Пример #1
0
func TestMakeProxySpec(t *testing.T) {
	badTests := [...]url.URL{
		{Scheme: "http"},
		{Scheme: "http", Host: ":"},
		{Scheme: "http", Host: "localhost"},
		{Scheme: "http", Host: "localhost:"},
		{Scheme: "http", Host: ":8080"},
		{Scheme: "http", Host: "localhost:https"},
		{Scheme: "http", Host: "localhost:8080", User: url.User("username")},
		{Scheme: "http", Host: "localhost:8080", User: url.UserPassword("username", "password")},
		{Scheme: "http", User: url.User("username"), Host: "localhost:8080"},
		{Scheme: "http", User: url.UserPassword("username", "password"), Host: "localhost:8080"},
		{Scheme: "http", Host: "localhost:-1"},
		{Scheme: "http", Host: "localhost:65536"},
		{Scheme: "socks5", Host: ":"},
		{Scheme: "socks4a", Host: ":"},
		// "socks" and "socks4" are unknown types.
		{Scheme: "socks", Host: "localhost:1080"},
		{Scheme: "socks4", Host: "localhost:1080"},
		{Scheme: "unknown", Host: "localhost:9999"},
	}
	goodTests := [...]struct {
		input    url.URL
		expected ProxySpec
	}{
		{
			url.URL{Scheme: "http", Host: "localhost:8080"},
			ProxySpec{"http", "localhost", 8080},
		},
		{
			url.URL{Scheme: "socks5", Host: "localhost:1080"},
			ProxySpec{"socks5", "localhost", 1080},
		},
		{
			url.URL{Scheme: "socks4a", Host: "localhost:1080"},
			ProxySpec{"socks4a", "localhost", 1080},
		},
	}

	for _, input := range badTests {
		_, err := makeProxySpec(&input)
		if err == nil {
			t.Errorf("%q unexpectedly succeeded", input)
		}
	}

	for _, test := range goodTests {
		spec, err := makeProxySpec(&test.input)
		if err != nil {
			t.Fatalf("%q unexpectedly returned an error: %s", test.input, err)
		}
		if *spec != test.expected {
			t.Errorf("%q → %q (expected %q)", test.input, spec, test.expected)
		}
	}
}
Пример #2
0
func (config Config) ToURL() *url.URL {
	ret := &url.URL{}
	hostPort := []string{}
	user, pass := "", ""
	hasUser, hasPass := false, false
	params := &url.Values{}
	hasParams := false

	for k, v := range config {
		var val string
		switch t := v.(type) {
		case string:
			val = t
		case interface {
			String() string
		}:
			val = t.String()
		case nil:
			val = ""
		default:
			val = fmt.Sprintf("%v", v)
		}

		switch k {
		case "adapter":
			ret.Scheme = mappedAdapter(val)
		case "host", "hostname":
			hostPort = append([]string{val}, hostPort...)
		case "port":
			hostPort = append(hostPort, val)
		case "database":
			ret.Path = fmt.Sprintf("/%s", val)
		case "user", "username":
			user = val
			hasUser = true
		case "pass", "password":
			pass = val
			hasPass = true
		default:
			params.Add(k, val)
			hasParams = true
		}
	}

	if len(hostPort) != 0 {
		ret.Host = strings.Join(hostPort, ":")
	}

	if hasPass {
		ret.User = url.UserPassword(user, pass)
	} else if hasUser {
		ret.User = url.User(user)
	}

	if hasParams {
		ret.RawQuery = params.Encode()
	}

	return ret
}
Пример #3
0
Файл: mongo.go Проект: zeebo/est
func openMongo(c *MongoConfig) (b Backend, err error) {
	//build a url for connecting based on the config
	u := &url.URL{
		Scheme: "mongodb",
		Host:   c.Host,
	}

