xxq250
/
homework-jianmu
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

enh: skil password check if create user with is_import

This commit is contained in:
Shengliang Guan 2024-12-20 10:13:53 +08:00
parent 3497aab1d6
commit 2dda013646
8 changed files with 45 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/zh/14-reference/09-error-code.md
View File

@ -403,7 +403,7 @@ description: TDengine 服务端的错误码列表和详细说明
| 0x8000260D | Tags number not matched | tag列个数不匹配 | 检查并修正SQL语句 |
| 0x8000260E | Invalid tag name | 无效或不存在的tag名 | 检查并修正SQL语句 |
| 0x80002610 | Value is too long | 值长度超出限制 | 检查并修正SQL语句或API参数 |
| 0x80002611 | Password can not be empty | 密码为空 | 使用合法的密码 |
| 0x80002611 | Password too short or empty | 密码为空或少于 8 个字符 | 使用合法的密码 |
| 0x80002612 | Port should be an integer that is less than 65535 and greater than 0 | 端口号非法 | 检查并修正端口号 |
| 0x80002613 | Endpoint should be in the format of 'fqdn:port' | 地址格式错误 | 检查并修正地址信息 |
| 0x80002614 | This statement is no longer supported | 功能已经废弃 | 参考功能文档说明 |

2
include/util/taoserror.h
View File

@ -801,7 +801,7 @@ int32_t taosGetErrSize();
#define TSDB_CODE_PAR_TAGS_NOT_MATCHED TAOS_DEF_ERROR_CODE(0, 0x260D)
#define TSDB_CODE_PAR_INVALID_TAG_NAME TAOS_DEF_ERROR_CODE(0, 0x260E)
#define TSDB_CODE_PAR_NAME_OR_PASSWD_TOO_LONG TAOS_DEF_ERROR_CODE(0, 0x2610)
#define TSDB_CODE_PAR_PASSWD_EMPTY TAOS_DEF_ERROR_CODE(0, 0x2611)
#define TSDB_CODE_PAR_PASSWD_TOO_SHORT_OR_EMPTY TAOS_DEF_ERROR_CODE(0, 0x2611)
#define TSDB_CODE_PAR_INVALID_PORT TAOS_DEF_ERROR_CODE(0, 0x2612)
#define TSDB_CODE_PAR_INVALID_ENDPOINT TAOS_DEF_ERROR_CODE(0, 0x2613)
#define TSDB_CODE_PAR_EXPRIE_STATEMENT TAOS_DEF_ERROR_CODE(0, 0x2614)

41
source/dnode/mnode/impl/src/mndUser.c
View File

@ -1805,12 +1805,21 @@ _OVER:
TAOS_RETURN(code);
}
static int32_t mndCheckPasswordFmt(const char *pwd) {
int32_t len = strlen(pwd);
if (len < TSDB_PASSWORD_MIN_LEN || len > TSDB_PASSWORD_MAX_LEN) {
static int32_t mndCheckPasswordMinLen(const char *pwd, int32_t len) {
if (len < TSDB_PASSWORD_MIN_LEN) {
return -1;
}
return 0;
}
static int32_t mndCheckPasswordMaxLen(const char *pwd, int32_t len) {
if (len > TSDB_PASSWORD_MAX_LEN) {
return -1;
}
return 0;
}
static int32_t mndCheckPasswordFmt(const char *pwd, int32_t len) {
if (strcmp(pwd, "taosdata") == 0) {
return 0;
}
@ -1875,14 +1884,17 @@ static int32_t mndProcessCreateUserReq(SRpcMsg *pReq) {
TAOS_CHECK_GOTO(TSDB_CODE_MND_INVALID_USER_FORMAT, &lino, _OVER);
}
if (mndCheckPasswordFmt(createReq.pass) != 0) {
TAOS_CHECK_GOTO(TSDB_CODE_MND_INVALID_PASS_FORMAT, &lino, _OVER);
}
int32_t len = strlen(createReq.pass);
if (createReq.isImport != 1) {
if (strlen(createReq.pass) >= TSDB_PASSWORD_LEN) {
if (mndCheckPasswordMinLen(createReq.pass, len) != 0) {
TAOS_CHECK_GOTO(TSDB_CODE_PAR_PASSWD_TOO_SHORT_OR_EMPTY, &lino, _OVER);
}
if (mndCheckPasswordMaxLen(createReq.pass, len) != 0) {
TAOS_CHECK_GOTO(TSDB_CODE_PAR_NAME_OR_PASSWD_TOO_LONG, &lino, _OVER);
}
if (mndCheckPasswordFmt(createReq.pass, len) != 0) {
TAOS_CHECK_GOTO(TSDB_CODE_MND_INVALID_PASS_FORMAT, &lino, _OVER);
}
}
code = mndAcquireUser(pMnode, createReq.user, &pUser);
@ -2364,8 +2376,17 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) {
TAOS_CHECK_GOTO(TSDB_CODE_MND_INVALID_USER_FORMAT, &lino, _OVER);
}
if (TSDB_ALTER_USER_PASSWD == alterReq.alterType && mndCheckPasswordFmt(alterReq.pass) != 0) {
TAOS_CHECK_GOTO(TSDB_CODE_MND_INVALID_PASS_FORMAT, &lino, _OVER);
if (TSDB_ALTER_USER_PASSWD == alterReq.alterType) {
int32_t len = strlen(alterReq.pass);
if (mndCheckPasswordMinLen(alterReq.pass, len) != 0) {
TAOS_CHECK_GOTO(TSDB_CODE_PAR_PASSWD_TOO_SHORT_OR_EMPTY, &lino, _OVER);
}
if (mndCheckPasswordMaxLen(alterReq.pass, len) != 0) {
TAOS_CHECK_GOTO(TSDB_CODE_PAR_NAME_OR_PASSWD_TOO_LONG, &lino, _OVER);
}
if (mndCheckPasswordFmt(alterReq.pass, len) != 0) {
TAOS_CHECK_GOTO(TSDB_CODE_MND_INVALID_PASS_FORMAT, &lino, _OVER);
}
}
TAOS_CHECK_GOTO(mndAcquireUser(pMnode, alterReq.user, &pUser), &lino, _OVER);

