Stabilization: replication semi-sync, MVCC aborted deleters, SSTable level, SCRAM fix
CI / test (push) Has been cancelled
CI / verify (push) Has been cancelled
Clients CI / build-server (push) Has been cancelled
Clients CI / test-python (push) Has been cancelled
Clients CI / test-javascript (push) Has been cancelled
Clients CI / test-nim (push) Has been cancelled
Clients CI / test-rust (push) Has been cancelled

P0-P1 fixes:
- replication.nim: rmSync/rmSemiSync now wait for replica ACKs
- mvcc.nim: aborted deleters no longer hide records (return true for visibility)
- storage/lsm.nim: SSTable level persisted in header (version 2, backward compat)
- protocol/auth.nim: removed insecure SCRAM raw hash fallback

Build: 0 warnings, 0 errors. All tests pass.
This commit is contained in:
2026-05-18 12:04:45 +03:00
parent 47c4393a7e
commit 8596cea548
4 changed files with 37 additions and 16 deletions
+3 -9
View File
@@ -271,15 +271,9 @@ proc validateCredentials*(am: AuthManager, creds: AuthCredentials): AuthResult =
role: claims.role, database: claims.database)
return AuthResult(authenticated: false, error: "Invalid token")
of amSCRAMSHA256:
## Legacy fallback: simple hash comparison for backward compatibility.
## Real SCRAM should use startScram() / finishScram().
if creds.username in am.users:
let stored = am.users[creds.username]
let clientHash = if creds.payload.len > 0: creds.payload else: hmacSha256(am.secretKey, "")
if stored == clientHash or stored == hmacSha256(am.secretKey, creds.payload):
return AuthResult(authenticated: true, username: creds.username,
role: "user", database: "default")
return AuthResult(authenticated: false, error: "Invalid SCRAM credentials")
## SCRAM-SHA-256 requires a full challenge-response handshake.
## Use startScram() / finishScram() instead of validateCredentials().
return AuthResult(authenticated: false, error: "SCRAM requires challenge-response handshake. Use startScram/finishScram.")
# ---------------------------------------------------------------------------
# Token / user management