Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

etcdserver: don't let InternalAuthenticateRequest have password (#11818)

Browse Source
This commit is contained in:
Hitoshi Mitake 2020-05-07 08:46:41 +09:00 committed by GitHub
parent 035e1db0a2
commit feb56298dd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
etcdserver/v3_server.go
View File

@ -441,9 +441,10 @@ func (s *EtcdServer) Authenticate(ctx context.Context, r *pb.AuthenticateRequest
return nil, err return nil, err
} }
// internalReq doesn't need to have Password because the above s.AuthStore().CheckPassword() already did it.
// In addition, it will let a WAL entry not record password as a plain text.
internalReq := &pb.InternalAuthenticateRequest{ internalReq := &pb.InternalAuthenticateRequest{
Name: r.Name, Name: r.Name,
Password: r.Password,
SimpleToken: st, SimpleToken: st,
} }