Merge branch 'fix_auth_timeout' into storageareas

This commit is contained in:
Isaac Connor 2016-09-29 12:22:56 -04:00
commit 07d8d008ba
1 changed files with 14 additions and 4 deletions

View File

@ -171,7 +171,7 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
Debug( 1, "Attempting to authenticate user from auth string '%s'", auth );
char sql[ZM_SQL_SML_BUFSIZ] = "";
snprintf( sql, sizeof(sql), "SELECT Username, Password FROM Users WHERE Enabled = 1" );
snprintf( sql, sizeof(sql), "SELECT Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds FROM Users WHERE Enabled = 1" );
if ( mysql_query( &dbconn, sql ) )
{
@ -204,9 +204,16 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
unsigned char md5sum[md5len];
time_t now = time( 0 );
unsigned int hours =config.auth_hash_ttl;
for ( unsigned int i = 0; i < config.auth_hash_ttl; i++, now -= 3600 )
{
if ( ! hours ) {
Warning("No value set for ZM_AUTH_HASH_TTL. Defaulting to 2.");
hours = 2;
} else {
Debug( 1, "AUTH_HASH_TTL is %d", hours );
}
for ( unsigned int i = 0; i < hours; i++, now -= 3600 ) {
struct tm *now_tm = localtime( &now );
snprintf( auth_key, sizeof(auth_key), "%s%s%s%s%d%d%d%d",
@ -231,7 +238,7 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
{
sprintf( &auth_md5[2*j], "%02x", md5sum[j] );
}
Debug( 1, "Checking auth_key '%s' -> auth_md5 '%s'", auth_key, auth_md5 );
Debug( 1, "Checking auth_key '%s' -> auth_md5 '%s' == '%s'", auth_key, auth_md5, auth );
if ( !strcmp( auth, auth_md5 ) )
{
@ -239,11 +246,14 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
User *user = new User( dbrow );
Debug(1, "Authenticated user '%s'", user->getUsername() );
return( user );
} else {
Debug(1, "No match for %s", auth );
}
}
}
#else // HAVE_DECL_MD5
Error( "You need to build with gnutls or openssl installed to use hash based authentication" );
#endif // HAVE_DECL_MD5
Debug(1, "No user found for auth_key %s", auth );
return( 0 );
}