	//only add credentials and database in the url if they're specified
	if c.Username != "" && c.Password == "" {
		u.User = url.User(c.Username)
		u.Path = "/" + c.Database
	}
	if c.Username != "" && c.Password != "" {
		u.User = url.UserPassword(c.Username, c.Password)
		u.Path = "/" + c.Database
	}

	s, err := mgo.Dial(u.String())
	if err != nil {
		err = fmt.Errorf("dial %s: %s", u, err)
		return
	}
	b = &mongoBackend{
		tasks:    s.DB(c.Database).C("tasks"),
		startlog: s.DB(c.Database).C("startlog"),
	}
	return
}
Пример #4
0
func makeSQLClient() (*sql.DB, string) {
	sqlURL := connURL
	if len(connURL) == 0 {
		options := url.Values{}
		if context.Insecure {
			options.Add("sslmode", "disable")
		} else {
			options.Add("sslmode", "verify-full")
			options.Add("sslcert", security.ClientCertPath(context.Certs, connUser))
			options.Add("sslkey", security.ClientKeyPath(context.Certs, connUser))
			options.Add("sslrootcert", security.CACertPath(context.Certs))
		}
		pgURL := url.URL{
			Scheme:   "postgresql",
			User:     url.User(connUser),
			Host:     net.JoinHostPort(connHost, connPGPort),
			Path:     connDBName,
			RawQuery: options.Encode(),
		}
		sqlURL = pgURL.String()
	}
	db, err := sql.Open("postgres", sqlURL)
	if err != nil {
		panicf("failed to initialize SQL client: %s", err)
	}
	return db, sqlURL
}
Пример #5
0
func processOverride(u *url.URL) {
	envUsername := os.Getenv(envUserName)
	envPassword := os.Getenv(envPassword)

	// Override username if provided
	if envUsername != "" {
		var password string
		var ok bool

		if u.User != nil {
			password, ok = u.User.Password()
		}

		if ok {
			u.User = url.UserPassword(envUsername, password)
		} else {
			u.User = url.User(envUsername)
		}
	}

	// Override password if provided
	if envPassword != "" {
		var username string

		if u.User != nil {
			username = u.User.Username()
		}

		u.User = url.UserPassword(username, envPassword)
	}
}
Пример #6
0
func (flag *ClientFlag) Process() error {
	if flag.url == nil {
		return errors.New("specify an " + cDescr)
	}

	// Override username if set
	if flag.username != "" {
		var password string
		var ok bool

		if flag.url.User != nil {
			password, ok = flag.url.User.Password()
		}

		if ok {
			flag.url.User = url.UserPassword(flag.username, password)
		} else {
			flag.url.User = url.User(flag.username)
		}
	}

	// Override password if set
	if flag.password != "" {
		var username string

		if flag.url.User != nil {
			username = flag.url.User.Username()
		}

		flag.url.User = url.UserPassword(username, flag.password)
	}

	return nil
}
Пример #7
0
func TestPGWireDBName(t *testing.T) {
	defer leaktest.AfterTest(t)()

	s, _, _ := serverutils.StartServer(t, base.TestServerArgs{})
	defer s.Stopper().Stop()

	pgURL, cleanupFn := sqlutils.PGUrl(t, s.ServingAddr(), "TestPGWireDBName", url.User(security.RootUser))
	pgURL.Path = "foo"
	defer cleanupFn()
	{
		db, err := gosql.Open("postgres", pgURL.String())
		if err != nil {
			t.Fatal(err)
		}
		defer db.Close()

		if _, err := db.Exec(`CREATE DATABASE foo`); err != nil {
			t.Fatal(err)
		}

		if _, err := db.Exec(`CREATE TABLE bar (i INT PRIMARY KEY)`); err != nil {
			t.Fatal(err)
		}
	}
	db, err := gosql.Open("postgres", pgURL.String())
	if err != nil {
		t.Fatal(err)
	}
	defer db.Close()

	if _, err := db.Exec(`INSERT INTO bar VALUES ($1)`, 1); err != nil {
		t.Fatal(err)
	}
}
Пример #8
0
// PGUrl returns a postgres connection url which connects to this server with
// the given user. Returns a connection string and a cleanup function which must
// be called after any connection created using the string has been closed.
//
// In order to connect securely using postgres, this method will create
// temporary on-disk copies of certain embedded security certificates. The
// certificates will be created as temporary files in the provided directory,
// and their filenames will have the provided prefix. The returned cleanup
// function will delete these temporary files.
func PGUrl(t util.Tester, ts *server.TestServer, user, tempDir, prefix string) (url.URL, func()) {
	host, port, err := net.SplitHostPort(ts.PGAddr())
	if err != nil {
		t.Fatal(err)
	}

	caPath := filepath.Join(security.EmbeddedCertsDir, "ca.crt")
	certPath := security.ClientCertPath(security.EmbeddedCertsDir, user)
	keyPath := security.ClientKeyPath(security.EmbeddedCertsDir, user)

	// Copy these assets to disk from embedded strings, so this test can
	// run from a standalone binary.
	tempCAPath, tempCACleanup := securitytest.TempRestrictedCopy(t, caPath, tempDir, "TestLogic_ca")
	tempCertPath, tempCertCleanup := securitytest.TempRestrictedCopy(t, certPath, tempDir, "TestLogic_cert")
	tempKeyPath, tempKeyCleanup := securitytest.TempRestrictedCopy(t, keyPath, tempDir, "TestLogic_key")

	return url.URL{
			Scheme: "postgres",
			User:   url.User(user),
			Host:   net.JoinHostPort(host, port),
			RawQuery: fmt.Sprintf("sslmode=verify-full&sslrootcert=%s&sslcert=%s&sslkey=%s",
				url.QueryEscape(tempCAPath),
				url.QueryEscape(tempCertPath),
				url.QueryEscape(tempKeyPath),
			),
		}, func() {
			tempCACleanup()
			tempCertCleanup()
			tempKeyCleanup()
		}
}
Пример #9
0
func TestEmptyPasswordAuth(t *testing.T) {
	defer afterTest(t)
	gopher := "gopher"
	ts := httptest.NewServer(HandlerFunc(func(w ResponseWriter, r *Request) {
		auth := r.Header.Get("Authorization")
		if strings.HasPrefix(auth, "Basic ") {
			encoded := auth[6:]
			decoded, err := base64.StdEncoding.DecodeString(encoded)
			if err != nil {
				t.Fatal(err)
			}
			expected := gopher + ":"
			s := string(decoded)
			if expected != s {
				t.Errorf("Invalid Authorization header. Got %q, wanted %q", s, expected)
			}
		} else {
			t.Errorf("Invalid auth %q", auth)
		}
	}))
	defer ts.Close()
	c := &Client{}
	req, err := NewRequest("GET", ts.URL, nil)
	if err != nil {
		t.Fatal(err)
	}
	req.URL.User = url.User(gopher)
	resp, err := c.Do(req)
	if err != nil {
		t.Fatal(err)
	}
	defer resp.Body.Close()
}
Пример #10
0
// sanitizeHTTP cleans up repository URL and converts to https format
// if currently in ssh format.
// Returns sanitized url, hostName (e.g. github.com, bitbucket.com)
// and possible error
func sanitizeHTTP(repoURL string) (string, string, error) {
	u, err := url.Parse(repoURL)
	if err != nil {
		return "", "", err
	}

	// ensure the url is not ssh
	if u.Scheme == "ssh" {
		u.Scheme = "https"
	}

	// convert to http format if in ssh format
	if strings.Contains(u.Host, ":") {
		s := strings.SplitN(u.Host, ":", 2)
		//  alter path and host if we're sure its not a port
		if _, err := strconv.Atoi(s[1]); err != nil {
			u.Host = s[0]
			u.Path = path.Join(s[1], u.Path)
		}
	}

	// Bitbucket require the user to be set into the HTTP URL
	if u.Host == "bitbucket.org" && u.User == nil {
		segments := strings.Split(u.Path, "/")
		u.User = url.User(segments[1])
	}

	return u.String(), u.Host, nil
}
Пример #11
0
// SetURLUser set the user credentials in the given URL. If the username or
// password is not set in the URL then the default is used (if provided).
func SetURLUser(u *url.URL, defaultUser, defaultPass string) {
	var user, pass string
	var userIsSet, passIsSet bool
	if u.User != nil {
		user = u.User.Username()
		if user != "" {
			userIsSet = true
		}
		pass, passIsSet = u.User.Password()
	}

	if !userIsSet && defaultUser != "" {
		userIsSet = true
		user = defaultUser
	}

	if !passIsSet && defaultPass != "" {
		passIsSet = true
		pass = defaultPass
	}

	if userIsSet && passIsSet {
		u.User = url.UserPassword(user, pass)
	} else if userIsSet {
		u.User = url.User(user)
	}
}
Пример #12
0
func TestWriteLog(t *testing.T) {
	loc, err := time.LoadLocation("Europe/Warsaw")
	if err != nil {
		panic(err)
	}
	ts := time.Date(1983, 05, 26, 3, 30, 45, 0, loc)

	// A typical request with an OK response
	req := newRequest("GET", "http://example.com")
	req.RemoteAddr = "192.168.100.5"

	buf := new(bytes.Buffer)
	writeLog(buf, req, ts, http.StatusOK, 100)
	log := buf.String()

	expected := "192.168.100.5 - - [26/May/1983:03:30:45 +0200] \"GET  HTTP/1.1\" 200 100\n"
	if log != expected {
		t.Fatalf("wrong log, got %q want %q", log, expected)
	}

	// Request with an unauthorized user
	req.URL.User = url.User("kamil")

	buf.Reset()
	writeLog(buf, req, ts, http.StatusUnauthorized, 500)
	log = buf.String()

	expected = "192.168.100.5 - kamil [26/May/1983:03:30:45 +0200] \"GET  HTTP/1.1\" 401 500\n"
	if log != expected {
		t.Fatalf("wrong log, got %q want %q", log, expected)
	}
}
Пример #13
0
// PGURL returns the URL for the postgres endpoint.
func (ctx *Context) PGURL(user string) *url.URL {
	// Try to convert path to an absolute path. Failing to do so return path
	// unchanged.
	absPath := func(path string) string {
		r, err := filepath.Abs(path)
		if err != nil {
			return path
		}
		return r
	}

	options := url.Values{}
	if ctx.Insecure {
		options.Add("sslmode", "disable")
	} else {
		options.Add("sslmode", "verify-full")
		options.Add("sslcert", absPath(ctx.SSLCert))
		options.Add("sslkey", absPath(ctx.SSLCertKey))
		options.Add("sslrootcert", absPath(ctx.SSLCA))
	}
	return &url.URL{
		Scheme:   "postgresql",
		User:     url.User(user),
		Host:     ctx.Addr,
		RawQuery: options.Encode(),
	}
}
Пример #14
0
func (c *SSHCmd) URL(path string) *url.URL {
	return &url.URL{
		User: url.User(c.config.User),
		Host: c.host,
		Path: path,
	}

}
Пример #15
0
// ParseLocal parses rawurl into a URL object with a "file"
// scheme. This will effectively never return an error.
func ParseLocal(rawurl string) (u *url.URL, err error) {
	u = new(url.URL)
	u.Scheme = "file"
	u.User = url.User("")
	u.Host = ""
	u.Path = rawurl
	return u, err
}
Пример #16
0
func TestMySQLDatabaseExists_Error(t *testing.T) {
	drv := MySQLDriver{}
	u := mySQLTestURL(t)
	u.User = url.User("invalid")

	exists, err := drv.DatabaseExists(u)
	require.Regexp(t, "Access denied for user 'invalid'@", err.Error())
	require.Equal(t, false, exists)
}
Пример #17
0
// URLWithoutPassword returns the URL stripped of password
func (t *Target) URLWithoutPassword() *url.URL {
	if t.URL == nil {
		return nil
	}

	withoutCredentials := *t.URL
	withoutCredentials.User = url.User(t.URL.User.Username())
	return &withoutCredentials
}
Пример #18
0
func TestPostgresDatabaseExists_Error(t *testing.T) {
	drv := PostgresDriver{}
	u := postgresTestURL(t)
	u.User = url.User("invalid")

	exists, err := drv.DatabaseExists(u)
	require.Equal(t, "pq: role \"invalid\" does not exist", err.Error())
	require.Equal(t, false, exists)
}
Пример #19
0
// redactPassword returns the URL as a string with the password redacted.
func redactPassword(u url.URL) string {

	if u.User == nil {
		return u.String()
	}

	u.User = url.User(u.User.Username())
	return u.String()
}
Пример #20
0
func (flag *ClientFlag) URLWithoutPassword() *url.URL {
	if flag.url == nil {
		return nil
	}

