MonetDB: Jan2014 - AUTHinitTables: allow passing a password for ...

Sun, 16 Feb 2014 13:37:21 -0800 

Changeset: 8f6aa798f4c5 for MonetDB
URL: http://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=8f6aa798f4c5
Modified Files:
        clients/Tests/exports.stable.out
        monetdb5/mal/mal_authorize.c
        monetdb5/mal/mal_authorize.h
Branch: Jan2014
Log Message:

AUTHinitTables: allow passing a password for monetdb user

This allows to securely setup a new database.


diffs (62 lines):

diff --git a/clients/Tests/exports.stable.out b/clients/Tests/exports.stable.out
--- a/clients/Tests/exports.stable.out
+++ b/clients/Tests/exports.stable.out
@@ -881,7 +881,7 @@ str AUTHcheckCredentials(oid *ret, Clien
 str AUTHgetPasswordHash(str *ret, Client *c, str *username);
 str AUTHgetUsername(str *ret, Client *c);
 str AUTHgetUsers(BAT **ret, Client *c);
-str AUTHinitTables(void);
+str AUTHinitTables(str *passwd);
 str AUTHremoveUser(Client *c, str *username);
 str AUTHrequireAdmin(Client *c);
 str AUTHresolveUser(str *ret, oid *uid);
diff --git a/monetdb5/mal/mal_authorize.c b/monetdb5/mal/mal_authorize.c
--- a/monetdb5/mal/mal_authorize.c
+++ b/monetdb5/mal/mal_authorize.c
@@ -112,12 +112,13 @@ AUTHcommit(void)
  * Localize the authorization tables in the database.  The authorization
  * tables are a set of aligned BATs that store username, password (hashed)
  * and scenario permissions.
- * If the BATs do not exist, they are created, and the monetdb/monetdb
- * administrator account is added.  Initialising the authorization tables
- * can only be done after the GDK kernel has been initialized.
+ * If the BATs do not exist, they are created, and the monetdb
+ * administrator account is added with the given password (or 'monetdb'
+ * if NULL).  Initialising the authorization tables can only be done
+ * after the GDK kernel has been initialized.
  */
 str
-AUTHinitTables(void) {
+AUTHinitTables(str *passwd) {
        bat bid;
        BAT *b;
        int isNew = 1;
@@ -168,12 +169,13 @@ AUTHinitTables(void) {
                /* insert the monetdb/monetdb administrator account on a
                 * complete fresh and new auth tables system */
                str user = "monetdb";
-               str pw; /* will become the right hash for "monetdb" */
-               int len = (int) strlen(user);
+               str pw = "monetdb";
                oid uid;
                Client c = &mal_clients[0];
 
-               pw = mcrypt_BackendSum(user /* because user == pass */, len);
+               if (passwd != NULL && *passwd != NULL)
+                       pw = *passwd;
+               pw = mcrypt_BackendSum(pw, strlen(pw));
                msg = AUTHaddUser(&uid, &c, &user, &pw);
                free(pw);
                if (msg)
diff --git a/monetdb5/mal/mal_authorize.h b/monetdb5/mal/mal_authorize.h
--- a/monetdb5/mal/mal_authorize.h
+++ b/monetdb5/mal/mal_authorize.h
@@ -38,7 +38,7 @@ mal_export str AUTHgetUsers(BAT **ret, C
 mal_export str AUTHgetPasswordHash(str *ret, Client *c, str *username);
 
 mal_export str AUTHrequireAdmin(Client *c);
-mal_export str AUTHinitTables(void);
+mal_export str AUTHinitTables(str *passwd);
 
 
 /*
_______________________________________________
checkin-list mailing list
checkin-list@monetdb.org
https://www.monetdb.org/mailman/listinfo/checkin-list

Reply via email to