"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "auth/store.go" between
etcd-3.4.8.tar.gz and etcd-3.4.9.tar.gz

About: etcd is a distributed reliable key-value store for the most critical data of a distributed system (written in "Go").

store.go  (etcd-3.4.8):store.go  (etcd-3.4.9)
skipping to change at line 349 skipping to change at line 349
plog.Debugf("authorized %s, token is %s", username, token) plog.Debugf("authorized %s, token is %s", username, token)
} }
return &pb.AuthenticateResponse{Token: token}, nil return &pb.AuthenticateResponse{Token: token}, nil
} }
func (as *authStore) CheckPassword(username, password string) (uint64, error) { func (as *authStore) CheckPassword(username, password string) (uint64, error) {
if !as.IsAuthEnabled() { if !as.IsAuthEnabled() {
return 0, ErrAuthNotEnabled return 0, ErrAuthNotEnabled
} }
tx := as.be.BatchTx() var user *authpb.User
tx.Lock() // CompareHashAndPassword is very expensive, so we use closures
defer tx.Unlock() // to avoid putting it in the critical section of the tx lock.
revision, err := func() (uint64, error) {
tx := as.be.BatchTx()
tx.Lock()
defer tx.Unlock()
user = getUser(as.lg, tx, username)
if user == nil {
return 0, ErrAuthFailed
}
user := getUser(as.lg, tx, username) if user.Options != nil && user.Options.NoPassword {
if user == nil { return 0, ErrAuthFailed
return 0, ErrAuthFailed }
}
if user.Options != nil && user.Options.NoPassword { return getRevision(tx), nil
return 0, ErrAuthFailed }()
if err != nil {
return 0, err
} }
if bcrypt.CompareHashAndPassword(user.Password, []byte(password)) != nil { if bcrypt.CompareHashAndPassword(user.Password, []byte(password)) != nil {
if as.lg != nil { if as.lg != nil {
as.lg.Info("invalid password", zap.String("user-name", us ername)) as.lg.Info("invalid password", zap.String("user-name", us ername))
} else { } else {
plog.Noticef("authentication failed, invalid password for user %s", username) plog.Noticef("authentication failed, invalid password for user %s", username)
} }
return 0, ErrAuthFailed return 0, ErrAuthFailed
} }
return getRevision(tx), nil return revision, nil
} }
func (as *authStore) Recover(be backend.Backend) { func (as *authStore) Recover(be backend.Backend) {
enabled := false enabled := false
as.be = be as.be = be
tx := be.BatchTx() tx := be.BatchTx()
tx.Lock() tx.Lock()
_, vs := tx.UnsafeRange(authBucketName, enableFlagKey, nil, 0) _, vs := tx.UnsafeRange(authBucketName, enableFlagKey, nil, 0)
if len(vs) == 1 { if len(vs) == 1 {
if bytes.Equal(vs[0], authEnabled) { if bytes.Equal(vs[0], authEnabled) {
 End of changes. 4 change blocks. 
10 lines changed or deleted 20 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)