From: Konstantin Osipov <kostja@tarantool.org>
To: Vladimir Davydov <vdavydov.dev@gmail.com>
Cc: tarantool-patches@freelists.org
Subject: Re: [PATCH v2] auth: fix empty password authentication
Date: Mon, 15 Jul 2019 22:52:05 +0300 [thread overview]
Message-ID: <20190715195205.GC4099@atlas> (raw)
In-Reply-To: <704d9c5686cb5bacfa53a7459a2eea411812bcc5.1563207875.git.vdavydov.dev@gmail.com>
* Vladimir Davydov <vdavydov.dev@gmail.com> [19/07/15 19:27]:
> We are supposed to authenticate guest user without a password. This
> used to work before commit 076a842011e0 ("Permit empty passwords in
> net.box"), when guest didn't have any password. Now it has an empty
> password and the check in authenticate turns out to be broken, which
> breaks assumptions made by certain connectors. This patch fixes the
> check.
>
> Closes #4327
> ---
> https://github.com/tarantool/tarantool/issues/4327
> https://github.com/tarantool/tarantool/tree/dv/gh-4327-fix-empty-password-auth
>
> Changes in v2:
> - Don't change the way net.box treats absense of a password.
> Just fix the issue in question.
>
> v1: https://www.freelists.org/post/tarantool-patches/PATCH-auth-fix-empty-password-authentication
>
> src/box/authentication.cc | 21 +++++++++++++++------
> 1 file changed, 15 insertions(+), 6 deletions(-)
>
> diff --git a/src/box/authentication.cc b/src/box/authentication.cc
> index 811974cb..b0459a5b 100644
> --- a/src/box/authentication.cc
> +++ b/src/box/authentication.cc
> @@ -33,8 +33,13 @@
> #include "session.h"
> #include "msgpuck.h"
> #include "error.h"
> +#include "third_party/base64.h"
>
> -static char zero_hash[SCRAMBLE_SIZE];
> +/**
> + * chap-sha1 of empty string, i.e.
> + * base64_encode(sha1(sha1(""), 0)
> + */
> +static const char *CHAP_SHA1_EMPTY_PASSWORD = "vhvewKp0tNyweZQ+cFKAlsyphfg=";
Do you insist on copy-pasting it from alter.cc?
>
> void
> authenticate(const char *user_name, uint32_t len, const char *salt,
> @@ -52,10 +57,14 @@ authenticate(const char *user_name, uint32_t len, const char *salt,
> * pooling.
> */
> part_count = mp_decode_array(&tuple);
> - if (part_count == 0 && user->def->uid == GUEST &&
> - memcmp(user->def->hash2, zero_hash, SCRAMBLE_SIZE) == 0) {
> - /* No password is set for GUEST, OK. */
> - goto ok;
> + if (part_count == 0 && user->def->uid == GUEST) {
> + char hash2[SCRAMBLE_SIZE];
> + base64_decode(CHAP_SHA1_EMPTY_PASSWORD, SCRAMBLE_BASE64_SIZE,
> + hash2, SCRAMBLE_SIZE);
> + if (memcmp(user->def->hash2, hash2, SCRAMBLE_SIZE) == 0) {
> + /* Empty password is set, OK. */
> + goto ok;
> + }
I think we're still misunderstanding each other. Both zero hash
and empty string should work. We should become more permissive,
not less.
--
Konstantin Osipov, Moscow, Russia
next prev parent reply other threads:[~2019-07-15 19:52 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-15 16:26 Vladimir Davydov
2019-07-15 19:52 ` Konstantin Osipov [this message]
2019-07-17 11:51 ` Vladimir Davydov
2019-07-17 14:28 ` Konstantin Osipov
2019-07-17 14:49 ` Vladimir Davydov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190715195205.GC4099@atlas \
--to=kostja@tarantool.org \
--cc=tarantool-patches@freelists.org \
--cc=vdavydov.dev@gmail.com \
--subject='Re: [PATCH v2] auth: fix empty password authentication' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox