database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-21 00:42:43 +03:00
Code Activity

Remove support for (insecure) crypt authentication.

Browse Source 
This breaks compatibility with pre-7.2 versions.
This commit is contained in:
Magnus Hagander
2008-10-28 12:10:44 +00:00
parent ba4eb01554
commit 53a5026b5c
13 changed files with 30 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/interfaces/libpq/fe-auth.c
View File

@@ -7,7 +7,7 @@
* Portions Copyright (c) 1994, Regents of the University of California
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.137 2008/01/31 18:58:30 tgl Exp $
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.138 2008/10/28 12:10:44 mha Exp $
*
*-------------------------------------------------------------------------
*/
@@ -40,10 +40,6 @@
#include <pwd.h>
#endif
#ifdef HAVE_CRYPT_H
#include <crypt.h>
#endif
#include "libpq-fe.h"
#include "fe-auth.h"
#include "libpq/md5.h"
@@ -787,14 +783,6 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
}
break;
}
case AUTH_REQ_CRYPT:
{
char salt[3];
strlcpy(salt, conn->cryptSalt, sizeof(salt));
crypt_pwd = crypt(password, salt);
break;
}
case AUTH_REQ_PASSWORD:
/* discard const so we can assign it */
crypt_pwd = (char *) password;
@@ -938,8 +926,12 @@ pg_fe_sendauth(AuthRequest areq, PGconn *conn)
#endif
case AUTH_REQ_MD5:
case AUTH_REQ_CRYPT:
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("Crypt authentication not supported\n"));
return STATUS_ERROR;
case AUTH_REQ_MD5:
case AUTH_REQ_PASSWORD:
conn->password_needed = true;
if (conn->pgpass == NULL || conn->pgpass[0] == '\0')

11
src/interfaces/libpq/fe-connect.c
View File

@@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.364 2008/10/27 09:42:31 mha Exp $
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.365 2008/10/28 12:10:44 mha Exp $
*
*-------------------------------------------------------------------------
*/
@@ -1674,15 +1674,6 @@ keep_going: /* We will come back to here until there is
return PGRES_POLLING_READING;
}
}
if (areq == AUTH_REQ_CRYPT)
{
if (pqGetnchar(conn->cryptSalt,
sizeof(conn->cryptSalt), conn))
{
/* We'll come back when there are more data */
return PGRES_POLLING_READING;
}
}
#if defined(ENABLE_GSS) || defined(ENABLE_SSPI)
/*

3
src/interfaces/libpq/libpq-int.h
View File

@@ -12,7 +12,7 @@
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
* $PostgreSQL: pgsql/src/interfaces/libpq/libpq-int.h,v 1.135 2008/10/27 09:42:31 mha Exp $
* $PostgreSQL: pgsql/src/interfaces/libpq/libpq-int.h,v 1.136 2008/10/28 12:10:44 mha Exp $
*
*-------------------------------------------------------------------------
*/
@@ -340,7 +340,6 @@ struct pg_conn
int be_pid; /* PID of backend --- needed for cancels */
int be_key; /* key of backend --- needed for cancels */
char md5Salt[4]; /* password salt received from backend */
char cryptSalt[2]; /* password salt received from backend */
pgParameterStatus *pstatus; /* ParameterStatus data */
int client_encoding; /* encoding id */
bool std_strings; /* standard_conforming_strings */