Changeset: e3bd7073b4c6 for MonetDB
URL: https://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=e3bd7073b4c6
Modified Files:
monetdb5/mal/mal_authorize.c
monetdb5/mal/mal_authorize.h
Branch: remote_auth
Log Message:
Create stub authorization functions
Just write the credentials in a file on disk for now for testing
purposes. This needs to be changed to use the new table in the vault.
diffs (120 lines):
diff --git a/monetdb5/mal/mal_authorize.c b/monetdb5/mal/mal_authorize.c
--- a/monetdb5/mal/mal_authorize.c
+++ b/monetdb5/mal/mal_authorize.c
@@ -941,42 +941,77 @@ AUTHverifyPassword(const char *passwd)
#endif
}
-/* change name to remote table uri, add client to check that the user
- * has permissions */
str
-AUTHgetRemoteTableCredentials(const char *name, str *username, str *password)
+AUTHgetRemoteTableCredentials(const char *uri, Client cntxt, str *username,
str *password)
{
FILE *fp = fopen("/tmp/remote_table_auth.txt", "r");
+ str localuser;
+ str luri;
+ str tmp;
char buf[BUFSIZ];
char *p, *q;
- (void)name;
+ (void)uri;
fread(buf, 1, BUFSIZ, fp);
- p = strchr(buf, '\n');
- *p = '\0';
- *username = strdup(buf);
- q = strchr(p + 1, '\n');
- *q = '\0';
- *password = strdup(p + 1);
+ q = buf;
+ p = strchr(buf, ',');
+ *p = 0;
+ luri = GDKstrdup(q);
+
+ q = p + 1;
+ p = strchr(q, ',');
+ *p = 0;
+ localuser = GDKstrdup(q);
+
+ q = p + 1;
+ p = strchr(q, ',');
+ *p = 0;
+ *username = GDKstrdup(q);
+
+ q = p + 1;
+ p = strchr(q, '\n');
+ *p = 0;
+ *password = GDKstrdup(q);
fclose(fp);
+
+ /* mem leak */
+ rethrow("checkCredentials", tmp, AUTHrequireAdminOrUser(cntxt,
localuser));
+ /* if (strcmp(uri, luri)) { */
+ /* GDKfree(luri); */
+ /* GDKfree(localuser); */
+ /* throw(MAL, "getRemoteTableCredentials", SQLSTATE(HY001) "URIs
do not match"); */
+ /* } */
+
+ GDKfree(luri);
+ GDKfree(localuser);
+
return MAL_SUCCEED;
}
-/* change name to remote table uri, add local user */
str
-AUTHaddRemoteTableCredentials(const char *name, const char *user, const char
*pass, bool pw_encrypted)
+AUTHaddRemoteTableCredentials(const char *uri, const char *localuser, const
char *remoteuser, const char *pass, bool pw_encrypted)
{
/* Work in Progress */
FILE *fp = fopen("/tmp/remote_table_auth.txt", "w");
char *password = NULL;
bool free_pw = false;
+ // str tmp;
+ BUN p;
- (void)name;
+ (void)remoteuser;
+
+ if (uri == NULL || strNil(uri))
+ throw(ILLARG, "addRemoteTableCredentials", "URI cannot be nil");
+ if (localuser == NULL || strNil(localuser))
+ throw(ILLARG, "addRemoteTableCredentials", "local user name
cannot be nil");
+
+ (void)p;
if (pass == NULL) {
- AUTHgetPasswordHash(&password, NULL, user);
+ /* NOTE: Is having the client == NULL safe? */
+ AUTHgetPasswordHash(&password, NULL, localuser);
}
else {
free_pw = true;
@@ -987,7 +1022,9 @@ AUTHaddRemoteTableCredentials(const char
password = mcrypt_BackendSum(pass, strlen(pass));
}
}
- fprintf(fp, "%s\n%s\n", user, password);
+ // rethrow("addUser", tmp, AUTHverifyPassword(password));
+
+ fprintf(fp, "%s,%s,%s,%s\n",uri, localuser, remoteuser, password);
fclose(fp);
if (free_pw) {
diff --git a/monetdb5/mal/mal_authorize.h b/monetdb5/mal/mal_authorize.h
--- a/monetdb5/mal/mal_authorize.h
+++ b/monetdb5/mal/mal_authorize.h
@@ -27,8 +27,8 @@ mal_export str AUTHgetPasswordHash(str *
mal_export str AUTHinitTables(const char *passwd);
-mal_export str AUTHaddRemoteTableCredentials(const char *name, const char
*user, const char *pass, bool pw_encrypted);
-mal_export str AUTHgetRemoteTableCredentials(const char *name, str *username,
str *password);
+mal_export str AUTHaddRemoteTableCredentials(const char *uri, const char
*localuser, const char *remoteuser, const char *pass, bool pw_encrypted);
+mal_export str AUTHgetRemoteTableCredentials(const char *uri, Client cntxt,
str *username, str *password);
/*
_______________________________________________
checkin-list mailing list
checkin-list@monetdb.org
https://www.monetdb.org/mailman/listinfo/checkin-list
