shruub
/
conduit
mirror of https://gitlab.com/famedly/conduit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use simple BTreeMap to store uiaa requests

Browse Source 
some uiaa requests contain plaintext passwords which should never be
persisted to disk.

Currently there is no cleanup implemented (you have to restart conduit)
merge-requests/219/head
Moritz Bitsch 3 years ago
parent 9b57c89df6
commit 3d25d46dc5
2 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File

3
src/database.rs
Unescape Escape View File

@ -250,8 +250,7 @@ impl Database {
}, },
uiaa: uiaa::Uiaa { uiaa: uiaa::Uiaa {
userdevicesessionid_uiaainfo: builder.open_tree("userdevicesessionid_uiaainfo")?, userdevicesessionid_uiaainfo: builder.open_tree("userdevicesessionid_uiaainfo")?,
userdevicesessionid_uiaarequest: builder userdevicesessionid_uiaarequest: RwLock::new(BTreeMap::new()),
.open_tree("userdevicesessionid_uiaarequest")?,
}, },
rooms: rooms::Rooms { rooms: rooms::Rooms {
edus: rooms::RoomEdus { edus: rooms::RoomEdus {

16
src/database/uiaa.rs
Unescape Escape View File

@ -1,4 +1,6 @@
use std::sync::Arc; use std::sync::Arc;
use std::sync::RwLock;
use std::collections::BTreeMap;
use crate::{client_server::SESSION_ID_LENGTH, utils, Error, Result}; use crate::{client_server::SESSION_ID_LENGTH, utils, Error, Result};
use ruma::{ use ruma::{
@ -18,7 +20,7 @@ use super::abstraction::Tree;
pub struct Uiaa { pub struct Uiaa {
pub(super) userdevicesessionid_uiaainfo: Arc<dyn Tree>, // User-interactive authentication pub(super) userdevicesessionid_uiaainfo: Arc<dyn Tree>, // User-interactive authentication
pub(super) userdevicesessionid_uiaarequest: Arc<dyn Tree>, // UiaaRequest = canonical json value pub(super) userdevicesessionid_uiaarequest: RwLock<BTreeMap<Vec<u8>, Vec<u8>>>, // UiaaRequest = canonical json value
} }
impl Uiaa { impl Uiaa {
@ -153,10 +155,10 @@ impl Uiaa {
userdevicesessionid.push(0xff); userdevicesessionid.push(0xff);
userdevicesessionid.extend_from_slice(session.as_bytes()); userdevicesessionid.extend_from_slice(session.as_bytes());
self.userdevicesessionid_uiaarequest.insert( self.userdevicesessionid_uiaarequest.write().unwrap().insert(
&userdevicesessionid, userdevicesessionid,
&serde_json::to_vec(request).expect("json value to vec always works"), serde_json::to_vec(request).expect("json value to vec always works"),
)?; );
Ok(()) Ok(())
} }
@ -173,8 +175,8 @@ impl Uiaa {
userdevicesessionid.push(0xff); userdevicesessionid.push(0xff);
userdevicesessionid.extend_from_slice(session.as_bytes()); userdevicesessionid.extend_from_slice(session.as_bytes());
self.userdevicesessionid_uiaarequest self.userdevicesessionid_uiaarequest.read().unwrap()
.get(&userdevicesessionid)? .get(&userdevicesessionid)
.map(|bytes| { .map(|bytes| {
serde_json::from_str::<CanonicalJsonValue>( serde_json::from_str::<CanonicalJsonValue>(
&utils::string_from_bytes(&bytes) &utils::string_from_bytes(&bytes)

Write Preview
Loading…
Cancel
Save