[Tarantool-patches] [PATCH 1/1] replication: use empty password by default
Kirill Yukhin
kyukhin at tarantool.org
Thu Nov 21 21:40:34 MSK 2019
Hello,
On 04 ноя 18:10, Vladislav Shpilevoy wrote:
> Replication's applier encoded an auth request with exactly the
> same parameters as extracted by the URI parser. I.e. when no
> password was specified, the parser returned it as NULL, and it was
> not encoded. The relay, received such an auth request, complained
> that IPROTO_TUPLE field is not specified (this is password).
>
> Such an error confuses - a user didn't do anything illegal, he
> just used URI like 'login at host:port', without a password after the
> login.
>
> The patch makes the applier use an empty string as a default
> password.
>
> An alternative was to force a user always set a password even if
> it is an empty string, like that: 'login:@host:port'. And if a
> password was not found in an auth request, then reject it with a
> password mismatch error. But in that case a URI of kind
> 'login at host:port' becomes useless - it can never pass. In
> addition, netbox already uses an empty string as a default
> password. So the only way to make it consistent, and don't break
> anything - repeat netbox logic for replication URIs.
>
> Closes #4605
> ---
> Issue: https://github.com/tarantool/tarantool/issues/4605
> Branch: https://github.com/tarantool/tarantool/tree/gerold103/gh-4605-empty-password-replication
I've checked your patch into 1.10, 2.2 and master.
--
Regards, Kirill Yukhin
More information about the Tarantool-patches
mailing list