database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-12-06 00:02:13 +03:00
Code Activity

Revert error handling improvements for cryptohashes

Browse Source 
This reverts commits ab27df2, af8d530 and 3a0cced, that introduced
pg_cryptohash_error().  In order to make the core code able to pass down
the new error types that this introduced, some of the MD5-related
routines had to be reworked, causing an ABI breakage, but we found that
some external extensions rely on them.  Maintaining compatibility
outweights the error report benefits, so just revert the change in v14.

Reported-by: Laurenz Albe
Discussion: https://postgr.es/m/9f0c0a96d28cf14fc87296bbe67061c14eb53ae8.camel@cybertec.at
This commit is contained in:
Michael Paquier
2022-01-14 11:25:39 +09:00
parent 4aee39ddb8
commit ad5b6f248a
19 changed files with 88 additions and 297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/common/md5_common.c
View File

@@ -67,7 +67,7 @@ bytesToHex(uint8 b[16], char *s)
*/
bool
pg_md5_hash(const void *buff, size_t len, char *hexsum, const char **errstr)
pg_md5_hash(const void *buff, size_t len, char *hexsum)
{
uint8 sum[MD5_DIGEST_LENGTH];
pg_cryptohash_ctx *ctx;
@@ -80,7 +80,6 @@ pg_md5_hash(const void *buff, size_t len, char *hexsum, const char **errstr)
pg_cryptohash_update(ctx, buff, len) < 0 ||
pg_cryptohash_final(ctx, sum, sizeof(sum)) < 0)
{
*errstr = pg_cryptohash_error(ctx);
pg_cryptohash_free(ctx);
return false;
}
@@ -91,23 +90,18 @@ pg_md5_hash(const void *buff, size_t len, char *hexsum, const char **errstr)
}
bool
pg_md5_binary(const void *buff, size_t len, void *outbuf, const char **errstr)
pg_md5_binary(const void *buff, size_t len, void *outbuf)
{
pg_cryptohash_ctx *ctx;
*errstr = NULL;
ctx = pg_cryptohash_create(PG_MD5);
if (ctx == NULL)
{
*errstr = pg_cryptohash_error(NULL); /* returns OOM */
return false;
}
if (pg_cryptohash_init(ctx) < 0 ||
pg_cryptohash_update(ctx, buff, len) < 0 ||
pg_cryptohash_final(ctx, outbuf, MD5_DIGEST_LENGTH) < 0)
{
*errstr = pg_cryptohash_error(ctx);
pg_cryptohash_free(ctx);
return false;
}
@@ -124,12 +118,11 @@ pg_md5_binary(const void *buff, size_t len, void *outbuf, const char **errstr)
* Output format is "md5" followed by a 32-hex-digit MD5 checksum.
* Hence, the output buffer "buf" must be at least 36 bytes long.
*
* Returns true if okay, false on error with *errstr providing some
* error context.
* Returns true if okay, false on error (out of memory).
*/
bool
pg_md5_encrypt(const char *passwd, const char *salt, size_t salt_len,
char *buf, const char **errstr)
char *buf)
{
size_t passwd_len = strlen(passwd);
@@ -138,10 +131,7 @@ pg_md5_encrypt(const char *passwd, const char *salt, size_t salt_len,
bool ret;
if (!crypt_buf)
{
*errstr = _("out of memory");
return false;
}
/*
* Place salt at the end because it may be known by users trying to crack
@@ -151,7 +141,7 @@ pg_md5_encrypt(const char *passwd, const char *salt, size_t salt_len,
memcpy(crypt_buf + passwd_len, salt, salt_len);
strcpy(buf, "md5");
ret = pg_md5_hash(crypt_buf, passwd_len + salt_len, buf + 3, errstr);
ret = pg_md5_hash(crypt_buf, passwd_len + salt_len, buf + 3);
free(crypt_buf);