box: drop redundant guest password checks from authenticate

The guest can't have a non-empty password - it's explicitly prevented by the _user trigger callback: https://github.com/tarantool/tarantool/blob/2ed06651c317f2d46631b0d55e4b88f2c8a6c0a0/src/box/alter.cc#L2930-L2936 So there's no need to check the guest user password in authenticate. NO_DOC=code cleanup NO_TEST=code cleanup NO_CHANGELOG=code cleanup

box: drop redundant guest password checks from authenticate
26f69561 · Vladimir Davydov · Vladimir Davydov · 85ef1118 · 26f69561
Commit 26f69561 authored 2 years ago by Vladimir Davydov Committed by Vladimir Davydov 2 years ago
--- a/src/box/authentication.cc
+++ b/src/box/authentication.cc
@@ -35,8 +35,6 @@
 #include "error.h"
 #include <base64.h>

-static char zero_hash[SCRAMBLE_SIZE];
-
 void
 authenticate(const char *user_name, uint32_t len, const char *salt,
 	     const char *tuple)
@@ -55,20 +53,13 @@ authenticate(const char *user_name, uint32_t len, const char *salt,
 	const char *scramble;
 	struct on_auth_trigger_ctx auth_res = { user->def->name, true };
 	/*
-	 * Allow authenticating back to GUEST user without
-	 * checking a password. This is useful for connection
-	 * pooling.
+	 * Allow authenticating back to the guest user without a password,
+	 * because the guest user isn't allowed to have a password, anyway.
+	 * This is useful for connection pooling.
 	 */
 	part_count = mp_decode_array(&tuple);
-	if (part_count == 0 && user->def->uid == GUEST) {
-		if (memcmp(user->def->hash2, zero_hash, SCRAMBLE_SIZE) == 0)
-			goto ok; /* no password is set, OK */
-		char hash2[SCRAMBLE_SIZE];
-		base64_decode(CHAP_SHA1_EMPTY_PASSWORD, SCRAMBLE_BASE64_SIZE,
-			      hash2, SCRAMBLE_SIZE);
-		if (memcmp(user->def->hash2, hash2, SCRAMBLE_SIZE) == 0)
-			goto ok; /* empty password is set, OK */
-	}
+	if (part_count == 0 && user->def->uid == GUEST)
+		goto ok;

 	access_check_session_xc(user);