No need to pass separate username/password here.
This commit is contained in:
parent
73cc271d37
commit
e54bac2a54
@ -756,7 +756,7 @@ int mosquitto_security_init_default(struct mosquitto_db *db, bool reload);
|
||||
int mosquitto_security_apply_default(struct mosquitto_db *db);
|
||||
int mosquitto_security_cleanup_default(struct mosquitto_db *db, bool reload);
|
||||
int mosquitto_acl_check_default(struct mosquitto_db *db, struct mosquitto *context, const char *topic, int access);
|
||||
int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context, const char *username, const char *password);
|
||||
int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context);
|
||||
int mosquitto_psk_key_get_default(struct mosquitto_db *db, struct mosquitto *context, const char *hint, const char *identity, char *key, int max_key_len);
|
||||
|
||||
int mosquitto_security_auth_start(struct mosquitto_db *db, struct mosquitto *context, bool reauth, const void *data_in, uint16_t data_in_len, void **data_out, uint16_t *data_out_len);
|
||||
|
@ -679,7 +679,7 @@ int mosquitto_unpwd_check(struct mosquitto_db *db, struct mosquitto *context)
|
||||
int i;
|
||||
struct mosquitto__security_options *opts;
|
||||
|
||||
rc = mosquitto_unpwd_check_default(db, context, context->username, context->password);
|
||||
rc = mosquitto_unpwd_check_default(db, context);
|
||||
if(rc != MOSQ_ERR_PLUGIN_DEFER){
|
||||
return rc;
|
||||
}
|
||||
|
@ -886,7 +886,7 @@ static int mosquitto__memcmp_const(const void *a, const void *b, size_t len)
|
||||
#endif
|
||||
|
||||
|
||||
int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context, const char *username, const char *password)
|
||||
int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *context)
|
||||
{
|
||||
struct mosquitto__unpwd *u, *tmp;
|
||||
struct mosquitto__unpwd *unpwd_ref;
|
||||
@ -907,7 +907,7 @@ int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *con
|
||||
if(db->config->security_options.password_file == NULL) return MOSQ_ERR_PLUGIN_DEFER;
|
||||
unpwd_ref = db->unpwd;
|
||||
}
|
||||
if(!username){
|
||||
if(context->username == NULL){
|
||||
/* Check must be made only after checking unpwd_ref.
|
||||
* This is DENY here, because in MQTT v5 username can be missing when
|
||||
* password is present, but we don't support that. */
|
||||
@ -915,11 +915,11 @@ int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *con
|
||||
}
|
||||
|
||||
HASH_ITER(hh, unpwd_ref, u, tmp){
|
||||
if(!strcmp(u->username, username)){
|
||||
if(!strcmp(u->username, context->username)){
|
||||
if(u->password){
|
||||
if(password){
|
||||
if(context->password){
|
||||
#ifdef WITH_TLS
|
||||
rc = pw__digest(password, u->salt, u->salt_len, hash, &hash_len);
|
||||
rc = pw__digest(context->password, u->salt, u->salt_len, hash, &hash_len);
|
||||
if(rc == MOSQ_ERR_SUCCESS){
|
||||
if(hash_len == u->password_len && !mosquitto__memcmp_const(u->password, hash, hash_len)){
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
@ -930,7 +930,7 @@ int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *con
|
||||
return rc;
|
||||
}
|
||||
#else
|
||||
if(!strcmp(u->password, password)){
|
||||
if(!strcmp(u->password, context->password)){
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user