frodovdr/node-red
1
0
Fork 0
mirror of https://github.com/node-red/node-red.git synced 2023-10-10 13:36:53 +02:00
Code Issues Releases Wiki Activity

Avoid reencyrpting credentials if they haven't changed

Browse Source
This commit is contained in:
Nick O'Leary 2016-10-11 14:27:35 +01:00
parent d119594cbf
commit 8e7d52e645
1 changed files with 24 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
red/runtime/nodes/credentials.js
View File

@ -137,6 +137,9 @@ var api = module.exports = {
} }
} }
} }
if (encryptionEnabled && !dirty) {
encryptedCredentials = credentials;
}
return setupEncryptionPromise.then(function() { return setupEncryptionPromise.then(function() {
if (credentials.hasOwnProperty("$")) { if (credentials.hasOwnProperty("$")) {
// These are encrypted credentials // These are encrypted credentials
@ -160,8 +163,10 @@ var api = module.exports = {
* @return a promise for backwards compatibility TODO: can this be removed? * @return a promise for backwards compatibility TODO: can this be removed?
*/ */
add: function (id, creds) { add: function (id, creds) {
credentialCache[id] = creds; if (!credentialCache.hasOwnProperty(id) || JSON.stringify(creds) !== JSON.stringify(credentialCache[id])) {
dirty = true; credentialCache[id] = creds;
dirty = true;
}
return when.resolve(); return when.resolve();
}, },
@ -258,13 +263,16 @@ var api = module.exports = {
} }
if (0 === newCreds[cred].length || /^\s*$/.test(newCreds[cred])) { if (0 === newCreds[cred].length || /^\s*$/.test(newCreds[cred])) {
delete savedCredentials[cred]; delete savedCredentials[cred];
dirty = true;
continue; continue;
} }
savedCredentials[cred] = newCreds[cred]; if (!savedCredentials.hasOwnProperty(cred) || JSON.stringify(savedCredentials[cred]) !== JSON.stringify(newCreds[cred])) {
savedCredentials[cred] = newCreds[cred];
dirty = true;
}
} }
} }
credentialCache[nodeID] = savedCredentials; credentialCache[nodeID] = savedCredentials;
dirty = true;
} }
}, },
@ -283,14 +291,18 @@ var api = module.exports = {
export: function() { export: function() {
var result = credentialCache; var result = credentialCache;
if (dirty && encryptionEnabled) { if (encryptionEnabled) {
try { if (dirty) {
log.debug("red/runtime/nodes/credentials.export : encrypting"); try {
var initVector = crypto.randomBytes(16); log.debug("red/runtime/nodes/credentials.export : encrypting");
var cipher = crypto.createCipheriv(encryptionAlgorithm, encryptionKey, initVector); var initVector = crypto.randomBytes(16);
result = {"$":initVector.toString('hex') + cipher.update(JSON.stringify(credentialCache), 'utf8', 'base64') + cipher.final('base64')}; var cipher = crypto.createCipheriv(encryptionAlgorithm, encryptionKey, initVector);
} catch(err) { result = {"$":initVector.toString('hex') + cipher.update(JSON.stringify(credentialCache), 'utf8', 'base64') + cipher.final('base64')};
log.warn(log._("nodes.credentials.error-saving",{message:err.toString()})) } catch(err) {
log.warn(log._("nodes.credentials.error-saving",{message:err.toString()}))
}
} else {
result = encryptedCredentials;
} }
} }
dirty = false; dirty = false;