From 685bdea44ae2aaa516a92cb7f2db6c7f9fc715ee Mon Sep 17 00:00:00 2001 From: yihaoDeng Date: Mon, 4 Sep 2023 21:15:46 +0800 Subject: [PATCH] add rpc update interface --- include/util/tdef.h | 5 +- source/common/src/systable.c | 3 +- source/dnode/mnode/impl/inc/mndDef.h | 30 ++- source/dnode/mnode/impl/src/mndUser.c | 324 ++++++++++++++++++++------ source/libs/transport/src/transSvr.c | 25 +- source/os/src/osSocket.c | 10 +- 6 files changed, 298 insertions(+), 99 deletions(-) diff --git a/include/util/tdef.h b/include/util/tdef.h index 3bfa136d3e..aca4774ba5 100644 --- a/include/util/tdef.h +++ b/include/util/tdef.h @@ -184,7 +184,7 @@ typedef enum ELogicConditionType { #define TSDB_UNI_LEN 24 #define TSDB_USER_LEN TSDB_UNI_LEN -#define TSDB_POINTER_PRINT_BYTES 18 // 0x1122334455667788 +#define TSDB_POINTER_PRINT_BYTES 18 // 0x1122334455667788 // ACCOUNT is a 32 bit positive integer // this is the length of its string representation, including the terminator zero #define TSDB_ACCT_ID_LEN 11 @@ -202,6 +202,7 @@ typedef enum ELogicConditionType { #define TSDB_DB_NAME_LEN 65 #define TSDB_DB_FNAME_LEN (TSDB_ACCT_ID_LEN + TSDB_DB_NAME_LEN + TSDB_NAME_DELIMITER_LEN) #define TSDB_PRIVILEDGE_CONDITION_LEN 48 * 1024 +#define TSDB_PRIVILEDGE_HOST_LEN 24 * 1024 #define TSDB_FUNC_NAME_LEN 65 #define TSDB_FUNC_COMMENT_LEN 1024 * 1024 @@ -417,7 +418,7 @@ typedef enum ELogicConditionType { #define TSDB_EXPLAIN_RESULT_ROW_SIZE (16 * 1024) #define TSDB_EXPLAIN_RESULT_COLUMN_NAME "QUERY_PLAN" -#define TSDB_MAX_FIELD_LEN 65519 // 16384:65519 +#define TSDB_MAX_FIELD_LEN 65519 // 16384:65519 #define TSDB_MAX_BINARY_LEN TSDB_MAX_FIELD_LEN // 16384-8:65519 #define TSDB_MAX_NCHAR_LEN TSDB_MAX_FIELD_LEN // 16384-8:65519 #define TSDB_MAX_GEOMETRY_LEN TSDB_MAX_FIELD_LEN // 16384-8:65519 diff --git a/source/common/src/systable.c b/source/common/src/systable.c index 66a498d15c..1aa84191ec 100644 --- a/source/common/src/systable.c +++ b/source/common/src/systable.c @@ -308,7 +308,8 @@ static const SSysDbTableSchema userUserPrivilegesSchema[] = { {.name = "privilege", .bytes = 10 + VARSTR_HEADER_SIZE, .type = TSDB_DATA_TYPE_VARCHAR, .sysInfo = false}, {.name = "db_name", .bytes = TSDB_DB_NAME_LEN + VARSTR_HEADER_SIZE, .type = TSDB_DATA_TYPE_VARCHAR, .sysInfo = false}, {.name = "table_name", .bytes = TSDB_TABLE_NAME_LEN + VARSTR_HEADER_SIZE, .type = TSDB_DATA_TYPE_VARCHAR, .sysInfo = false}, - {.name = "condition", .bytes = TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE, .type = TSDB_DATA_TYPE_VARCHAR, .sysInfo = false}, + {.name = "condition", .bytes = TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE, .type = TSDB_DATA_TYPE_VARCHAR, .sysInfo = false}, + {.name = "host", .bytes = TSDB_PRIVILEDGE_HOST_LEN + VARSTR_HEADER_SIZE, .type = TSDB_DATA_TYPE_VARCHAR, .sysInfo = false}, }; static const SSysTableMeta infosMeta[] = { diff --git a/source/dnode/mnode/impl/inc/mndDef.h b/source/dnode/mnode/impl/inc/mndDef.h index 90d54e7f58..2f1053efc8 100644 --- a/source/dnode/mnode/impl/inc/mndDef.h +++ b/source/dnode/mnode/impl/inc/mndDef.h @@ -275,20 +275,26 @@ typedef struct { SAcctCfg cfg; SAcctInfo info; } SAcctObj; +typedef struct { + int32_t num; + SIpV4Range* pIpRange; +} SIpWhiteList; typedef struct { - char user[TSDB_USER_LEN]; - char pass[TSDB_PASSWORD_LEN]; - char acct[TSDB_USER_LEN]; - int64_t createdTime; - int64_t updateTime; - int8_t superUser; - int8_t sysInfo; - int8_t enable; - int8_t