mirror of
https://github.com/postgres/postgres.git
synced 2025-07-07 00:36:50 +03:00
Replace isMD5() with a more future-proof way to check if pw is encrypted.
The rule is that if pg_authid.rolpassword begins with "md5" and has the right length, it's an MD5 hash, otherwise it's a plaintext password. The idiom has been to use isMD5() to check for that, but that gets awkward, when we add new kinds of verifiers, like the verifiers for SCRAM authentication in the pending SCRAM patch set. Replace isMD5() with a new get_password_type() function, so that when new verifier types are added, we don't need to remember to modify every place that currently calls isMD5(), to also recognize the new kinds of verifiers. Also, use the new plain_crypt_verify function in passwordcheck, so that it doesn't need to know about MD5, or in the future, about other kinds of hashes or password verifiers. Reviewed by Michael Paquier and Peter Eisentraut. Discussion: https://www.postgresql.org/message-id/2d07165c-1793-e243-a2a9-e45b624c7580@iki.fi
This commit is contained in:
@ -29,7 +29,7 @@
|
||||
#include "commands/dbcommands.h"
|
||||
#include "commands/seclabel.h"
|
||||
#include "commands/user.h"
|
||||
#include "common/md5.h"
|
||||
#include "libpq/crypt.h"
|
||||
#include "miscadmin.h"
|
||||
#include "storage/lmgr.h"
|
||||
#include "utils/acl.h"
|
||||
@ -81,7 +81,6 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
|
||||
ListCell *option;
|
||||
char *password = NULL; /* user password */
|
||||
int password_type = Password_encryption;
|
||||
char encrypted_password[MD5_PASSWD_LEN + 1];
|
||||
bool issuper = false; /* Make the user a superuser? */
|
||||
bool inherit = true; /* Auto inherit privileges? */
|
||||
bool createrole = false; /* Can this user create roles? */
|
||||
@ -370,7 +369,7 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
|
||||
if (check_password_hook && password)
|
||||
(*check_password_hook) (stmt->role,
|
||||
password,
|
||||
isMD5(password) ? PASSWORD_TYPE_MD5 : PASSWORD_TYPE_PLAINTEXT,
|
||||
get_password_type(password),
|
||||
validUntil_datum,
|
||||
validUntil_null);
|
||||
|
||||
@ -393,17 +392,12 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
|
||||
|
||||
if (password)
|
||||
{
|
||||
if (password_type == PASSWORD_TYPE_PLAINTEXT || isMD5(password))
|
||||
new_record[Anum_pg_authid_rolpassword - 1] =
|
||||
CStringGetTextDatum(password);
|
||||
else
|
||||
{
|
||||
if (!pg_md5_encrypt(password, stmt->role, strlen(stmt->role),
|
||||
encrypted_password))
|
||||
elog(ERROR, "password encryption failed");
|
||||
new_record[Anum_pg_authid_rolpassword - 1] =
|
||||
CStringGetTextDatum(encrypted_password);
|
||||
}
|
||||
/* Encrypt the password to the requested format. */
|
||||
char *shadow_pass;
|
||||
|
||||
shadow_pass = encrypt_password(password_type, stmt->role, password);
|
||||
new_record[Anum_pg_authid_rolpassword - 1] =
|
||||
CStringGetTextDatum(shadow_pass);
|
||||
}
|
||||
else
|
||||
new_record_nulls[Anum_pg_authid_rolpassword - 1] = true;
|
||||
@ -505,7 +499,6 @@ AlterRole(AlterRoleStmt *stmt)
|
||||
char *rolename = NULL;
|
||||
char *password = NULL; /* user password */
|
||||
int password_type = Password_encryption;
|
||||
char encrypted_password[MD5_PASSWD_LEN + 1];
|
||||
int issuper = -1; /* Make the user a superuser? */
|
||||
int inherit = -1; /* Auto inherit privileges? */
|
||||
int createrole = -1; /* Can this user create roles? */
|
||||
@ -744,7 +737,7 @@ AlterRole(AlterRoleStmt *stmt)
|
||||
if (check_password_hook && password)
|
||||
(*check_password_hook) (rolename,
|
||||
password,
|
||||
isMD5(password) ? PASSWORD_TYPE_MD5 : PASSWORD_TYPE_PLAINTEXT,
|
||||
get_password_type(password),
|
||||
validUntil_datum,
|
||||
validUntil_null);
|
||||
|
||||
@ -803,17 +796,12 @@ AlterRole(AlterRoleStmt *stmt)
|
||||
/* password */
|
||||
if (password)
|
||||
{
|
||||
if (password_type == PASSWORD_TYPE_PLAINTEXT || isMD5(password))
|
||||
new_record[Anum_pg_authid_rolpassword - 1] =
|
||||
CStringGetTextDatum(password);
|
||||
else
|
||||
{
|
||||
if (!pg_md5_encrypt(password, rolename, strlen(rolename),
|
||||
encrypted_password))
|
||||
elog(ERROR, "password encryption failed");
|
||||
new_record[Anum_pg_authid_rolpassword - 1] =
|
||||
CStringGetTextDatum(encrypted_password);
|
||||
}
|
||||
/* Encrypt the password to the requested format. */
|
||||
char *shadow_pass;
|
||||
|
||||
shadow_pass = encrypt_password(password_type, rolename, password);
|
||||
new_record[Anum_pg_authid_rolpassword - 1] =
|
||||
CStringGetTextDatum(shadow_pass);
|
||||
new_record_repl[Anum_pg_authid_rolpassword - 1] = true;
|
||||
}
|
||||
|
||||
@ -1228,7 +1216,7 @@ RenameRole(const char *oldname, const char *newname)
|
||||
|
||||
datum = heap_getattr(oldtuple, Anum_pg_authid_rolpassword, dsc, &isnull);
|
||||
|
||||
if (!isnull && isMD5(TextDatumGetCString(datum)))
|
||||
if (!isnull && get_password_type(TextDatumGetCString(datum)) == PASSWORD_TYPE_MD5)
|
||||
{
|
||||
/* MD5 uses the username as salt, so just clear it on a rename */
|
||||
repl_repl[Anum_pg_authid_rolpassword - 1] = true;
|
||||
|
Reference in New Issue
Block a user