feat: implement md5 authentication
It prevents password sniffing and avoids storing passwords on the
server in plain text but provides no protection if an attacker
manages to steal the password hash from the server.
Usage example:
```lua
-- Enable the md5 authentication method for all new users.
box.cfg({auth_type = 'md5'})
-- Reset existing user passwords to use the md5 authentication method.
box.schema.user.passwd('alice', 'topsecret')
-- Authenticate using the md5 authentication method via net.box.
conn = require('net.box').connect(uri, {
user = 'alice',
password = 'topsecret',
-- Specifying the authentication method isn't strictly necessary:
-- by default the client will use the method set in the remote
-- server config (box.cfg.auth_type)
auth_type = 'md5',
})
```
part of picodata/picodata/sbroad!377
@TarantoolBot document
Title: md5 authentication method
See the commit message.
Showing
- changelogs/unreleased/support-md5-authentication 5 additions, 0 deletionschangelogs/unreleased/support-md5-authentication
- src/box/CMakeLists.txt 1 addition, 0 deletionssrc/box/CMakeLists.txt
- src/box/auth_md5.c 245 additions, 0 deletionssrc/box/auth_md5.c
- src/box/auth_md5.h 23 additions, 0 deletionssrc/box/auth_md5.h
- src/box/authentication.c 6 additions, 3 deletionssrc/box/authentication.c
- src/lib/core/CMakeLists.txt 3 additions, 0 deletionssrc/lib/core/CMakeLists.txt
- src/lib/core/crypt.c 98 additions, 0 deletionssrc/lib/core/crypt.c
- src/lib/core/crypt.h 44 additions, 0 deletionssrc/lib/core/crypt.h
- src/lib/core/cryptohash.c 106 additions, 0 deletionssrc/lib/core/cryptohash.c
- src/lib/core/cryptohash.h 57 additions, 0 deletionssrc/lib/core/cryptohash.h
- src/lib/core/md5.c 298 additions, 0 deletionssrc/lib/core/md5.c
- src/lib/core/md5.h 84 additions, 0 deletionssrc/lib/core/md5.h
- test/box-luatest/md5_auth_test.lua 107 additions, 0 deletionstest/box-luatest/md5_auth_test.lua
Loading
Please register or sign in to comment