reserve; - int32_t acctId; - int32_t authVersion; - int32_t passVersion; + char user[TSDB_USER_LEN]; + char pass[TSDB_PASSWORD_LEN]; + char acct[TSDB_USER_LEN]; + int64_t createdTime; + int64_t updateTime; + int8_t superUser; + int8_t sysInfo; + int8_t enable; + int8_t reserve; + int32_t acctId; + int32_t authVersion; + int32_t passVersion; + SIpWhiteList* pIpWhiteList; + SHashObj* readDbs; SHashObj* writeDbs; SHashObj* topics; diff --git a/source/dnode/mnode/impl/src/mndUser.c b/source/dnode/mnode/impl/src/mndUser.c index e718a12c5d..dd5aa7fffd 100644 --- a/source/dnode/mnode/impl/src/mndUser.c +++ b/source/dnode/mnode/impl/src/mndUser.c @@ -15,6 +15,7 @@ #define _DEFAULT_SOURCE #include "mndUser.h" +#include "audit.h" #include "mndDb.h" #include "mndPrivilege.h" #include "mndShow.h" @@ -22,9 +23,8 @@ #include "mndTopic.h" #include "mndTrans.h" #include "tbase64.h" -#include "audit.h" -#define USER_VER_NUMBER 4 +#define USER_VER_NUMBER 5 #define USER_RESERVE_SIZE 64 static int32_t mndCreateDefaultUsers(SMnode *pMnode); @@ -68,6 +68,103 @@ int32_t mndInitUser(SMnode *pMnode) { void mndCleanupUser(SMnode *pMnode) {} +static void ipRangeToStr(SIpV4Range *range, char *buf) { + char ipstr[24] = {0}; + tinet_ntoa(ipstr, range->ip); + + if (range->mask == 0) { + sprintf(buf, "%s", ipstr); + } else { + sprintf(buf, "%s/%d", ipstr, range->mask); + } +} +static void ipRangeListToStr(SIpV4Range *range, int32_t num, char *buf) { + int32_t len = 0; + for (int i = 0; i < num; i++) { + char tbuf[24] = {0}; + ipRangeToStr(&range[i], tbuf); + len = sprintf(buf + len, "%s,", tbuf); + } + buf[len - 1] = 0; +} +int32_t convertIpWhiteListToStr(SIpWhiteList *pList, char **buf) { + *buf = taosMemoryCalloc(1, pList->num * (sizeof(SIpV4Range) + 1)); + + ipRangeListToStr(pList->pIpRange, pList->num, *buf); + return strlen(*buf); +} +int32_t tSerializeIpWhiteList(void *buf, int32_t len, SIpWhiteList *pList) { + SEncoder encoder = {0}; + tEncoderInit(&encoder, buf, len); + + if (tStartEncode(&encoder) < 0) return -1; + if (tEncodeI32(&encoder, pList->num) < 0) return -1; + + for (int i = 0; i < pList->num; i++) { + SIpV4Range *pRange = &(pList->pIpRange[i]); + if (tEncodeU32(&encoder, pRange->ip) < 0) return -1; + if (tEncodeU32(&encoder, pRange->mask) < 0) return -1; + } + + tEndEncode(&encoder); + + int32_t tlen = encoder.pos; + tEncoderClear(&encoder); + return tlen; +} + +int32_t tDerializeIpWhileList(void *buf, int32_t len, SIpWhiteList *pList) { + SDecoder decoder = {0}; + tDecoderInit(&decoder, buf, len); + + if (tStartDecode(&decoder) < 0) return -1; + if (tDecodeI32(&decoder, &pList->num) < 0) return -1; + + for (int i = 0; i < pList->num; i++) { + SIpV4Range *pRange = &(pList->pIpRange[i]); + if (tDecodeU32(&decoder, &pRange->ip) < 0) return -1; + if (tDecodeU32(&decoder, &pRange->mask) < 0) return -1; + } + tEndDecode(&decoder); + tDecoderClear(&decoder); + + return 0; +} +SIpWhiteList *createIpWhiteList(void *buf, int32_t len) { + int32_t num = 0; + SDecoder decoder = {0}; + tDecoderInit(&decoder, buf, len); + + if (tStartDecode(&decoder) < 0) return NULL; + if (tDecodeI32(&decoder, &num) < 0) return NULL; + tEndDecode(&decoder); + tDecoderClear(&decoder); + + SIpWhiteList *p = taosMemoryCalloc(1, sizeof(SIpWhiteList) + num * sizeof(SIpV4Range)); + tDerializeIpWhileList(buf, len, p); + return p; +} + +static SIpWhiteList *createDefaultIpWhiteList() { + SIpWhiteList *pWhiteList = taosMemoryCalloc(1, sizeof(SIpWhiteList) + sizeof(SIpV4Range) * 1); + pWhiteList->num = 1; + + SIpV4Range *range = &(pWhiteList->pIpRange[0]); + + range->ip = ip2uint("127.0.0.1"); // refactor later + range->mask = 0; + return pWhiteList; +} +static bool isRangeInIpWhiteList(SIpWhiteList *pList, SIpV4Range *tgt) { + for (int i = 0; i < pList->num; i++) { + SIpV4Range *el = &pList->pIpRange[i]; + if (tgt->ip == el->ip && tgt->mask == el->mask) { + return true; + } + } + return false; +} + static int32_t mndCreateDefaultUser(SMnode *pMnode, char *acct, char *user, char *pass) { SUserObj userObj = {0}; taosEncryptPass_c((uint8_t *)pass, strlen(pass), userObj.pass); @@ -241,6 +338,16 @@ SSdbRaw *mndUserActionEncode(SUserObj *pUser) { useDb = taosHashIterate(pUser->useDbs, useDb); } + // save white list + int32_t num = pUser->pIpWhiteList->num; + int32_t tlen = sizeof(SIpWhiteList) + num * sizeof(SIpV4Range); + char *buf = taosMemoryCalloc(1, tlen); + int32_t len = tSerializeIpWhiteList(buf, tlen, pUser->pIpWhiteList); + + SDB_SET_INT32(pRaw, dataPos, len, _OVER); + SDB_SET_BINARY(pRaw, dataPos, buf, len, _OVER); + taosMemoryFree(buf); + SDB_SET_RESERVE(pRaw, dataPos, USER_RESERVE_SIZE, _OVER) SDB_SET_DATALEN(pRaw, dataPos, _OVER) @@ -398,6 +505,21 @@ static SSdbRow *mndUserActionDecode(SSdbRaw *pRaw) { taosMemoryFree(key); } } + // decoder white list + if (sver >= 5) { + int32_t len = 0; + SDB_GET_INT32(pRaw, dataPos, &len, _OVER); + + char *buf = buf = taosMemoryMalloc(len); + if (buf == NULL) goto _OVER; + SDB_GET_BINARY(pRaw, dataPos, buf, len, _OVER); + + pUser->pIpWhiteList = createIpWhiteList(buf, len); + } + + if (pUser->pIpWhiteList == NULL) { + pUser->pIpWhiteList = createDefaultIpWhiteList(); + } SDB_GET_RESERVE(pRaw, dataPos, USER_RESERVE_SIZE, _OVER) taosInitRWLatch(&pUser->lock); @@ -414,6 +536,8 @@ _OVER: taosHashCleanup(pUser->readTbs); taosHashCleanup(pUser->writeTbs); taosHashCleanup(pUser->useDbs); + taosMemoryFree(pUser->pIpWhiteList); + // taosMemoryFree(pUser->pWhiteIpList); } taosMemoryFreeClear(pRow); return NULL; @@ -516,6 +640,7 @@ void mndUserFreeObj(SUserObj *pUser) { taosHashCleanup(pUser->readTbs); taosHashCleanup(pUser->writeTbs); taosHashCleanup(pUser->useDbs); + // taosMemoryFree(pUser->pWhiteIpList); pUser->readDbs = NULL; pUser->writeDbs = NULL; pUser->topics = NULL; @@ -579,9 +704,23 @@ static int32_t mndCreateUser(SMnode *pMnode, char *acct, SCreateUserReq *pCreate userObj.sysInfo = pCreate->sysInfo; userObj.enable = pCreate->enable; + if (pCreate->numIpRanges == 0) { + userObj.pIpWhiteList = createDefaultIpWhiteList(); + + } else { + SIpWhiteList *p = taosMemoryCalloc(1, sizeof(SIpWhiteList) + pCreate->numIpRanges * sizeof(SIpV4Range)); + for (int i = 0; i < pCreate->numIpRanges; i++) { + p->pIpRange[i].ip = pCreate->pIpRanges[i].ip; + p->pIpRange[i].mask = pCreate->pIpRanges[i].mask; + } + userObj.pIpWhiteList = p; + } + STrans *pTrans = mndTransCreate(pMnode, TRN_POLICY_ROLLBACK, TRN_CONFLICT_NOTHING, pReq, "create-user"); if (pTrans == NULL) { mError("user:%s, failed to create since %s", pCreate->user, terrstr()); + + taosMemoryFree(userObj.pIpWhiteList); return -1; } mInfo("trans:%d, used to create user:%s", pTrans->id, pCreate->user); @@ -590,18 +729,22 @@ static int32_t mndCreateUser(SMnode *pMnode, char *acct, SCreateUserReq *pCreate if (pCommitRaw == NULL || mndTransAppendCommitlog(pTrans, pCommitRaw) != 0) { mError("trans:%d, failed to commit redo