2
source/libs/parser/src/parAstCreater.c
View File

@ -116,7 +116,7 @@ static bool checkPassword(SAstCreateContext* pCxt, const SToken* pPasswordToken,
strncpy(pPassword, pPasswordToken->z, pPasswordToken->n);
(void)strdequote(pPassword);
if (strtrim(pPassword) <= 0) {
pCxt->errCode = generateSyntaxErrMsg(&pCxt->msgBuf, TSDB_CODE_PAR_PASSWD_EMPTY);
pCxt->errCode = generateSyntaxErrMsg(&pCxt->msgBuf, TSDB_CODE_PAR_PASSWD_TOO_SHORT_OR_EMPTY);
} else if (invalidPassword(pPassword)) {
pCxt->errCode = generateSyntaxErrMsg(&pCxt->msgBuf, TSDB_CODE_PAR_INVALID_PASSWD);
}

4
source/libs/parser/src/parUtil.c
View File

@ -57,8 +57,8 @@ static char* getSyntaxErrFormat(int32_t errCode) {
return "Invalid tag name: %s";
case TSDB_CODE_PAR_NAME_OR_PASSWD_TOO_LONG:
return "Name or password too long";
case TSDB_CODE_PAR_PASSWD_EMPTY:
return "Password can not be empty";
case TSDB_CODE_PAR_PASSWD_TOO_SHORT_OR_EMPTY:
return "Password too short or empty";
case TSDB_CODE_PAR_INVALID_PORT:
return "Port should be an integer that is less than 65535 and greater than 0";
case TSDB_CODE_PAR_INVALID_ENDPOINT:

2
source/util/src/terror.c
View File

@ -648,7 +648,7 @@ TAOS_DEFINE_ERROR(TSDB_CODE_PAR_NOT_SINGLE_GROUP, "Not a single-group g
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_TAGS_NOT_MATCHED, "Tags number not matched")
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_INVALID_TAG_NAME, "Invalid tag name")
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_NAME_OR_PASSWD_TOO_LONG, "Name or password too long")
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_PASSWD_EMPTY, "Password can not be empty")
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_PASSWD_TOO_SHORT_OR_EMPTY, "Password too short or empty")
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_INVALID_PORT, "Port should be an integer that is less than 65535 and greater than 0")
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_INVALID_ENDPOINT, "Endpoint should be in the format of 'fqdn:port'")
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_EXPRIE_STATEMENT, "This statement is no longer supported")

2
source/util/test/errorCodeTable.ini
View File

@ -463,7 +463,7 @@ TSDB_CODE_PAR_NOT_SINGLE_GROUP = 0x8000260C
TSDB_CODE_PAR_TAGS_NOT_MATCHED = 0x8000260D
TSDB_CODE_PAR_INVALID_TAG_NAME = 0x8000260E
TSDB_CODE_PAR_NAME_OR_PASSWD_TOO_LONG = 0x80002610
TSDB_CODE_PAR_PASSWD_EMPTY = 0x80002611
TSDB_CODE_PAR_PASSWD_TOO_SHORT_OR_EMPTY = 0x80002611
TSDB_CODE_PAR_INVALID_PORT = 0x80002612
TSDB_CODE_PAR_INVALID_ENDPOINT = 0x80002613
TSDB_CODE_PAR_EXPRIE_STATEMENT = 0x80002614

8
tests/script/tsim/user/password.sim
View File

@ -271,5 +271,11 @@ sql create user u25 pass 'taosdata1~'
sql create user u26 pass 'taosdata1,'
sql create user u27 pass 'taosdata1.'
return
sql CREATE USER `_xTest1` PASS '2729c41a99b2c5222aa7dd9fc1ce3de7' SYSINFO 1 CREATEDB 0 IS_IMPORT 1 HOST '127.0.0.1';
sql_error CREATE USER `_xTest2` PASS '2729c41a99b2c5222aa7dd9fc1ce3de7' SYSINFO 1 CREATEDB 0 IS_IMPORT 0 HOST '127.0.0.1';
sql CREATE USER `_xTest3` PASS '2729c41' SYSINFO 1 CREATEDB 0 IS_IMPORT 1 HOST '127.0.0.1';
sql_error CREATE USER `_xTest4` PASS '2729c417' SYSINFO 1 CREATEDB 0 IS_IMPORT 0 HOST '127.0.0.1';
sql CREATE USER `_xTest5` PASS '2xF' SYSINFO 1 CREATEDB 0 IS_IMPORT 1 HOST '127.0.0.1';
sql_error CREATE USER `_xTest6` PASS '2xF' SYSINFO 1 CREATEDB 0 IS_IMPORT 0 HOST '127.0.0.1';
system sh/exec.sh -n dnode1 -s stop -x SIGINT