5 лет назад · 4103a7292a
--- a/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl
+++ b/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl
@@ -63,10 +63,8 @@ check(ClientInfo = #{ clientid := Clientid
 
				             emqx_metrics:inc(?AUTH_METRICS(ignore)),
			
 
				             ok;
			
 
				         List ->
			
 
				-            case [ Hash  || <<Salt:4/binary, Hash/binary>> <- lists:sort(fun emqx_auth_mnesia_cli:comparing/2, List),
			
 
				-                            Hash =:= hash(NPassword, Salt, HashType)
			
 
				-                 ] of
			
 
				-                [] ->
			
 
				+            case match_password(NPassword, HashType, List)  of
			
 
				+                false ->
			
 
				                     ?LOG(error, "[Mnesia] Auth from mnesia failed: ~p", [ClientInfo]),
			
 
				                     emqx_metrics:inc(?AUTH_METRICS(failure)),
			
 
				                     {stop, AuthResult#{anonymous => false, auth_result => password_error}};
			
@@ -78,7 +76,34 @@ check(ClientInfo = #{ clientid := Clientid
 
				 
			
 
				 description() -> "Authentication with Mnesia".
			
 
				 
			
 
				+match_password(Password, HashType, HashList) ->
			
 
				+    lists:any(
			
 
				+      fun(Secret) ->
			
 
				+        case is_salt_hash(Secret, HashType) of
			
 
				+            true ->
			
 
				+                <<Salt:4/binary, Hash/binary>> = Secret,
			
 
				+                Hash =:= hash(Password, Salt, HashType);
			
 
				+            _ ->
			
 
				+                Secret =:= hash(Password, HashType)
			
 
				+        end
			
 
				+      end, HashList).
			
 
				+
			
 
				+hash(undefined, HashType) ->
			
 
				+    hash(<<>>, HashType);
			
 
				+hash(Password, HashType) ->
			
 
				+    emqx_passwd:hash(HashType, Password).
			
 
				+
			
 
				 hash(undefined, SaltBin, HashType) ->
			
 
				     hash(<<>>, SaltBin, HashType);
			
 
				 hash(Password, SaltBin, HashType) ->
			
 
				     emqx_passwd:hash(HashType, <<SaltBin/binary, Password/binary>>).
			
 
				+
			
 
				+is_salt_hash(_, plain) ->
			
 
				+    true;
			
 
				+is_salt_hash(Secret, HashType) ->
			
 
				+    not (byte_size(Secret) == len(HashType)).
			
 
				+
			
 
				+len(md5) -> 32;
			
 
				+len(sha) -> 40;
			
 
				+len(sha256) -> 64;
			
 
				+len(sha512) -> 128.
			
--- a/sync-apps.sh
+++ b/sync-apps.sh
@@ -78,7 +78,7 @@ extract_zip(){
 
				     mv "apps/${repo}-${vsn}/" "apps/$app/"
			
 
				 }
			
 
				 
			
 
				-extract_zip "emqx_auth_mnesia" "e4.2.2" "e4.2.2"
			
 
				+extract_zip "emqx_auth_mnesia" "e4.2.3" "e4.2.3"
			
 
				 for app in ${apps[@]}; do
			
 
				     extract_zip "$app" "$default_vsn"
			
 
				 done