log since %s", pTrans->id, terrstr()); mndTransDrop(pTrans); - return -1; + goto _OVER; } (void)sdbSetRawStatus(pCommitRaw, SDB_STATUS_READY); if (mndTransPrepare(pMnode, pTrans) != 0) { mError("trans:%d, failed to prepare since %s", pTrans->id, terrstr()); mndTransDrop(pTrans); - return -1; + goto _OVER; } mndTransDrop(pTrans); return 0; +_OVER: + taosMemoryFree(userObj.pIpWhiteList); + + return -1; } static int32_t mndProcessCreateUserReq(SRpcMsg *pReq) { @@ -631,7 +774,7 @@ static int32_t mndProcessCreateUserReq(SRpcMsg *pReq) { goto _OVER; } - if (strlen(createReq.pass) >= TSDB_PASSWORD_LEN){ + if (strlen(createReq.pass) >= TSDB_PASSWORD_LEN) { terrno = TSDB_CODE_PAR_NAME_OR_PASSWD_TOO_LONG; goto _OVER; } @@ -657,8 +800,8 @@ static int32_t mndProcessCreateUserReq(SRpcMsg *pReq) { if (code == 0) code = TSDB_CODE_ACTION_IN_PROGRESS; char detail[1000] = {0}; - sprintf(detail, "createType:%d, enable:%d, superUser:%d, sysInfo:%d", - createReq.createType, createReq.enable, createReq.superUser, createReq.sysInfo); + sprintf(detail, "createType:%d, enable:%d, superUser:%d, sysInfo:%d", createReq.createType, createReq.enable, + createReq.superUser, createReq.sysInfo); auditRecord(pReq, pMnode->clusterId, "createUser", createReq.user, "", detail); @@ -791,62 +934,62 @@ static int32_t mndRemoveTablePriviledge(SMnode *pMnode, SHashObj *hash, SHashObj return 0; } -static char* mndUserAuditTypeStr(int32_t type){ - if(type == TSDB_ALTER_USER_PASSWD){ +static char *mndUserAuditTypeStr(int32_t type) { + if (type == TSDB_ALTER_USER_PASSWD) { return "changePassword"; } - if(type == TSDB_ALTER_USER_SUPERUSER){ + if (type == TSDB_ALTER_USER_SUPERUSER) { return "changeSuperUser"; } - if(type == TSDB_ALTER_USER_ADD_READ_DB){ + if (type == TSDB_ALTER_USER_ADD_READ_DB) { return "addReadToDB"; } - if(type == TSDB_ALTER_USER_ADD_READ_DB){ + if (type == TSDB_ALTER_USER_ADD_READ_DB) { return "addReadToDB"; } - if(type == TSDB_ALTER_USER_REMOVE_READ_DB){ + if (type == TSDB_ALTER_USER_REMOVE_READ_DB) { return "removeReadFromDB"; } - if(type == TSDB_ALTER_USER_ADD_WRITE_DB){ + if (type == TSDB_ALTER_USER_ADD_WRITE_DB) { return "addWriteToDB"; } - if(type == TSDB_ALTER_USER_REMOVE_WRITE_DB){ + if (type == TSDB_ALTER_USER_REMOVE_WRITE_DB) { return "removeWriteFromDB"; } - if(type == TSDB_ALTER_USER_ADD_ALL_DB){ + if (type == TSDB_ALTER_USER_ADD_ALL_DB) { return "addToAllDB"; } - if(type == TSDB_ALTER_USER_REMOVE_ALL_DB){ + if (type == TSDB_ALTER_USER_REMOVE_ALL_DB) { return "removeFromAllDB"; } - if(type == TSDB_ALTER_USER_ENABLE){ + if (type == TSDB_ALTER_USER_ENABLE) { return "enableUser"; } - if(type == TSDB_ALTER_USER_SYSINFO){ + if (type == TSDB_ALTER_USER_SYSINFO) { return "userSysInfo"; } - if(type == TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC){ + if (type == TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC) { return "addSubscribeTopic"; } - if(type == TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC){ + if (type == TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC) { return "removeSubscribeTopic"; } - if(type == TSDB_ALTER_USER_ADD_READ_TABLE){ + if (type == TSDB_ALTER_USER_ADD_READ_TABLE) { return "addReadToTable"; } - if(type == TSDB_ALTER_USER_REMOVE_READ_TABLE){ + if (type == TSDB_ALTER_USER_REMOVE_READ_TABLE) { return "removeReadFromTable"; } - if(type == TSDB_ALTER_USER_ADD_WRITE_TABLE){ + if (type == TSDB_ALTER_USER_ADD_WRITE_TABLE) { return "addWriteToTable"; } - if(type == TSDB_ALTER_USER_REMOVE_WRITE_TABLE){ + if (type == TSDB_ALTER_USER_REMOVE_WRITE_TABLE) { return "removeWriteFromTable"; } - if(type == TSDB_ALTER_USER_ADD_ALL_TABLE){ + if (type == TSDB_ALTER_USER_ADD_ALL_TABLE) { return "addToAllTable"; } - if(type == TSDB_ALTER_USER_REMOVE_ALL_TABLE){ + if (type == TSDB_ALTER_USER_REMOVE_ALL_TABLE) { return "removeFromAllTable"; } return "error"; @@ -874,7 +1017,7 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) { goto _OVER; } - if (TSDB_ALTER_USER_PASSWD == alterReq.alterType && + if (TSDB_ALTER_USER_PASSWD == alterReq.alterType && (alterReq.pass[0] == 0 || strlen(alterReq.pass) >= TSDB_PASSWORD_LEN)) { terrno = TSDB_CODE_MND_INVALID_PASS_FORMAT; goto _OVER; @@ -1007,11 +1150,13 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) { if (mndTablePriviledge(pMnode, newUser.writeTbs, newUser.useDbs, &alterReq, pSdb) != 0) goto _OVER; } - if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_READ_TABLE || alterReq.alterType == TSDB_ALTER_USER_REMOVE_ALL_TABLE) { + if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_READ_TABLE || + alterReq.alterType == TSDB_ALTER_USER_REMOVE_ALL_TABLE) { if (mndRemoveTablePriviledge(pMnode, newUser.readTbs, newUser.useDbs, &alterReq, pSdb) != 0) goto _OVER; } - if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_WRITE_TABLE || alterReq.alterType == TSDB_ALTER_USER_REMOVE_ALL_TABLE) { + if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_WRITE_TABLE || + alterReq.alterType == TSDB_ALTER_USER_REMOVE_ALL_TABLE) { if (mndRemoveTablePriviledge(pMnode, newUser.writeTbs, newUser.useDbs, &alterReq, pSdb) != 0) goto _OVER; } @@ -1035,50 +1180,77 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) { taosHashRemove(newUser.topics, alterReq.objname, len); } + if (alterReq.alterType == TSDB_ALTER_USER_ADD_WHITE_LIST) { + int32_t num = pUser->pIpWhiteList->num + alterReq.numIpRanges; + + SIpWhiteList *pNew = taosMemoryCalloc(1, sizeof(SIpWhiteList) + sizeof(SIpV4Range) * num); + int32_t idx = pUser->pIpWhiteList->num; + memcpy(pNew->pIpRange, pUser->pIpWhiteList->pIpRange, sizeof(SIpV4Range) * idx); + for (int i = 0; i < alterReq.numIpRanges; i++) { + SIpV4Range *range = &(alterReq.pIpRanges[i]); + if (!isRangeInIpWhiteList(pUser->pIpWhiteList, range)) { + // already exist, just ignore; + memcpy(&pNew->pIpRange[idx], range, sizeof(SIpV4Range)); + idx++; + continue; + } + } + pNew->num = idx + 1; + newUser.pIpWhiteList = pNew; + } + if (alterReq.alterType == TSDB_ALTER_USER_DROP_WHITE_LIST) { + int32_t num = pUser->pIpWhiteList->num; + SIpWhiteList *pNew = taosMemoryCalloc(1, sizeof(SIpWhiteList) + sizeof(SIpV4Range) * num); + + int idx = 0; + for (int i = 0; i < alterReq.numIpRanges; i++) { + SIpV4Range *range = &(alterReq.pIpRanges[i]); + if (!isRangeInIpWhiteList(pUser->pIpWhiteList, range)) { + // already exist, just ignore; + memcpy(&pNew->pIpRange[idx], &pUser->pIpWhiteList->pIpRange[i], sizeof(SIpV4Range)); + idx++; + } + } + pNew->num = idx + 1; + } + code = mndAlterUser(pMnode, pUser, &newUser, pReq); if (code == 0) code = TSDB_CODE_ACTION_IN_PROGRESS; char detail[1000] = {0}; - sprintf(detail, "alterType:%s, enable:%d, superUser:%d, sysInfo:%d, tabName:%s, password:", - mndUserAuditTypeStr(alterReq.alterType), alterReq.enable, alterReq.superUser, alterReq.sysInfo, alterReq.tabName); + sprintf(detail, "alterType:%s, enable:%d, superUser:%d, sysInfo:%d, tabName:%s, password:", + mndUserAuditTypeStr(alterReq.alterType), alterReq.enable, alterReq.superUser, alterReq.sysInfo, + alterReq.tabName); - if(alterReq.alterType == TSDB_ALTER_USER_PASSWD){ - sprintf(detail, "alterType:%s, enable:%d, superUser:%d, sysInfo:%d, tabName:%s, password:xxx", - mndUserAuditTypeStr(alterReq.alterType), alterReq.enable, alterReq.superUser, alterReq.sysInfo, + if (alterReq.alterType == TSDB_ALTER_USER_PASSWD) { + sprintf(detail, "alterType:%s, enable:%d, superUser:%d, sysInfo:%d, tabName:%s, password:xxx", + mndUserAuditTypeStr(alterReq.alterType), alterReq.enable, alterReq.superUser, alterReq.sysInfo, alterReq.tabName); auditRecord(pReq, pMnode->clusterId, "alterUser", alterReq.user, "", detail); - } - else if(alterReq.alterType == TSDB_ALTER_USER_SUPERUSER || - alterReq.alterType == TSDB_ALTER_USER_ENABLE || - alterReq.alterType == TSDB_ALTER_USER_SYSINFO){ + } else if (alterReq.alterType == TSDB_ALTER_USER_SUPERUSER || alterReq.alterType == TSDB_ALTER_USER_ENABLE || + alterReq.alterType == TSDB_ALTER_USER_SYSINFO) { auditRecord(pReq, pMnode->clusterId, "alterUser", alterReq.user, "", detail); - } - else if(alterReq.alterType == TSDB_ALTER_USER_ADD_READ_DB|| - alterReq.alterType == TSDB_ALTER_USER_ADD_WRITE_DB|| - alterReq.alterType == TSDB_ALTER_USER_ADD_ALL_DB|| - alterReq.alterType == TSDB_ALTER_USER_ADD_READ_TABLE|| - alterReq.alterType == TSDB_ALTER_USER_ADD_WRITE_TABLE|| - alterReq.alterType == TSDB_ALTER_USER_ADD_ALL_TABLE){ - if (strcmp(alterReq.objname, "1.*") != 0){ + } else if (alterReq.alterType == TSDB_ALTER_USER_ADD_READ_DB || alterReq.alterType == TSDB_ALTER_USER_ADD_WRITE_DB || + alterReq.alterType == TSDB_ALTER_USER_ADD_ALL_DB || alterReq.alterType == TSDB_ALTER_USER_ADD_READ_TABLE || + alterReq.alterType == TSDB_ALTER_USER_ADD_WRITE_TABLE || + alterReq.alterType == TSDB_ALTER_USER_ADD_ALL_TABLE) { + if (strcmp(alterReq.objname, "1.*") != 0) { SName name = {0}; tNameFromString(&name, alterReq.objname, T_NAME_ACCT | T_NAME_DB); auditRecord(pReq, pMnode->clusterId, "GrantPrivileges", alterReq.user, name.dbname, detail); - }else{ + } else { auditRecord(pReq, pMnode->clusterId, "GrantPrivileges", alterReq.user, "*", detail); } - } - else if(alterReq.alterType == TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC){ + } else if (alterReq.alterType == TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC) { auditRecord(pReq, pMnode->clusterId, "GrantPrivileges", alterReq.user, alterReq.objname, detail); - } - else if(alterReq.alterType == TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC){ + } else if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC) { auditRecord(pReq, pMnode->clusterId, "RevokePrivileges", alterReq.user, alterReq.objname, detail); - } - else{ - if (strcmp(alterReq.objname, "1.*") != 0){ + } else { + if (strcmp(alterReq.objname, "1.*") != 0) { SName name = {0}; tNameFromString(&name, alterReq.objname, T_NAME_ACCT | T_NAME_DB); auditRecord(pReq, pMnode->clusterId, "RevokePrivileges", alterReq.user, name.dbname, detail); - }else{ + } else { auditRecord(pReq, pMnode->clusterId, "RevokePrivileges", alterReq.user, "*", detail); } } @@ -1243,6 +1415,22 @@ static int32_t mndRetrieveUsers(SRpcMsg *pReq, SShowObj *pShow, SSDataBlock *pBl pColInfo = taosArrayGet(pBlock->pDataBlock, cols); colDataSetVal(pColInfo, numOfRows, (const char *)&pUser->createdTime, false); + // get ip white list + // char *buf = taosMemoryCalloc(1, (sizeof(SIpV4Range) + 