Check correct password list.
This commit is contained in:
parent
57e852db05
commit
a571104809
@ -96,9 +96,11 @@ static char *fgets_extending(char **buf, int *buflen, FILE *stream)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static void conf__set_cur_security_options(struct mosquitto__config *config, struct mosquitto__security_options **security_options)
|
static void conf__set_cur_security_options(struct mosquitto__config *config, struct mosquitto__listener *cur_listener, struct mosquitto__security_options **security_options)
|
||||||
{
|
{
|
||||||
if(!(*security_options)){
|
if(config->per_listener_settings){
|
||||||
|
(*security_options) = &cur_listener->security_options;
|
||||||
|
}else{
|
||||||
(*security_options) = &config->security_options;
|
(*security_options) = &config->security_options;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1450,7 +1452,7 @@ int config__read_file_core(struct mosquitto__config *config, bool reload, const
|
|||||||
log__printf(NULL, MOSQ_LOG_WARNING, "Warning: Bridge support not available.");
|
log__printf(NULL, MOSQ_LOG_WARNING, "Warning: Bridge support not available.");
|
||||||
#endif
|
#endif
|
||||||
}else if(!strcmp(token, "password_file")){
|
}else if(!strcmp(token, "password_file")){
|
||||||
conf__set_cur_security_options(config, &cur_security_options);
|
conf__set_cur_security_options(config, cur_listener, &cur_security_options);
|
||||||
if(reload){
|
if(reload){
|
||||||
mosquitto__free(cur_security_options->password_file);
|
mosquitto__free(cur_security_options->password_file);
|
||||||
cur_security_options->password_file = NULL;
|
cur_security_options->password_file = NULL;
|
||||||
|
@ -688,6 +688,7 @@ static int mosquitto__memcmp_const(const void *a, const void *b, size_t len)
|
|||||||
int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context, const char *username, const char *password)
|
int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context, const char *username, const char *password)
|
||||||
{
|
{
|
||||||
struct mosquitto__unpwd *u, *tmp;
|
struct mosquitto__unpwd *u, *tmp;
|
||||||
|
struct mosquitto__unpwd *unpwd_ref;
|
||||||
#ifdef WITH_TLS
|
#ifdef WITH_TLS
|
||||||
unsigned char hash[EVP_MAX_MD_SIZE];
|
unsigned char hash[EVP_MAX_MD_SIZE];
|
||||||
unsigned int hash_len;
|
unsigned int hash_len;
|
||||||
@ -698,12 +699,14 @@ int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *con
|
|||||||
if(db->config->per_listener_settings){
|
if(db->config->per_listener_settings){
|
||||||
if(!context->listener) return MOSQ_ERR_INVAL;
|
if(!context->listener) return MOSQ_ERR_INVAL;
|
||||||
if(!context->listener->unpwd) return MOSQ_ERR_PLUGIN_DEFER;
|
if(!context->listener->unpwd) return MOSQ_ERR_PLUGIN_DEFER;
|
||||||
|
unpwd_ref = context->listener->unpwd;
|
||||||
}else{
|
}else{
|
||||||
if(!db->unpwd) return MOSQ_ERR_PLUGIN_DEFER;
|
if(!db->unpwd) return MOSQ_ERR_PLUGIN_DEFER;
|
||||||
|
unpwd_ref = db->unpwd;
|
||||||
}
|
}
|
||||||
if(!username) return MOSQ_ERR_INVAL; /* Check must be made only after checking db->unpwd. */
|
if(!username) return MOSQ_ERR_INVAL; /* Check must be made only after checking unpwd_ref. */
|
||||||
|
|
||||||
HASH_ITER(hh, db->unpwd, u, tmp){
|
HASH_ITER(hh, unpwd_ref, u, tmp){
|
||||||
if(!strcmp(u->username, username)){
|
if(!strcmp(u->username, username)){
|
||||||
if(u->password){
|
if(u->password){
|
||||||
if(password){
|
if(password){
|
||||||
|
Loading…
Reference in New Issue
Block a user