@@ -463,8 +463,8 @@ where
463463 . count ( )
464464 == 1 ;
465465
466- // Kick any client that's not admin while we're in admin-only mode.
467466 if !admin && admin_only {
467+ // Kick any client that's not admin while we're in admin-only mode.
468468 debug ! (
469469 "Rejecting non-admin connection to {} when in admin only mode" ,
470470 pool_name
@@ -485,68 +485,69 @@ where
485485
486486 // Authenticate admin user.
487487 let ( transaction_mode, mut server_parameters) = if admin {
488- // Perform MD5 authentication.
488+ let config = get_config ( ) ;
489489 // TODO: Add SASL support.
490- let salt = md5_challenge ( & mut write) . await ?;
491-
492- let code = match read. read_u8 ( ) . await {
493- Ok ( p) => p,
494- Err ( _) => {
495- return Err ( Error :: ClientSocketError (
496- "password code" . into ( ) ,
497- client_identifier,
498- ) )
499- }
500- } ;
490+ // Perform MD5 authentication.
491+ if let "md5" = config. general . admin_auth_type . as_str ( ) {
492+ let salt = md5_challenge ( & mut write) . await ?;
501493
502- // PasswordMessage
503- if code as char != 'p' {
504- return Err ( Error :: ProtocolSyncError ( format ! (
505- "Expected p, got {}" ,
506- code as char
507- ) ) ) ;
508- }
494+ let code = match read. read_u8 ( ) . await {
495+ Ok ( p) => p,
496+ Err ( _) => {
497+ return Err ( Error :: ClientSocketError (
498+ "password code" . into ( ) ,
499+ client_identifier,
500+ ) )
501+ }
502+ } ;
509503
510- let len = match read. read_i32 ( ) . await {
511- Ok ( len) => len,
512- Err ( _) => {
513- return Err ( Error :: ClientSocketError (
514- "password message length" . into ( ) ,
515- client_identifier,
516- ) )
504+ // PasswordMessage
505+ if code as char != 'p' {
506+ return Err ( Error :: ProtocolSyncError ( format ! (
507+ "Expected p, got {}" ,
508+ code as char
509+ ) ) ) ;
517510 }
518- } ;
519511
520- let mut password_response = vec ! [ 0u8 ; ( len - 4 ) as usize ] ;
512+ let len = match read. read_i32 ( ) . await {
513+ Ok ( len) => len,
514+ Err ( _) => {
515+ return Err ( Error :: ClientSocketError (
516+ "password message length" . into ( ) ,
517+ client_identifier,
518+ ) )
519+ }
520+ } ;
521521
522- match read. read_exact ( & mut password_response) . await {
523- Ok ( _) => ( ) ,
524- Err ( _) => {
525- return Err ( Error :: ClientSocketError (
526- "password message" . into ( ) ,
527- client_identifier,
528- ) )
529- }
530- } ;
522+ let mut password_response = vec ! [ 0u8 ; ( len - 4 ) as usize ] ;
531523
532- let config = get_config ( ) ;
524+ match read. read_exact ( & mut password_response) . await {
525+ Ok ( _) => ( ) ,
526+ Err ( _) => {
527+ return Err ( Error :: ClientSocketError (
528+ "password message" . into ( ) ,
529+ client_identifier,
530+ ) )
531+ }
532+ } ;
533533
534- // Compare server and client hashes.
535- let password_hash = md5_hash_password (
536- & config. general . admin_username ,
537- & config. general . admin_password ,
538- & salt,
539- ) ;
540534
541- if password_hash != password_response {
542- let error = Error :: ClientGeneralError ( "Invalid password" . into ( ) , client_identifier) ;
535+ // Compare server and client hashes.
536+ let password_hash = md5_hash_password (
537+ & config. general . admin_username ,
538+ & config. general . admin_password ,
539+ & salt,
540+ ) ;
543541
544- warn ! ( "{}" , error ) ;
545- wrong_password ( & mut write , username ) . await ? ;
542+ if password_hash != password_response {
543+ let error = Error :: ClientGeneralError ( "Invalid password" . into ( ) , client_identifier ) ;
546544
547- return Err ( error) ;
548- }
545+ warn ! ( "{}" , error) ;
546+ wrong_password ( & mut write , username ) . await ? ;
549547
548+ return Err ( error) ;
549+ }
550+ }
550551 ( false , generate_server_parameters_for_admin ( ) )
551552 }
552553 // Authenticate normal user.
0 commit comments