d0kuhn/mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check correct password list.

Browse Source
This commit is contained in:
Roger A. Light 2018-03-15 11:08:19 +00:00
parent 57e852db05
commit a571104809
2 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/conf.c
View File

@ -96,9 +96,11 @@ static char *fgets_extending(char **buf, int *buflen, FILE *stream)
} }
static void conf__set_cur_security_options(struct mosquitto__config *config, struct mosquitto__security_options **security_options) static void conf__set_cur_security_options(struct mosquitto__config *config, struct mosquitto__listener *cur_listener, struct mosquitto__security_options **security_options)
{ {
if(!(*security_options)){ if(config->per_listener_settings){
(*security_options) = &cur_listener->security_options;
}else{
(*security_options) = &config->security_options; (*security_options) = &config->security_options;
} }
} }
@ -1450,7 +1452,7 @@ int config__read_file_core(struct mosquitto__config *config, bool reload, const
log__printf(NULL, MOSQ_LOG_WARNING, "Warning: Bridge support not available."); log__printf(NULL, MOSQ_LOG_WARNING, "Warning: Bridge support not available.");
#endif #endif
}else if(!strcmp(token, "password_file")){ }else if(!strcmp(token, "password_file")){
conf__set_cur_security_options(config, &cur_security_options); conf__set_cur_security_options(config, cur_listener, &cur_security_options);
if(reload){ if(reload){
mosquitto__free(cur_security_options->password_file); mosquitto__free(cur_security_options->password_file);
cur_security_options->password_file = NULL; cur_security_options->password_file = NULL;

7
src/security_default.c
View File

@ -688,6 +688,7 @@ static int mosquitto__memcmp_const(const void *a, const void *b, size_t len)
int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context, const char *username, const char *password) int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context, const char *username, const char *password)
{ {
struct mosquitto__unpwd *u, *tmp; struct mosquitto__unpwd *u, *tmp;
struct mosquitto__unpwd *unpwd_ref;
#ifdef WITH_TLS #ifdef WITH_TLS
unsigned char hash[EVP_MAX_MD_SIZE]; unsigned char hash[EVP_MAX_MD_SIZE];
unsigned int hash_len; unsigned int hash_len;
@ -698,12 +699,14 @@ int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *con
if(db->config->per_listener_settings){ if(db->config->per_listener_settings){
if(!context->listener) return MOSQ_ERR_INVAL; if(!context->listener) return MOSQ_ERR_INVAL;
if(!context->listener->unpwd) return MOSQ_ERR_PLUGIN_DEFER; if(!context->listener->unpwd) return MOSQ_ERR_PLUGIN_DEFER;
unpwd_ref = context->listener->unpwd;
}else{ }else{
if(!db->unpwd) return MOSQ_ERR_PLUGIN_DEFER; if(!db->unpwd) return MOSQ_ERR_PLUGIN_DEFER;
unpwd_ref = db->unpwd;
} }
if(!username) return MOSQ_ERR_INVAL; /* Check must be made only after checking db->unpwd. */ if(!username) return MOSQ_ERR_INVAL; /* Check must be made only after checking unpwd_ref. */
HASH_ITER(hh, db->unpwd, u, tmp){ HASH_ITER(hh, unpwd_ref, u, tmp){
if(!strcmp(u->username, username)){ if(!strcmp(u->username, username)){
if(u->password){ if(u->password){
if(password){ if(password){