Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Changing password for a user with non-standard password hashing function fails #623

Closed
michaelklishin opened this issue Feb 12, 2016 · 5 comments
Closed

Changing password for a user with non-standard password hashing function fails #623

michaelklishin opened this issue Feb 12, 2016 · 5 comments
Assignees
@hairyhum
Labels
bug
Milestone
3.6.1

Comments

@michaelklishin
Copy link
Member

See this thread and this report by @carlhoerberg. So the issue is not rabbitmqadmin or definitions import-specific => moving here.
@michaelklishin michaelklishin self-assigned this Feb 12, 2016
@michaelklishin michaelklishin added this to the 3.6.1 milestone Feb 12, 2016
@michaelklishin michaelklishin mentioned this issue Feb 12, 2016
Closed
@michaelklishin
Copy link
Member Author

@carlhoerberg with the tip of stable at least, I can't reproduce with the following steps:

  • Start a 3.5.7 node, add a user server-623 with password "server-623"
  • Tag the user as administrator
  • Stop the node, copy its database directory to /tmp/3.5.7
  • Start a 3.6.x node with RABBITMQ_MNESIA_DIR=/tmp/3.5.7
  • List users with ets:tab2list(rabbit_user).
  • Change password with rabbitmqctl change_password server-623 server-623-new
  • Try authenticating with rabbitmqctl authenticate_user server-623 server-623-new (it succeeds)
  • Try authenticating with rabbitmqctl authenticate_user server-623 server-623 (it fails)

Are the steps I take different from yours?

@michaelklishin
Copy link
Member Author

Some digging with

git diff rabbitmq_v3_6_0..stable -- src/rabbit_auth_backend_internal.erl
git blame -- src/rabbit_auth_backend_internal.erl

suggests it was fixed in f1f28ea by @hairyhum.

michaelklishin referenced this issue Feb 12, 2016
Specify hash algorithm in change_password_hash
f1f28ea
@michaelklishin
Copy link
Member Author

Assigning to @hairyhum because he fixed the issue as part of rabbitmq/rabbitmq-management#117.

@edmorley
Copy link

I think it would be good to add a test for this, since this caused breakage for our Heroku app, after updating to 3.6.0 and using our managed rabbitmq instance's "rotate password" feature.

Shall I file a new issue for adding the test?

Many thanks :-)

@michaelklishin
Copy link
Member Author

@edmorley I'm afraid adding a test that uses two different database schemas (from 3.5.x and 3.6.0) is going to be quite hard.

The best I can think of is manually injecting a user with a non-standard password hashing function. I have no objections to having an issue for that.

@edmorley edmorley mentioned this issue Feb 17, 2016
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hairyhum hairyhum

Labels
bug
Projects
None yet
Milestone
3.6.1
Development

No branches or pull requests
3 participants
@michaelklishin @edmorley @hairyhum