From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp3.mail.ru (smtp3.mail.ru [94.100.179.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id BFA8546970F for ; Thu, 21 Nov 2019 21:40:35 +0300 (MSK) Date: Thu, 21 Nov 2019 21:40:34 +0300 From: Kirill Yukhin Message-ID: <20191121184034.flahnju5uvelpvne@tarantool.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Subject: Re: [Tarantool-patches] [PATCH 1/1] replication: use empty password by default List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Vladislav Shpilevoy Cc: tarantool-patches@dev.tarantool.org Hello, On 04 ноя 18:10, Vladislav Shpilevoy wrote: > Replication's applier encoded an auth request with exactly the > same parameters as extracted by the URI parser. I.e. when no > password was specified, the parser returned it as NULL, and it was > not encoded. The relay, received such an auth request, complained > that IPROTO_TUPLE field is not specified (this is password). > > Such an error confuses - a user didn't do anything illegal, he > just used URI like 'login@host:port', without a password after the > login. > > The patch makes the applier use an empty string as a default > password. > > An alternative was to force a user always set a password even if > it is an empty string, like that: 'login:@host:port'. And if a > password was not found in an auth request, then reject it with a > password mismatch error. But in that case a URI of kind > 'login@host:port' becomes useless - it can never pass. In > addition, netbox already uses an empty string as a default > password. So the only way to make it consistent, and don't break > anything - repeat netbox logic for replication URIs. > > Closes #4605 > --- > Issue: https://github.com/tarantool/tarantool/issues/4605 > Branch: https://github.com/tarantool/tarantool/tree/gerold103/gh-4605-empty-password-replication I've checked your patch into 1.10, 2.2 and master. -- Regards, Kirill Yukhin