	withoutCredentials := *flag.url
	withoutCredentials.User = url.User(flag.url.User.Username())
	return &withoutCredentials
}
Пример #21
0
// Test that abruptly closing a pgwire connection releases all leases held by
// that session.
func TestPGWireConnectionCloseReleasesLeases(t *testing.T) {
	defer leaktest.AfterTest(t)()
	s, _, kvDB := serverutils.StartServer(t, base.TestServerArgs{})
	defer s.Stopper().Stop()
	url, cleanupConn := sqlutils.PGUrl(t, s.ServingAddr(), "SetupServer", url.User(security.RootUser))
	defer cleanupConn()
	conn, err := pq.Open(url.String())
	if err != nil {
		t.Fatal(err)
	}
	ex := conn.(driver.Execer)
	if _, err := ex.Exec("CREATE DATABASE test", nil); err != nil {
		t.Fatal(err)
	}
	if _, err := ex.Exec("CREATE TABLE test.t (i INT PRIMARY KEY)", nil); err != nil {
		t.Fatal(err)
	}
	// Start a txn so leases are accumulated by queries.
	if _, err := ex.Exec("BEGIN", nil); err != nil {
		t.Fatal(err)
	}
	// Get a table lease.
	if _, err := ex.Exec("SELECT * FROM test.t", nil); err != nil {
		t.Fatal(err)
	}
	// Abruptly close the connection.
	if err := conn.Close(); err != nil {
		t.Fatal(err)
	}
	// Verify that there are no leases held.
	tableDesc := sqlbase.GetTableDescriptor(kvDB, "test", "t")
	lm := s.LeaseManager().(*LeaseManager)
	// Looking for a table state validates that there used to be a lease on the
	// table.
	ts := lm.findTableState(tableDesc.ID, false /* create */)
	if ts == nil {
		t.Fatal("table state not found")
	}
	ts.mu.Lock()
	leases := ts.active.data
	ts.mu.Unlock()
	if len(leases) != 1 {
		t.Fatalf("expected one lease, found: %d", len(leases))
	}
	// Wait for the lease to be released.
	util.SucceedsSoon(t, func() error {
		ts.mu.Lock()
		refcount := ts.active.data[0].refcount
		ts.mu.Unlock()
		if refcount != 0 {
			return errors.Errorf(
				"expected lease to be unused, found refcount: %d", refcount)
		}
		return nil
	})
}
Пример #22
0
func comp_v1_Text(ctx *EngineContext, scope *Scope, ins protoface.Instruction, args []interface{}) (returnValue interface{}) {
	component := args[0].(string)
	u := scope.Value.(*url.URL)
	ns := &Scope{}
	switch component {
	case "scheme":
		ns.Value = u.Scheme
	case "host":
		ns.Value = u.Host
	case "path":
		ns.Value = u.Path
	case "fragment":
		ns.Value = u.Fragment
	case "userinfo":
		if u.User != nil {
			ns.Value = u.User.String()
		} else {
			ns.Value = ""
		}
	}
	if ns.Value != nil {
		for i := 0; i < ins.INumChildren(); i++ {
			child := ins.IGetNthChild(i)
			ctx.RunInstruction(ns, child)
		}
		// write value back to URL (as long as it's a string)
		if newVal, ok := ns.Value.(string); ok {
			switch component {
			case "scheme":
				u.Scheme = newVal
			case "host":
				u.Host = newVal
			case "path":
				u.Path = newVal
			case "fragment":
				u.Fragment = newVal
			case "userinfo":
				if newVal == "" {
					// remove the userinfo
					u.User = nil
				} else {
					info := strings.Split(newVal, ":")
					newUserinfo := url.User(info[0])
					if len(info) == 2 {
						newUserinfo = url.UserPassword(info[0], info[1])
					}
					u.User = newUserinfo
				}
			}

			returnValue = newVal
		}
	}
	return
}
Пример #23
0
func BenchmarkPgbenchExec_Cockroach(b *testing.B) {
	defer tracing.Disable()()
	s, _, _ := serverutils.StartServer(b, base.TestServerArgs{Insecure: true})
	defer s.Stopper().Stop()

	pgUrl, cleanupFn := sqlutils.PGUrl(
		b, s.ServingAddr(), "benchmarkCockroach", url.User(security.RootUser))
	pgUrl.RawQuery = "sslmode=disable"
	defer cleanupFn()

