1'
|
||||
sql create user user1 PASS 'usersdf1$*'
|
||||
sql select * from information_schema.ins_users
|
||||
if $rows != 2 then
|
||||
return -1
|
||||
|
|
|
|||
|
|
@ -11,8 +11,8 @@ system sh/exec.sh -n dnode1 -s start
|
|||
sql connect
|
||||
|
||||
print =============== create user1
|
||||
sql create user user1 PASS 'user1'
|
||||
sql create user user2 PASS 'user2'
|
||||
sql create user user1 PASS 'use@##r1$*'
|
||||
sql create user user2 PASS 'use&*r2$*'
|
||||
sql select * from information_schema.ins_users
|
||||
if $rows != 3 then
|
||||
return -1
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@ system sh/exec.sh -n dnode1 -s start
|
|||
sql connect
|
||||
|
||||
print ============= step1
|
||||
sql create user u_read pass 'taosdata1'
|
||||
sql create user u_write pass 'taosdata1'
|
||||
sql create user u_read pass 'tbx12F132!'
|
||||
sql create user u_write pass 'tbx12145&*'
|
||||
|
||||
sql alter user u_read pass 'taosdata'
|
||||
sql alter user u_write pass 'taosdata'
|
||||
|
|
@ -15,6 +15,164 @@ if $rows != 3 then
|
|||
return -1
|
||||
endi
|
||||
|
||||
# invalid password format
|
||||
|
||||
sql_error create user user_p1 pass 'taosdata1'
|
||||
sql_error create user user_p1 pass 'taosdata2'
|
||||
sql_error create user user_p1 pass '!@#$%^&3'
|
||||
sql_error create user user_p1 pass '1234564'
|
||||
sql_error create user user_p1 pass 'taosdataa'
|
||||
sql_error create user user_p1 pass 'taosdatab'
|
||||
sql_error create user user_p1 pass '!@#$%^&c'
|
||||
sql_error create user user_p1 pass '123456d'
|
||||
sql_error create user user_p1 pass 'taosdataE'
|
||||
sql_error create user user_p1 pass 'taosdataF'
|
||||
sql_error create user user_p1 pass '!@#$%^&G'
|
||||
sql_error create user user_p1 pass '12333315H'
|
||||
sql_error create user user_p1 pass 'aaaaaaaat1'
|
||||
sql_error create user user_p1 pass 'TTTTTTTTT2'
|
||||
sql_error create user user_p1 pass '!@#$%^&!3'
|
||||
sql_error create user user_p1 pass '12345654'
|
||||
sql_error create user user_p1 pass 'taosdatata'
|
||||
sql_error create user user_p1 pass 'TAOSDATATb'
|
||||
sql_error create user user_p1 pass '!@#$%^&!c'
|
||||
sql_error create user user_p1 pass '1234565d'
|
||||
sql_error create user user_p1 pass 'taosdatatE'
|
||||
sql_error create user user_p1 pass 'TAOSDATATF'
|
||||
sql_error create user user_p1 pass '!@#$$*!G'
|
||||
sql_error create user user_p1 pass '1234565H'
|
||||
sql_error create user user_p1 pass 'taosdataaosdata!'
|
||||
sql_error create user user_p1 pass 'taosdataaosdata@'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#'
|
||||
sql_error create user user_p1 pass '!@#$%^&'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#@'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*##'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#$'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#%'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#^'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#&'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#*'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#('
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#)'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#-'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#_'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#+'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#='
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#['
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#]'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#{'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#}'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#:'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#;'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#>'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#<'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#?'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#|'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#~'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#,'
|
||||
sql_error create user user_p1 pass '!@#$%^&@*#.'
|
||||
sql_error create user user_p1 pass 'tbd1234TTT\'
|
||||
sql_error create user user_p1 pass 'tbd1234TTT/'
|
||||
sql_error create user user_p1 pass 'tbd1234TTT`'
|
||||
sql_error create user user_p1 pass 'taosdatax'
|
||||
sql_error create user user_p1 pass 'taosdatay'
|
||||
|
||||
sql_error create user user_p1 pass 'abcd!@1'
|
||||
sql create user user_p2 pass 'abcd!@12'
|
||||
sql create user user_p3 pass 'abcd!@123'
|
||||
sql create user user_p4 pass 'abcd!@1234'
|
||||
sql create user user_p5 pass 'abcd!@12345'
|
||||
sql create user user_p6 pass 'abcd!@123456'
|
||||
sql create user user_p7 pass 'abcd!@1234567'
|
||||
sql create user user_p8 pass 'abcd!@123456789'
|
||||
sql create user user_p9 pass 'abcd!@1234567890'
|
||||
sql_error create user user_p10 pass 'abcd!@1234567890T'
|
||||
sql drop user user_p2
|
||||
sql drop user user_p3
|
||||
sql drop user user_p4
|
||||
sql drop user user_p5
|
||||
sql drop user user_p6
|
||||
sql drop user user_p7
|
||||
sql drop user user_p8
|
||||
sql drop user user_p9
|
||||
|
||||
sql create user user_p1 pass 'xt12!@cd'
|
||||
|
||||
sql_error alter user user_p1 pass 'abcd!@1'
|
||||
sql alter user user_p1 pass 'abcd!@12'
|
||||
sql alter user user_p1 pass 'abcd!@123'
|
||||
sql alter user user_p1 pass 'abcd!@1234'
|
||||
sql alter user user_p1 pass 'abcd!@12345'
|
||||
sql alter user user_p1 pass 'abcd!@123456'
|
||||
sql alter user user_p1 pass 'abcd!@1234567'
|
||||
sql alter user user_p1 pass 'abcd!@123456789'
|
||||
