Fix Mongo tests.

README.md

@@ -230,7 +230,7 @@ and it is loaded into Mosquitto auth with the ```auth_plugin``` option.
 Set path to plugin and include conf.d dir for further configuration:
 
 ```
-auth_plugin /path/to/auth-plug.so
+auth_plugin /path/to/go-auth.so
 include_dir /etc/mosquitto/conf.d
 ```
 

backends/files.go

@@ -35,6 +35,7 @@ type AclRecord struct {
 type Files struct {
  PasswordPath string
  AclPath string
+ SaltEncoding string
  CheckAcls bool
  Users map[string]*FileUser //Users keeps a registry of username/FileUser pairs, holding a user's password and Acl records.
  AclRecords []AclRecord
@@ -51,6 +52,7 @@ func NewFiles(authOpts map[string]string, logLevel log.Level) (Files, error) {
  CheckAcls: false,
  Users: make(map[string]*FileUser),
  AclRecords: make([]AclRecord, 0),
+ SaltEncoding: "base64",
  }
 
  if passwordPath, ok := authOpts["password_path"]; ok {
@@ -59,6 +61,16 @@ func NewFiles(authOpts map[string]string, logLevel log.Level) (Files, error) {
  return files, errors.New("Files backend error: no password path given")
  }
 
+ if saltEncoding, ok := authOpts["salt_encoding"]; ok {
+ switch saltEncoding {
+ case common.Base64, common.UTF8:
+ files.SaltEncoding = saltEncoding
+ log.Debugf("files backend: set salt encoding to: %s", saltEncoding)
+ default:
+ log.Errorf("files backend: invalid salt encoding specified: %s, will default to base64 instead", saltEncoding)
+ }
+ }
+
  if aclPath, ok := authOpts["acl_path"]; ok {
  files.AclPath = aclPath
  files.CheckAcls = true
@@ -293,7 +305,7 @@ func (o Files) GetUser(username, password, clientid string) bool {
  return false
  }
 
- if common.HashCompare(password, fileUser.Password) {
+ if common.HashCompare(password, fileUser.Password, o.SaltEncoding) {
  return true
  }
 

backends/mongo.go

@@ -22,7 +22,9 @@ type Mongo struct {
  Port string
  Username string
  Password string
+ SaltEncoding string
  DBName string
+ AuthSource string
  UsersCollection string
  AclsCollection string
  Conn *mongo.Client
@@ -51,8 +53,10 @@ func NewMongo(authOpts map[string]string, logLevel log.Level) (Mongo, error) {
  Username: "",
  Password: "",
  DBName: "mosquitto",
+ AuthSource: "",
  UsersCollection: "users",
  AclsCollection: "acls",
+ SaltEncoding: "base64",
  }
 
  if authOpts["mongo_disable_superuser"] == "true" {
@@ -75,10 +79,24 @@ func NewMongo(authOpts map[string]string, logLevel log.Level) (Mongo, error) {
  m.Password = mongoPassword
  }
 
+ if saltEncoding, ok := authOpts["mongo_salt_encoding"]; ok {
+ switch saltEncoding {
+ case common.Base64, common.UTF8:
+ m.SaltEncoding = saltEncoding
+ log.Debugf("mongo backend: set salt encoding to: %s", saltEncoding)
+ default:
+ log.Errorf("mongo backend: invalid salt encoding specified: %s, will default to base64 instead", saltEncoding)
+ }
+ }
+
  if mongoDBName, ok := authOpts["mongo_dbname"]; ok {
  m.DBName = mongoDBName
  }
 
+ if mongoAuthSource, ok := authOpts["mongo_authsource"]; ok {
+ m.AuthSource = mongoAuthSource
+ }
+
  if usersCollection, ok := authOpts["mongo_users"]; ok {
  m.UsersCollection = usersCollection
  }
@@ -103,6 +121,11 @@ func NewMongo(authOpts map[string]string, logLevel log.Level) (Mongo, error) {
  Password: m.Password,
  PasswordSet: true,
  }
+ // Set custom AuthSource DB if supplied in config
+ if m.AuthSource != "" {
+ opts.Auth.AuthSource = m.AuthSource
+ log.Infof("mongo backend: set authentication db to: %s", m.AuthSource)
+ }
  }
 
  client, err := mongo.Connect(context.TODO(), &opts)
@@ -129,7 +152,7 @@ func (o Mongo) GetUser(username, password, clientid string) bool {
  return false
  }
 
- if common.HashCompare(password, user.PasswordHash) {
+ if common.HashCompare(password, user.PasswordHash, o.SaltEncoding) {
  return true
  }