5 лет назад · 4103a7292a
--- a/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl
+++ b/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl
@@ -63,10 +63,8 @@ check(ClientInfo = #{ clientid := Clientid
 
																             emqx_metrics:inc(?AUTH_METRICS(ignore)),
															
 
																             ok;
															
 
																         List ->
															
 
																-            case [ Hash  || <<Salt:4/binary, Hash/binary>> <- lists:sort(fun emqx_auth_mnesia_cli:comparing/2, List),
															
 
																-                            Hash =:= hash(NPassword, Salt, HashType)
															
 
																-                 ] of
															
 
																-                [] ->
															
 
																+            case match_password(NPassword, HashType, List)  of
															
 
																+                false ->
															
 
																                     ?LOG(error, "[Mnesia] Auth from mnesia failed: ~p", [ClientInfo]),
															
 
																                     emqx_metrics:inc(?AUTH_METRICS(failure)),
															
 
																                     {stop, AuthResult#{anonymous => false, auth_result => password_error}};
															
@@ -78,7 +76,34 @@ check(ClientInfo = #{ clientid := Clientid
 
																 description() -> "Authentication with Mnesia".
															
 
																+match_password(Password, HashType, HashList) ->
															
 
																+    lists:any(
															
 
																+      fun(Secret) ->
															
 
																+        case is_salt_hash(Secret, HashType) of
															
 
																+            true ->
															
 
																+                <<Salt:4/binary, Hash/binary>> = Secret,
															
 
																+                Hash =:= hash(Password, Salt, HashType);
															
 
																+            _ ->
															
 
																+                Secret =:= hash(Password, HashType)
															
 
																+        end
															
 
																+      end, HashList).
															
 
																+
															
 
																+hash(undefined, HashType) ->
															
 
																+    hash(<<>>, HashType);
															
 
																+hash(Password, HashType) ->
															
 
																+    emqx_passwd:hash(HashType, Password).
															
 
																+
															
 
																 hash(undefined, SaltBin, HashType) ->
															
 
																     hash(<<>>, SaltBin, HashType);
															
 
																 hash(Password, SaltBin, HashType) ->
															
 
																     emqx_passwd:hash(HashType, <<SaltBin/binary, Password/binary>>).
															
 
																+
															
 
																+is_salt_hash(_, plain) ->
															
 
																+    true;
															
 
																+is_salt_hash(Secret, HashType) ->
															
 
																+    not (byte_size(Secret) == len(HashType)).
															
 
																+
															
 
																+len(md5) -> 32;
															
 
																+len(sha) -> 40;
															
 
																+len(sha256) -> 64;
															
 
																+len(sha512) -> 128.
															
--- a/sync-apps.sh
+++ b/sync-apps.sh
@@ -78,7 +78,7 @@ extract_zip(){
 
																     mv "apps/${repo}-${vsn}/" "apps/$app/"
															
 
																 }
															
 
																-extract_zip "emqx_auth_mnesia" "e4.2.2" "e4.2.2"
															
 
																+extract_zip "emqx_auth_mnesia" "e4.2.3" "e4.2.3"
															
 
																 for app in ${apps[@]}; do
															
 
																     extract_zip "$app" "$default_vsn"
															
 
																 done