	execPgbench(b, pgUrl)
}
Пример #24
0
func TestDumpBytes(t *testing.T) {
	defer leaktest.AfterTest(t)()

	c, err := newCLITest(t, false)
	if err != nil {
		t.Fatal(err)
	}
	defer c.stop(true)

	url, cleanup := sqlutils.PGUrl(t, c.ServingAddr(), "TestDumpBytes", url.User(security.RootUser))
	defer cleanup()

	conn := makeSQLConn(url.String())
	defer conn.Close()

	if err := conn.Exec(`
		CREATE DATABASE d;
		SET DATABASE = d;
		CREATE TABLE t (b BYTES PRIMARY KEY);
	`, nil); err != nil {
		t.Fatal(err)
	}

	for i := int64(0); i < 256; i++ {
		if err := conn.Exec("INSERT INTO t VALUES ($1)", []driver.Value{[]byte{byte(i)}}); err != nil {
			t.Fatal(err)
		}
	}

	var b bytes.Buffer
	if err := DumpTable(&b, conn, "d", "t"); err != nil {
		t.Fatal(err)
	}
	dump := b.String()
	b.Reset()

	if err := conn.Exec(`
		CREATE DATABASE o;
		SET DATABASE = o;
	`, nil); err != nil {
		t.Fatal(err)
	}
	if err := conn.Exec(dump, nil); err != nil {
		t.Fatal(err)
	}
	if err := DumpTable(&b, conn, "o", "t"); err != nil {
		t.Fatal(err)
	}
	dump2 := b.String()
	if dump != dump2 {
		t.Fatalf("unmatching dumps:\n%s\n%s", dump, dump2)
	}
}
Пример #25
0
// The string representation of a Node is a URL.
// Please see ParseNode for a description of the format.
func (n *Node) String() string {
	addr := net.TCPAddr{IP: n.IP, Port: int(n.TCP)}
	u := url.URL{
		Scheme: "enode",
		User:   url.User(fmt.Sprintf("%x", n.ID[:])),
		Host:   addr.String(),
	}
	if n.UDP != n.TCP {
		u.RawQuery = "discport=" + strconv.Itoa(int(n.UDP))
	}
	return u.String()
}
Пример #26
0
// NewTestServer creates a new TestServer, but does not start it.
// The cockroach binary for your OS and ARCH is downloaded automatically.
// If the download fails, we attempt just call "cockroach", hoping it is
// found in your path.
func NewTestServer() (*TestServer, error) {
	cockroachBinary, err := downloadLatestBinary()
	if err == nil {
		log.Printf("Using automatically-downloaded binary: %s", cockroachBinary)
	} else {
		log.Printf("Attempting to use cockroach binary from your PATH")
		cockroachBinary = "cockroach"
	}

	// Force "/tmp/" so avoid OSX's really long temp directory names
	// which get us over the socket filename length limit.
	baseDir, err := ioutil.TempDir("/tmp", "cockroach-testserver")
	if err != nil {
		return nil, fmt.Errorf("could not create temp directory: %s", err)
	}

	logDir := filepath.Join(baseDir, "logs")
	if err := os.MkdirAll(logDir, 0755); err != nil {
		return nil, fmt.Errorf("could not create logs directory: %s: %s", logDir, err)
	}

	options := url.Values{
		"host": []string{baseDir},
	}
	pgurl := &url.URL{
		Scheme:   "postgres",
		User:     url.User("root"),
		Host:     fmt.Sprintf(":%d", socketPort),
		RawQuery: options.Encode(),
	}
	socketPath := filepath.Join(baseDir, fmt.Sprintf("%s.%d", socketFileBase, socketPort))

	args := []string{
		cockroachBinary,
		"start",
		"--logtostderr",
		"--insecure",
		"--port=0",
		"--http-port=0",
		"--socket=" + socketPath,
		"--store=" + baseDir,
	}

	ts := &TestServer{
		baseDir: baseDir,
		pgURL:   pgurl,
		args:    args,
		stdout:  filepath.Join(logDir, "cockroach.stdout"),
		stderr:  filepath.Join(logDir, "cockroach.stderr"),
	}
	return ts, nil
}
Пример #27
0
func getRoot() string {
	content := getEnv("CONTENT_URL")
	u, err := url.Parse(content)
	if err != nil {
		log.Fatalln("getContent: ", err)
	}

