From d4d83a6fe70e2b0a053997b15f32ab4095080015 Mon Sep 17 00:00:00 2001
From: Lev Kokotov <lev.kokotov@gmail.com>
Date: Fri, 4 Mar 2022 12:24:53 -0800
Subject: [PATCH] fix borrowing errors

---
 src/client.rs   |  9 ++++-----
 src/messages.rs | 19 ++++++++-----------
 2 files changed, 12 insertions(+), 16 deletions(-)

diff --git a/src/client.rs b/src/client.rs
index 2c382df..82534fc 100644
--- a/src/client.rs
+++ b/src/client.rs
@@ -109,12 +109,11 @@ impl Client {
                 PROTOCOL_VERSION_NUMBER => {
                     trace!("Got StartupMessage");
                     let parameters = parse_startup(bytes.clone())?;
-                    let mut user_name: String = String::new();
-                    match parameters.get(&"user") {
-                        Some(&user) => user_name = user,
+                    let user = match parameters.get(&String::from("user")) {
+                        Some(user) => user,
                         None => return Err(Error::ClientBadStartup),
-                    }
-                    start_auth(&mut stream, &user_name).await?;
+                    };
+                    start_auth(&mut stream, user).await?;
 
                     // Generate random backend ID and secret key
                     let process_id: i32 = rand::random();
diff --git a/src/messages.rs b/src/messages.rs
index 3a1e0bb..83a82be 100644
--- a/src/messages.rs
+++ b/src/messages.rs
@@ -46,11 +46,9 @@ md5(concat(md5(concat(password, username)), random-salt)))
 5. check username hash combo against file
 6. AuthenticationOk or ErrorResponse
  **/
-pub async fn start_auth(stream: &mut TcpStream, user_name: &String) -> Result<(), Error> {
-    let mut rng = rand::thread_rng();
-
+pub async fn start_auth(stream: &mut TcpStream, user: &str) -> Result<(), Error> {
     //Generate random 4 byte salt
-    let salt = rng.gen::<u32>();
+    let salt = rand::random::<u32>();
 
     // Send AuthenticationMD5Password request
     send_md5_request(stream, salt).await?;
@@ -63,7 +61,7 @@ pub async fn start_auth(stream: &mut TcpStream, user_name: &String) -> Result<()
     match code {
         // Password response
         'p' => {
-            fetch_password_and_authenticate(stream, &user_name, &salt).await?;
+            fetch_password_and_authenticate(stream, user, &salt).await?;
             Ok(auth_ok(stream).await?)
         }
         _ => {
@@ -84,7 +82,7 @@ pub async fn send_md5_request(stream: &mut TcpStream, salt: u32) -> Result<(), E
     Ok(write_all(stream, authentication_md5password).await?)
 }
 
-pub async fn fetch_password_and_authenticate(stream: &mut TcpStream, user_name: &String, salt: &u32) -> Result<(), Error> {
+pub async fn fetch_password_and_authenticate(stream: &mut TcpStream, user: &str, salt: &u32) -> Result<(), Error> {
     /**
     1. How do I store the lists of users and paswords? clear text or hash?? wtf
     2. Add auth to tests
@@ -104,18 +102,17 @@ pub async fn fetch_password_and_authenticate(stream: &mut TcpStream, user_name:
     };
 
     let user_list = get_user_list();
-    let mut password: String = String::new();
-    match user_list.get(&user_name) {
-        Some(&p) => password = p,
+    let mut password = match user_list.get(user) {
+        Some(p) => p,
         None => return Err(Error::AuthenticationError),
-    }
+    };
 
     let mut md5 = Md5::new();
 
     //    concat('md5', md5(concat(md5(concat(password, username)), random-salt)))
     // First pass
     md5.update(&password.as_bytes());
-    md5.update(&user_name.as_bytes());
+    md5.update(&user.as_bytes());
     let output = md5.finalize_reset();
     // Second pass
     md5.update(format!("{:x}", output));