Changeset: 8f6aa798f4c5 for MonetDB
URL: http://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=8f6aa798f4c5
Modified Files:
clients/Tests/exports.stable.out
monetdb5/mal/mal_authorize.c
monetdb5/mal/mal_authorize.h
Branch: Jan2014
Log Message:
AUTHinitTables: allow passing a password for monetdb user
This allows to securely setup a new database.
diffs (62 lines):
diff --git a/clients/Tests/exports.stable.out b/clients/Tests/exports.stable.out
--- a/clients/Tests/exports.stable.out
+++ b/clients/Tests/exports.stable.out
@@ -881,7 +881,7 @@ str AUTHcheckCredentials(oid *ret, Clien
str AUTHgetPasswordHash(str *ret, Client *c, str *username);
str AUTHgetUsername(str *ret, Client *c);
str AUTHgetUsers(BAT **ret, Client *c);
-str AUTHinitTables(void);
+str AUTHinitTables(str *passwd);
str AUTHremoveUser(Client *c, str *username);
str AUTHrequireAdmin(Client *c);
str AUTHresolveUser(str *ret, oid *uid);
diff --git a/monetdb5/mal/mal_authorize.c b/monetdb5/mal/mal_authorize.c
--- a/monetdb5/mal/mal_authorize.c
+++ b/monetdb5/mal/mal_authorize.c
@@ -112,12 +112,13 @@ AUTHcommit(void)
* Localize the authorization tables in the database. The authorization
* tables are a set of aligned BATs that store username, password (hashed)
* and scenario permissions.
- * If the BATs do not exist, they are created, and the monetdb/monetdb
- * administrator account is added. Initialising the authorization tables
- * can only be done after the GDK kernel has been initialized.
+ * If the BATs do not exist, they are created, and the monetdb
+ * administrator account is added with the given password (or 'monetdb'
+ * if NULL). Initialising the authorization tables can only be done
+ * after the GDK kernel has been initialized.
*/
str
-AUTHinitTables(void) {
+AUTHinitTables(str *passwd) {
bat bid;
BAT *b;
int isNew = 1;
@@ -168,12 +169,13 @@ AUTHinitTables(void) {
/* insert the monetdb/monetdb administrator account on a
* complete fresh and new auth tables system */
str user = "monetdb";
- str pw; /* will become the right hash for "monetdb" */
- int len = (int) strlen(user);
+ str pw = "monetdb";
oid uid;
Client c = &mal_clients[0];
- pw = mcrypt_BackendSum(user /* because user == pass */, len);
+ if (passwd != NULL && *passwd != NULL)
+ pw = *passwd;
+ pw = mcrypt_BackendSum(pw, strlen(pw));
msg = AUTHaddUser(&uid, &c, &user, &pw);
free(pw);
if (msg)
diff --git a/monetdb5/mal/mal_authorize.h b/monetdb5/mal/mal_authorize.h
--- a/monetdb5/mal/mal_authorize.h
+++ b/monetdb5/mal/mal_authorize.h
@@ -38,7 +38,7 @@ mal_export str AUTHgetUsers(BAT **ret, C
mal_export str AUTHgetPasswordHash(str *ret, Client *c, str *username);
mal_export str AUTHrequireAdmin(Client *c);
-mal_export str AUTHinitTables(void);
+mal_export str AUTHinitTables(str *passwd);
/*
_______________________________________________
checkin-list mailing list
[email protected]
https://www.monetdb.org/mailman/listinfo/checkin-list
