diff --git a/code/handlers/trackservers.q b/code/handlers/trackservers.q index 9d3917077..09428bb6e 100644 --- a/code/handlers/trackservers.q +++ b/code/handlers/trackservers.q @@ -27,6 +27,8 @@ USERPASS:` // the username and password used to make connections STARTUP:@[value;`STARTUP;0b] // whether to automatically make connections on startup DISCOVERY:@[value;`DISCOVERY;enlist`] // list of discovery services to connect to (if not using process.csv) SOCKETTYPE:@[value;`SOCKETTYPE;enlist[`]!enlist `] // dict of proctype!sockettype. sockettype options : `tcp`tcps`unix. e.g. `rdb`tickerplant!`tcp`unix +PASSWORDS:@[value;`PASSWORDS;enlist[`]!enlist `] // dict of host:port!user:pass e.g. `:host:1234!`user:pass + // If required, change this method to something more secure! // Otherwise just load the usernames and passwords from the passwords directory @@ -47,9 +49,10 @@ loadpassword[] // open a connection opencon:{ if[DEBUG;.lg.o[`conn;"attempting to open handle to ",string x]]; - // If the supplied connection string doesn't contain a user:password, - // and USERPASS is not null, append it - connection:hsym $[(2 >= sum ":"=string x) and not null USERPASS; `$(string x),":",string USERPASS;x]; + + // If the supplied connection string has 2 or more colons append on user:pass from passwords dictionary + // else return connection string passed in + connection:hsym $[2 >= sum ":"=string x; `$(string x),":",string USERPASS^PASSWORDS[x];x]; h:@[{(hopen x;"")};(connection;.servers.HOPENTIMEOUT);{(0Ni;x)}]; diff --git a/config/settings/default.q b/config/settings/default.q index a58be24f4..0d513f6ec 100644 --- a/config/settings/default.q +++ b/config/settings/default.q @@ -72,6 +72,7 @@ LOADPASSWORD:1b // load the external username:password from ${KDBCONFI STARTUP:0b // whether to automatically make connections on startup DISCOVERY:enlist` // list of discovery services to connect to (if not using process.csv) SOCKETTYPE:enlist[`]!enlist ` // dict of proctype -> sockettype e.g. `hdb`rdb`tp!`tcps`tcp`unix +PASSWORDS:enlist[`]!enlist ` // dict of host:port!user:pass // functions to ignore when called async - bypass all permission checking and logging \d .zpsignore diff --git a/docs/conn.md b/docs/conn.md index be761ac66..06b864b34 100755 --- a/docs/conn.md +++ b/docs/conn.md @@ -82,6 +82,12 @@ overridden by one for the process type, which is itself overridden by one for the process name. For greater security, the .servers.loadpassword function should be modified. +Some non-torq processes require a username and password to allow connection. +These will be stored in a passwords dictionary. +Passing the host and port of a process into this dictionary will return the full connection string +if it is present within the dictionary. +If however it is not present in the dictionary then the default username and password will be returned. + Retrieving and Using Handles ----------------------------