sql alter user user_p1 pass 'abcd!@1234567890'
|
||||
sql_error user user_p1 pass 'abcd!@1234567890T'
|
||||
sql_error alter user user_p1 pass 'taosdata1'
|
||||
sql_error alter user user_p1 pass 'taosdata2'
|
||||
sql_error alter user user_p1 pass '!@#$%^&3'
|
||||
sql_error alter user user_p1 pass '1234564'
|
||||
sql_error alter user user_p1 pass 'taosdataa'
|
||||
sql_error alter user user_p1 pass 'taosdatab'
|
||||
sql_error alter user user_p1 pass '!@#$%^&c'
|
||||
sql_error alter user user_p1 pass '123456d'
|
||||
sql_error alter user user_p1 pass 'taosdataE'
|
||||
sql_error alter user user_p1 pass 'taosdataF'
|
||||
sql_error alter user user_p1 pass '!@#$%^&G'
|
||||
sql_error alter user user_p1 pass '12334515H'
|
||||
sql_error alter user user_p1 pass 'aasfdsft1'
|
||||
sql_error alter user user_p1 pass 'TAOSDATAT2'
|
||||
sql_error alter user user_p1 pass '!@#$%^&!3'
|
||||
sql_error alter user user_p1 pass '12345654'
|
||||
sql_error alter user user_p1 pass 'taosdatata'
|
||||
sql_error alter user user_p1 pass 'TAOSDATATb'
|
||||
sql_error alter user user_p1 pass '!@#$%^&!c'
|
||||
sql_error alter user user_p1 pass '1234565d'
|
||||
sql_error alter user user_p1 pass 'taosdatatE'
|
||||
sql_error alter user user_p1 pass 'TAOSDATATF'
|
||||
sql_error alter user user_p1 pass '*%^^%###!G'
|
||||
sql_error alter user user_p1 pass '1234565H'
|
||||
sql_error alter user user_p1 pass 'taosdataaosdata!'
|
||||
sql_error alter user user_p1 pass 'taosdataaosdata@'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#'
|
||||
sql_error alter user user_p1 pass '!@#$%^&'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#@'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*##'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#$'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#%'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#^'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#&'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#*'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#('
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#)'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#-'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#_'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#+'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#='
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#['
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#]'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#{'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#}'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#:'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#;'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#>'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#<'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#?'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#|'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#~'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#,'
|
||||
sql_error alter user user_p1 pass '!@#$%^&@*#.'
|
||||
sql_error alter user user_p1 pass 'tbd1234TTT\'
|
||||
sql_error alter user user_p1 pass 'tbd1234TTT/'
|
||||
sql_error alter user user_p1 pass 'tbd1234TTT`'
|
||||
sql_error alter user user_p1 pass 'taosdatax'
|
||||
sql_error alter user user_p1 pass 'taosdatay'
|
||||
|
||||
sql drop user user_p1
|
||||
|
||||
sql create user user_px pass 'taosdata'
|
||||
sql drop user user_px
|
||||
|
||||
print ============= step2
|
||||
print user u_read login
|
||||
sql close
|
||||
|
|
@ -54,7 +212,7 @@ sql create user oroot pass 'taosdata'
|
|||
sql_error create user $user PASS 'abcd012345678901234567891234567890abcd012345678901234567891234567890abcd012345678901234567891234567890abcd012345678901234567891234567890123'
|
||||
sql_error create userabcd012345678901234567891234567890abcd01234567890123456789123456789 PASS 'taosdata'
|
||||
sql_error create user abcd0123456789012345678901234567890111 PASS '123'
|
||||
sql create user abc01234567890123456789 PASS '123'
|
||||
sql create user abc01234567890123456789 PASS '123xyzYDE'
|
||||
|
||||
sql show users
|
||||
if $rows != 5 then
|
||||
|
|
|
|||
|
|
@ -17,8 +17,8 @@ if $rows != 5 then
|
|||
endi
|
||||
|
||||
print =============== create users
|
||||
sql create user user1 PASS 'user1'
|
||||
sql create user user2 PASS 'user2'
|
||||
sql create user user1 PASS '123124(*&xx)'
|
||||
sql create user user2 PASS '1234(*&xx'
|
||||
sql select * from information_schema.ins_users
|
||||
if $rows != 3 then
|
||||
return -1
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@ system sh/exec.sh -n dnode1 -s start
|
|||
sql connect
|
||||
|
||||
print ============= step1
|
||||
sql create user u_read pass 'taosdata1' host '127.0.0.1/24','192.168.1.0/24'
|
||||
sql create user u_write pass 'taosdata1' host '127.0.0.1','192.168.1.0'
|
||||
sql create user u_read pass 'taosdata1xad@#' host '127.0.0.1/24','192.168.1.0/24'
|
||||
sql create user u_write pass 'taosdata1TadBD' host '127.0.0.1','192.168.1.0'
|
||||
|
||||
sql alter user u_read add host '3.3.3.4/24'
|
||||
sql_error alter user u_write drop host '4.4.4.5/25'
|
||||
|
|
@ -16,8 +16,8 @@ if $rows != 3 then
|
|||
endi
|
||||
|
||||
print ============= step2
|
||||
sql_error create user read1 pass 'taosdata1' host '127.0.0/24'
|
||||
sql_error create user write1 pass 'taosdata1' host '4.4.4.4/33'
|
||||
sql_error create user read1 pass 'taosdata1XR' host '127.0.0/24'
|
||||
sql_error create user write1 pass 'TZtaosdata1' host '4.4.4.4/33'
|
||||
|
||||
sql show users
|
||||
if $rows != 3 then
|
||||
|
|
|
|||
Loading…
Reference in New Issue