d0kuhn/mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

No need to pass separate username/password here.

Browse Source
This commit is contained in:
Roger A. Light 2020-05-28 00:27:32 +01:00
parent 73cc271d37
commit e54bac2a54
3 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/mosquitto_broker_internal.h
View File

@ -756,7 +756,7 @@ int mosquitto_security_init_default(struct mosquitto_db *db, bool reload);
int mosquitto_security_apply_default(struct mosquitto_db *db);
int mosquitto_security_cleanup_default(struct mosquitto_db *db, bool reload);
int mosquitto_acl_check_default(struct mosquitto_db *db, struct mosquitto *context, const char *topic, int access);
int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context, const char *username, const char *password);
int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context);
int mosquitto_psk_key_get_default(struct mosquitto_db *db, struct mosquitto *context, const char *hint, const char *identity, char *key, int max_key_len);
int mosquitto_security_auth_start(struct mosquitto_db *db, struct mosquitto *context, bool reauth, const void *data_in, uint16_t data_in_len, void **data_out, uint16_t *data_out_len);

2
src/security.c
View File

@ -679,7 +679,7 @@ int mosquitto_unpwd_check(struct mosquitto_db *db, struct mosquitto *context)
int i;
struct mosquitto__security_options *opts;
rc = mosquitto_unpwd_check_default(db, context, context->username, context->password);
rc = mosquitto_unpwd_check_default(db, context);
if(rc != MOSQ_ERR_PLUGIN_DEFER){
return rc;
}

12
src/security_default.c
View File

@ -886,7 +886,7 @@ static int mosquitto__memcmp_const(const void *a, const void *b, size_t len)
#endif
int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context, const char *username, const char *password)
int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context)
{
struct mosquitto__unpwd *u, *tmp;
struct mosquitto__unpwd *unpwd_ref;
@ -907,7 +907,7 @@ int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *con
if(db->config->security_options.password_file == NULL) return MOSQ_ERR_PLUGIN_DEFER;
unpwd_ref = db->unpwd;
}
if(!username){
if(context->username == NULL){
/* Check must be made only after checking unpwd_ref.
* This is DENY here, because in MQTT v5 username can be missing when
* password is present, but we don't support that. */
@ -915,11 +915,11 @@ int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *con
}
HASH_ITER(hh, unpwd_ref, u, tmp){
if(!strcmp(u->username, username)){
if(!strcmp(u->username, context->username)){
if(u->password){
if(password){
if(context->password){
#ifdef WITH_TLS
rc = pw__digest(password, u->salt, u->salt_len, hash, &hash_len);
rc = pw__digest(context->password, u->salt, u->salt_len, hash, &hash_len);
if(rc == MOSQ_ERR_SUCCESS){
if(hash_len == u->password_len && !mosquitto__memcmp_const(u->password, hash, hash_len)){
return MOSQ_ERR_SUCCESS;
@ -930,7 +930,7 @@ int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *con
return rc;
}
#else
if(!strcmp(u->password, password)){
if(!strcmp(u->password, context->password)){
return MOSQ_ERR_SUCCESS;
}
#endif