The password is no longer stored in clear text, so you may need to reinstall the database

2019-07-16 10:31:43 +08:00 · 2019-07-16 10:31:43 +08:00 · 76ac9464d5
parent 7fa03ddff2
commit 76ac9464d5
5 changed files with 17 additions and 7 deletions
--- a/src/client/src/tscSql.c
+++ b/src/client/src/tscSql.c
@ -74,7 +74,7 @@ TAOS *taos_connect_imp(char *ip, char *user, char *pass, char *db, int port, voi
  pObj->signature = pObj;

  strncpy(pObj->user, user, TSDB_USER_LEN);
-  strncpy(pObj->pass, pass, TSDB_KEY_LEN);
+  taosEncryptPass(pass, strlen(pass), pObj->pass);
  pObj->mgmtPort = port ? port : tsMgmtShellPort;

  if (db) {
--- a/src/inc/tutil.h
+++ b/src/inc/tutil.h
@ -16,6 +16,8 @@
 #ifndef TDENGINE_TUTIL_H
 #define TDENGINE_TUTIL_H

+#include "tmd5.h"
+
 #ifdef __cplusplus
 extern "C" {
 #endif
@ -199,6 +201,14 @@ bool taosUcs4ToMbs(void *ucs4, int32_t ucs4_max_len, char *mbs);

 bool taosValidateEncodec(char *encodec);

+static FORCE_INLINE void taosEncryptPass(uint8_t *inBuf, unsigned int inLen, char *target) {
+  MD5_CTX context;
+  MD5Init(&context);
+  MD5Update(&context, inBuf, inLen);
+  MD5Final(&context);
+  memcpy(target, context.digest, TSDB_KEY_LEN);
+}
+
 #define __sync_val_compare_and_swap_64 __sync_val_compare_and_swap
 #define __sync_val_compare_and_swap_32 __sync_val_compare_and_swap
 #define __sync_add_and_fetch_64 __sync_add_and_fetch
--- a/src/system/src/mgmtShell.c
+++ b/src/system/src/mgmtShell.c
@ -440,7 +440,7 @@ int mgmtProcessAlterUserMsg(char *pMsg, int msgLen, SConnObj *pConn) {
             (strcmp(pConn->pUser->user, "root") == 0)) {
    if ((pAlter->flag & TSDB_ALTER_USER_PASSWD) != 0) {
      memset(pUser->pass, 0, sizeof(pUser->pass));
-      strcpy(pUser->pass, pAlter->pass);
+      taosEncryptPass((uint8_t *)(pAlter->pass), strlen(pAlter->pass), pUser->pass);
    }
    if ((pAlter->flag & TSDB_ALTER_USER_PRIVILEGES) != 0) {
      if (pAlter->privilege == 1) {  // super
--- a/src/system/src/mgmtUser.c
+++ b/src/system/src/mgmtUser.c
@ -109,7 +109,7 @@ int mgmtCreateUser(SAcctObj *pAcct, char *name, char *pass) {
  pUser = malloc(sizeof(SUserObj));
  memset(pUser, 0, sizeof(SUserObj));
  strcpy(pUser->user, name);
-  strcpy(pUser->pass, pass);
+  taosEncryptPass((uint8_t *)pass, strlen(pass), pUser->pass);
  strcpy(pUser->acct, pAcct->user);
  pUser->createdTime = taosGetTimestampMs();
  pUser->superAuth = 0;
--- a/src/util/src/version.c
+++ b/src/util/src/version.c
@ -1,4 +1,4 @@
-char version[64] = "1.6.0.0";
-char compatible_version[64] = "1.6.0.0";
-char gitinfo[128] = "82cbce3261d06ab37c3bd4786c7b2e3d2316c42a";
-char buildinfo[512] = "Built by ubuntu at 2019-07-05 18:42";
+char version[64] = "1.6.1.0";
+char compatible_version[64] = "1.6.1.0";
+char gitinfo[128] = "01eb2fd1402c952689a6874a5b1ec09fca5f4f13";
+char buildinfo[512] = "Built by ubuntu at 2019-07-16 10:18";