1) * pUser->pIpWhiteList->num); + char *buf = NULL; + int32_t tlen = convertIpWhiteListToStr(pUser->pIpWhiteList, &buf); + + char *varstr = taosMemoryCalloc(1, VARSTR_HEADER_SIZE + tlen); + varDataSetLen(varstr, tlen); + memcpy(varDataVal(varstr), buf, tlen); + + cols++; + pColInfo = taosArrayGet(pBlock->pDataBlock, cols); + colDataSetVal(pColInfo, numOfRows, (const char *)buf, false); + + taosMemoryFree(varstr); + taosMemoryFree(buf); + numOfRows++; sdbRelease(pSdb, pUser); } @@ -1293,9 +1481,9 @@ static void mndLoopHash(SHashObj *hash, char *priType, SSDataBlock *pBlock, int3 if (strcmp("t", value) != 0) { SNode *pAst = NULL; int32_t sqlLen = 0; - size_t bufSz = strlen(value) + 1; - char* sql = taosMemoryMalloc(bufSz + 1); - char* obj = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); + size_t bufSz = strlen(value) + 1; + char *sql = taosMemoryMalloc(bufSz + 1); + char *obj = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); if (sql != NULL && obj != NULL && nodesStringToNode(value, &pAst) == 0) { nodesNodeToSQL(pAst, sql, bufSz, &sqlLen); @@ -1312,7 +1500,7 @@ static void mndLoopHash(SHashObj *hash, char *priType, SSDataBlock *pBlock, int3 taosMemoryFree(obj); taosMemoryFree(sql); } else { - char* condition = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); + char *condition = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); STR_WITH_MAXSIZE_TO_VARSTR(condition, "", pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, *numOfRows, (const char *)condition, false); @@ -1332,7 +1520,7 @@ static int32_t mndRetrievePrivileges(SRpcMsg *pReq, SShowObj *pShow, SSDataBlock int32_t cols = 0; char *pWrite; - bool fetchNextUser = pShow->restore ? false : true; + bool fetchNextUser = pShow->restore ? false : true; pShow->restore = false; while (numOfRows < rows) { @@ -1354,8 +1542,10 @@ static int32_t mndRetrievePrivileges(SRpcMsg *pReq, SShowObj *pShow, SSDataBlock int32_t numOfReadTbs = taosHashGetSize(pUser->readTbs); int32_t numOfWriteTbs = taosHashGetSize(pUser->writeTbs); if (numOfRows + numOfReadDbs + numOfWriteDbs + numOfTopics + numOfReadTbs + numOfWriteTbs >= rows) { - mInfo("will restore. current num of rows: %d, read dbs %d, write dbs %d, topics %d, read tables %d, write tables %d", - numOfRows, numOfReadDbs, numOfWriteDbs, numOfTopics, numOfReadTbs, numOfWriteTbs); + mInfo( + "will restore. current num of rows: %d, read dbs %d, write dbs %d, topics %d, read tables %d, write tables " + "%d", + numOfRows, numOfReadDbs, numOfWriteDbs, numOfTopics, numOfReadTbs, numOfWriteTbs); pShow->restore = true; sdbRelease(pSdb, pUser); break; @@ -1383,7 +1573,7 @@ static int32_t mndRetrievePrivileges(SRpcMsg *pReq, SShowObj *pShow, SSDataBlock pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, numOfRows, (const char *)tableName, false); - char* condition = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); + char *condition = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); STR_WITH_MAXSIZE_TO_VARSTR(condition, "", pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, numOfRows, (const char *)condition, false); @@ -1418,7 +1608,7 @@ static int32_t mndRetrievePrivileges(SRpcMsg *pReq, SShowObj *pShow, SSDataBlock pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, numOfRows, (const char *)tableName, false); - char* condition = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); + char *condition = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); STR_WITH_MAXSIZE_TO_VARSTR(condition, "", pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, numOfRows, (const char *)condition, false); @@ -1454,7 +1644,7 @@ static int32_t mndRetrievePrivileges(SRpcMsg *pReq, SShowObj *pShow, SSDataBlock pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, numOfRows, (const char *)tableName, false); - char* condition = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); + char *condition = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); STR_WITH_MAXSIZE_TO_VARSTR(condition, "", pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, numOfRows, (const char *)condition, false); @@ -1492,7 +1682,7 @@ static int32_t mndRetrievePrivileges(SRpcMsg *pReq, SShowObj *pShow, SSDataBlock pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, numOfRows, (const char *)tableName, false); - char* condition = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); + char *condition = taosMemoryMalloc(TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE); STR_WITH_MAXSIZE_TO_VARSTR(condition, "", pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, numOfRows, (const char *)condition, false); diff --git a/source/libs/transport/src/transSvr.c b/source/libs/transport/src/transSvr.c index 3f192de5be..6caeb98d4c 100644 --- a/source/libs/transport/src/transSvr.c +++ b/source/libs/transport/src/transSvr.c @@ -208,15 +208,6 @@ static void uvHandleActivityTimeout(uv_timer_t* handle) { tDebug("%p timeout since no activity", conn); } -typedef struct { - int32_t netmask; - int32_t address; - int32_t network; - int32_t broadcast; - char info[32]; - int8_t type; -} SubnetUtils; - int32_t cvtIp2Int(char* ip, int16_t* dest) { int k = 0; char* start = ip; @@ -233,6 +224,15 @@ int32_t cvtIp2Int(char* ip, int16_t* dest) { } return k; } +typedef struct { + int32_t netmask; + int32_t address; + int32_t network; + int32_t broadcast; + char info[32]; + int8_t type; +} SubnetUtils; + int32_t subnetInit(SubnetUtils* pUtils, char* range) { char buf[32] = {0}; strncpy(pUtils->info, range, strlen(range)); @@ -247,9 +247,10 @@ int32_t subnetInit(SubnetUtils* pUtils, char* range) { for (int i = 0; i < 4; i++) { pUtils->address |= (ip[i] << (8 * (4 - i - 1))); } - - for (int i = 0; i < ip[4]; i++) { - pUtils->netmask |= (1 << (31 - i)); + if (k == 5) { + for (int i = 0; i < ip[4]; i++) { + pUtils->netmask |= (1 << (31 - i)); + } } pUtils->network = pUtils->address & pUtils->netmask; diff --git a/source/os/src/osSocket.c b/source/os/src/osSocket.c index 2b2a0daf7b..0ec6ded93a 100644 --- a/source/os/src/osSocket.c +++ b/source/os/src/osSocket.c @@ -746,9 +746,9 @@ bool taosValidIpAndPort(uint32_t ip, uint16_t port) { serverAdd.sin_port = (uint16_t)htons(port); fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); - if (fd < 0) { // exception + if (fd < 0) { // exception return false; - } else if (fd <= 2) { // in, out, err + } else if (fd <= 2) { // in, out, err taosCloseSocketNoCheck1(fd); return false; } @@ -895,6 +895,9 @@ int64_t taosCopyFds(TdSocketPtr pSrcSocket, TdSocketPtr pDestSocket, int64_t len } // Function converting an IP address string to an uint32_t. + +#endif // endif 0 + uint32_t ip2uint(const char *const ip_addr) { char ip_addr_cpy[20]; char ip[5]; @@ -921,9 +924,6 @@ uint32_t ip2uint(const char *const ip_addr) { return *((uint32_t *)ip); } - -#endif // endif 0 - void taosBlockSIGPIPE() { #ifdef WINDOWS // ASSERT(0);