diff options
author | Simon MacMullen <simon@rabbitmq.com> | 2010-11-11 17:34:16 +0000 |
---|---|---|
committer | Simon MacMullen <simon@rabbitmq.com> | 2010-11-11 17:34:16 +0000 |
commit | 8ea7a5d5d6a8e811fada05c8fbd42573ede6ae8b (patch) | |
tree | 10b1ef50bebb25a9d422ccdf49334958d3f99065 | |
parent | ce2e8d76bc77fcf7cb3ebb7db89fba16f82ead35 (diff) | |
download | rabbitmq-server-8ea7a5d5d6a8e811fada05c8fbd42573ede6ae8b.tar.gz |
Add upgrades for password hashing and listeners having IP addresses
-rw-r--r-- | src/rabbit_access_control.erl | 3 | ||||
-rw-r--r-- | src/rabbit_upgrade_functions.erl | 58 |
2 files changed, 47 insertions, 14 deletions
diff --git a/src/rabbit_access_control.erl b/src/rabbit_access_control.erl index 3388e5e7..bc588013 100644 --- a/src/rabbit_access_control.erl +++ b/src/rabbit_access_control.erl @@ -37,7 +37,7 @@ check_vhost_access/2, check_resource_access/3]). -export([add_user/2, delete_user/1, change_password/2, set_admin/1, clear_admin/1, list_users/0, lookup_user/1]). --export([change_password_hash/2]). +-export([change_password_hash/2, hash_password/1]). -export([add_vhost/1, delete_vhost/1, vhost_exists/1, list_vhosts/0]). -export([set_permissions/5, clear_permissions/2, list_permissions/0, list_vhost_permissions/1, list_user_permissions/1, @@ -73,6 +73,7 @@ -spec(delete_user/1 :: (username()) -> 'ok'). -spec(change_password/2 :: (username(), password()) -> 'ok'). -spec(change_password_hash/2 :: (username(), password_hash()) -> 'ok'). +-spec(hash_password/1 :: (password()) -> password_hash()). -spec(set_admin/1 :: (username()) -> 'ok'). -spec(clear_admin/1 :: (username()) -> 'ok'). -spec(list_users/0 :: () -> [{username(), boolean()}]). diff --git a/src/rabbit_upgrade_functions.erl b/src/rabbit_upgrade_functions.erl index 59b8705d..3baac37e 100644 --- a/src/rabbit_upgrade_functions.erl +++ b/src/rabbit_upgrade_functions.erl @@ -24,28 +24,60 @@ -compile([export_all]). --rabbit_upgrade({remove_user_scope, []}). +-rabbit_upgrade({remove_user_scope, []}). +-rabbit_upgrade({hash_passwords, []}). +-rabbit_upgrade({add_ip_to_listener, []}). %% ------------------------------------------------------------------- -ifdef(use_specs). --spec(remove_user_scope/0 :: () -> 'ok'). +-spec(remove_user_scope/0 :: () -> 'ok'). +-spec(hash_passwords/0 :: () -> 'ok'). +-spec(add_ip_to_listener/0 :: () -> 'ok'). -endif. %%-------------------------------------------------------------------- remove_user_scope() -> - {atomic, ok} = mnesia:transform_table( - rabbit_user_permission, - fun (Perm = #user_permission{ - permission = {permission, - _Scope, Conf, Write, Read}}) -> - Perm#user_permission{ - permission = #permission{configure = Conf, - write = Write, - read = Read}} - end, - record_info(fields, user_permission)), + mnesia( + rabbit_user_permission, + fun (Perm = #user_permission{ + permission = {permission, + _Scope, Conf, Write, Read}}) -> + Perm#user_permission{ + permission = #permission{configure = Conf, + write = Write, + read = Read}} + end, + record_info(fields, user_permission)). + +hash_passwords() -> + mnesia( + rabbit_user, + fun ({user, Username, Password, IsAdmin}) -> + Hash = rabbit_access_control:hash_password(Password), + #user{username = Username, + password_hash = Hash, + is_admin = IsAdmin} + end, + record_info(fields, user)). + +add_ip_to_listener() -> + mnesia( + rabbit_listener, + fun ({listener, Node, Protocol, Host, Port}) -> + #listener{node = Node, + protocol = Protocol, + host = Host, + ip_address = {0,0,0,0}, + port = Port} + end, + record_info(fields, listener)). + +%%-------------------------------------------------------------------- + +mnesia(TableName, Fun, RecordInfo) -> + {atomic, ok} = mnesia:transform_table(TableName, Fun, RecordInfo), ok. |