Make sure user passwords are migrated if required

diff --git a/include/siri/db/users.h b/include/siri/db/users.h
index f93433fe946e7293c0a012a3fcef1fd049c392da..c48d2b15f9b7c16920752e1ecd30cae502910f4d 100644 (file)
--- a/include/siri/db/users.h
+++ b/include/siri/db/users.h
@@ -28,7 +28,7 @@ int siridb_users_drop_user(
         const char * username,
         char * err_msg);
 siridb_user_t * siridb_users_get_user(
-        llist_t * users,
+        siridb_t * siridb,
         const char * username,
         const char * password);
 int siridb_users_save(siridb_t * siridb);

diff --git a/src/siri/db/auth.c b/src/siri/db/auth.c
index 274a683c1fd25f184c8933a6d0367bd9a74cf5a3..749a35b76149309ddc9842bc2b912183996d8959 100644 (file)
--- a/src/siri/db/auth.c
+++ b/src/siri/db/auth.c
@@ -50,7 +50,7 @@ cproto_server_t siridb_auth_user_request(
     }
 
     if ((user = siridb_users_get_user(
-            siridb->users,
+            siridb,
             username,
             password)) == NULL)
     {

diff --git a/src/siri/db/listener.c b/src/siri/db/listener.c
index e9f33c3abe369f4357be57e5f5c3d264a500b120..98b0c8edda3212ce4570865755116fc13abed247 100644 (file)
--- a/src/siri/db/listener.c
+++ b/src/siri/db/listener.c
@@ -617,7 +617,7 @@ static void enter_alter_user(uv_async_t * handle)
     char name[user_node->len - 1];
     strx_extract_string(name, user_node->str, user_node->len);
 
-    if ((user = siridb_users_get_user(siridb->users, name, NULL)) == NULL)
+    if ((user = siridb_users_get_user(siridb, name, NULL)) == NULL)
     {
         snprintf(query->err_msg,
                 SIRIDB_MAX_SIZE_ERR_MSG,
@@ -744,7 +744,7 @@ static void enter_grant_user(uv_async_t * handle)
     char username[user_node->len - 1];
     strx_extract_string(username, user_node->str, user_node->len);
 
-    if ((user = siridb_users_get_user(siridb->users, username, NULL)) == NULL)
+    if ((user = siridb_users_get_user(siridb, username, NULL)) == NULL)
     {
         snprintf(query->err_msg, SIRIDB_MAX_SIZE_ERR_MSG,
                 "Cannot find user: '%s'", username);
@@ -964,7 +964,7 @@ static void enter_revoke_user(uv_async_t * handle)
     char username[user_node->len - 1];
     strx_extract_string(username, user_node->str, user_node->len);
 
-    if ((user = siridb_users_get_user(siridb->users, username, NULL)) == NULL)
+    if ((user = siridb_users_get_user(siridb, username, NULL)) == NULL)
     {
         snprintf(query->err_msg,
                 SIRIDB_MAX_SIZE_ERR_MSG,

diff --git a/src/siri/db/user.c b/src/siri/db/user.c
index 5a0f1ed849a3bcf3572f5b1ad0b5e29012741aca..25870c7d4428d44c4dc91c6293cda774a7250eae 100644 (file)
--- a/src/siri/db/user.c
+++ b/src/siri/db/user.c
@@ -89,23 +89,34 @@ int siridb_user_set_password(
 
     if (strlen(password) < SIRIDB_MIN_PASSWORD_LEN)
     {
-        sprintf(err_msg, "Password should be at least %d characters.",
-                SIRIDB_MIN_PASSWORD_LEN);
+        if (err_msg != NULL)
+        {
+            sprintf(err_msg,
+                    "Password should be at least %d characters.",
+                    SIRIDB_MIN_PASSWORD_LEN);
+        }
         return -1;
     }
 
     if (strlen(password) > SIRIDB_MAX_PASSWORD_LEN)
     {
-        sprintf(err_msg, "Password should be at most %d characters.",
-                SIRIDB_MAX_PASSWORD_LEN);
+        if (err_msg != NULL)
+        {
+            sprintf(err_msg,
+                    "Password should be at most %d characters.",
+                    SIRIDB_MAX_PASSWORD_LEN);
+        }
         return -1;
     }
 
     if (!strx_is_graph(password))
     {
-        sprintf(err_msg,
-                "Password contains illegal characters. (only graphical "
-                "characters are allowed, no spaces, tabs etc.)");
+        if (err_msg != NULL)
+        {
+            sprintf(err_msg,
+                    "Password contains illegal characters. (only graphical "
+                    "characters are allowed, no spaces, tabs etc.)");
+        }
         return -1;
     }
 
@@ -162,7 +173,7 @@ int siridb_user_set_name(
         return 1;
     }
 
-    if (siridb_users_get_user(siridb->users, name, NULL) != NULL)
+    if (siridb_users_get_user(siridb, name, NULL) != NULL)
     {
         snprintf(err_msg,
                 SIRIDB_MAX_SIZE_ERR_MSG,

diff --git a/src/siri/db/users.c b/src/siri/db/users.c
index c960c2119c3954cc15d31a6c43c1b34d2ba7f059..bd0615873576a05629df478af0c11869593d4721 100644 (file)
--- a/src/siri/db/users.c
+++ b/src/siri/db/users.c
@@ -207,10 +207,11 @@ int siridb_users_add_user(
  * the user will be returned when found.
  */
 siridb_user_t * siridb_users_get_user(
-        llist_t * users,
+        siridb_t * siridb,
         const char * name,
         const char * password)
 {
+    llist_t * users = siridb->users;
     siridb_user_t * user;
     char pw[OWCRYPT_SZ];
 
@@ -220,7 +221,6 @@ siridb_user_t * siridb_users_get_user(
     struct crypt_data fallback_data;
 #endif
 
-
     if ((user = llist_get(
             users,
             (llist_cb) USERS_cmp,
@@ -243,9 +243,15 @@ siridb_user_t * siridb_users_get_user(
     /* Required for compatibility with version < 2.0.14 */
     else if (user->password[0] == '$')
     {
+        /* this will migrate as soon as a user logs in */
+        _Bool is_valid;
         fallback_data.initialized = 0;
         fallback_pw = crypt_r(password, user->password, &fallback_data);
-        return (strcmp(fallback_pw, user->password) == 0) ? user : NULL;
+        is_valid = strcmp(fallback_pw, user->password) == 0;
+        (void) (is_valid && \
+                siridb_user_set_password(user, password, NULL) == 0 && \
+                siridb_users_save(siridb));
+        return is_valid ? user : NULL;
     }
 #endif
     return NULL;