	// https://<token>@github.com/username/repo.git
	u.User = url.User(getEnv("TOKEN"))

	base := filepath.Base(u.Path)
	return strings.TrimSuffix(base, filepath.Ext(base))
}
Пример #28
0
// runSetUser prompts for a password, then inserts the user and hash
// into the system.users table.
// TODO(marc): once we have more fields in the user, we will need
// to allow changing just some of them (eg: change email, but leave password).
func runSetUser(cmd *cobra.Command, args []string) error {
	if len(args) != 1 {
		return usageAndError(cmd)
	}
	var err error
	var hashed []byte
	switch password {
	case "":
		hashed, err = security.PromptForPasswordAndHash()
		if err != nil {
			return err
		}
	case "-":
		scanner := bufio.NewScanner(os.Stdin)
		if scanner.Scan() {
			hashed, err = security.HashPassword(scanner.Text())
			if err != nil {
				return err
			}
			if scanner.Scan() {
				return errors.New("multiline passwords are not permitted")
			}
			if err := scanner.Err(); err != nil {
				return err
			}
		} else {
			if err := scanner.Err(); err != nil {
				return err
			}
		}
	default:
		hashed, err = security.HashPassword(password)
		if err != nil {
			return err
		}
	}

	// Only security.RootUser can set passwords.
	// TODO(asubiotto): Implement appropriate server-side authorization rules
	// for users to be able to change their own passwords.
	if connUser != security.RootUser {
		return fmt.Errorf("only %s is allowed to set passwords", security.RootUser)
	}
	conn, err := makeSQLClient(url.User(security.RootUser))
	if err != nil {
		return err
	}
	defer conn.Close()
	return runQueryAndFormatResults(conn, os.Stdout,
		makeQuery(`UPSERT INTO system.users VALUES ($1, $2)`, args[0], hashed), cliCtx.prettyFmt)
}
Пример #29
0
// setUser sets the DB client to the specified user.
// It returns a cleanup function to be run when the credentials
// are no longer needed.
func (t *logicTest) setUser(user string) func() {
	var outDBName string

	if t.db != nil {
		var inDBName string

		if err := t.db.QueryRow("SHOW DATABASE").Scan(&inDBName); err != nil {
			t.Fatal(err)
		}

		defer func() {
			if inDBName != outDBName {
				// Propagate the DATABASE setting to the newly-live connection.
				if _, err := t.db.Exec(fmt.Sprintf("SET DATABASE = %s", inDBName)); err != nil {
					t.Fatal(err)
				}
			}
		}()
	}

	if t.clients == nil {
		t.clients = map[string]*gosql.DB{}
	}
	if db, ok := t.clients[user]; ok {
		t.db = db
		t.user = user

		if err := t.db.QueryRow("SHOW DATABASE").Scan(&outDBName); err != nil {
			t.Fatal(err)
		}

		// No cleanup necessary, but return a no-op func to avoid nil pointer dereference.
		return func() {}
	}

	pgURL, cleanupFunc := sqlutils.PGUrl(t.T, t.srv.ServingAddr(), "TestLogic", url.User(user))
	db, err := gosql.Open("postgres", pgURL.String())
	if err != nil {
		t.Fatal(err)
	}
	t.clients[user] = db
	t.db = db
	t.user = user

	if t.verbose {
		fmt.Printf("--- new user: %s\n", user)
	}

	return cleanupFunc
}
Пример #30
0
// The string representation of a Node is a URL.
// Please see ParseNode for a description of the format.
func (n *Node) String() string {
	u := url.URL{Scheme: "enode"}
	if n.Incomplete() {
		u.Host = fmt.Sprintf("%x", n.ID[:])
	} else {
		addr := net.TCPAddr{IP: n.IP, Port: int(n.TCP)}
		u.User = url.User(fmt.Sprintf("%x", n.ID[:]))
		u.Host = addr.String()
		if n.UDP != n.TCP {
			u.RawQuery = "discport=" + strconv.Itoa(int(n.UDP))
		}
	}
	return u.String()
}