database/postgres
database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-04-24 10:47:04 +03:00
Code

Clearify variables names so it is clear which variable is the

Browse Source 
client-supplied password and which is from pg_shadow.
This commit is contained in:
Bruce Momjian 2002-12-05 18:52:43 +00:00
parent 44ab596b01
commit f7a3d742df
2 changed files with 22 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
src/backend/libpq/crypt.c
View File

@ -9,7 +9,7 @@
* Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group * Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California * Portions Copyright (c) 1994, Regents of the University of California
* *
* $Header: /cvsroot/pgsql/src/backend/libpq/crypt.c,v 1.50 2002/12/05 18:39:43 momjian Exp $ * $Header: /cvsroot/pgsql/src/backend/libpq/crypt.c,v 1.51 2002/12/05 18:52:42 momjian Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -29,15 +29,15 @@
int int
md5_crypt_verify(const Port *port, const char *user, char *pgpass) md5_crypt_verify(const Port *port, const char *user, char *client_pass)
{ {
char *passwd = NULL, char *shadow_pass = NULL,
*valuntil = NULL, *valuntil = NULL,
*crypt_pwd; *crypt_pwd;
int retval = STATUS_ERROR; int retval = STATUS_ERROR;
List **line; List **line;
List *token; List *token;
char *crypt_pgpass = pgpass; char *crypt_client_pass = client_pass;
if ((line = get_user_line(user)) == NULL) if ((line = get_user_line(user)) == NULL)
return STATUS_ERROR; return STATUS_ERROR;
@ -46,17 +46,17 @@ md5_crypt_verify(const Port *port, const char *user, char *pgpass)
token = lnext(lnext(*line)); token = lnext(lnext(*line));
if (token) if (token)
{ {
passwd = lfirst(token); shadow_pass = lfirst(token);
token = lnext(token); token = lnext(token);
if (token) if (token)
valuntil = lfirst(token); valuntil = lfirst(token);
} }
if (passwd == NULL || *passwd == '\0') if (shadow_pass == NULL || *shadow_pass == '\0')
return STATUS_ERROR; return STATUS_ERROR;
/* We can't do crypt with pg_shadow MD5 passwords */ /* We can't do crypt with pg_shadow MD5 passwords */
if (isMD5(passwd) && port->auth_method == uaCrypt) if (isMD5(shadow_pass) && port->auth_method == uaCrypt)
{ {
elog(LOG, "Password is stored MD5 encrypted. " elog(LOG, "Password is stored MD5 encrypted. "
"'crypt' auth method cannot be used."); "'crypt' auth method cannot be used.");
@ -71,10 +71,10 @@ md5_crypt_verify(const Port *port, const char *user, char *pgpass)
{ {
case uaMD5: case uaMD5:
crypt_pwd = palloc(MD5_PASSWD_LEN + 1); crypt_pwd = palloc(MD5_PASSWD_LEN + 1);
if (isMD5(passwd)) if (isMD5(shadow_pass))
{ {
/* pg_shadow already encrypted, only do salt */ /* pg_shadow already encrypted, only do salt */
if (!EncryptMD5(passwd + strlen("md5"), if (!EncryptMD5(shadow_pass + strlen("md5"),
(char *) port->md5Salt, (char *) port->md5Salt,
sizeof(port->md5Salt), crypt_pwd)) sizeof(port->md5Salt), crypt_pwd))
{ {
@ -87,7 +87,7 @@ md5_crypt_verify(const Port *port, const char *user, char *pgpass)
/* pg_shadow plain, double-encrypt */ /* pg_shadow plain, double-encrypt */
char *crypt_pwd2 = palloc(MD5_PASSWD_LEN + 1); char *crypt_pwd2 = palloc(MD5_PASSWD_LEN + 1);
if (!EncryptMD5(passwd, port->user, strlen(port->user), if (!EncryptMD5(shadow_pass, port->user, strlen(port->user),
crypt_pwd2)) crypt_pwd2))
{ {
pfree(crypt_pwd); pfree(crypt_pwd);
@ -109,26 +109,26 @@ md5_crypt_verify(const Port *port, const char *user, char *pgpass)
char salt[3]; char salt[3];
StrNCpy(salt, port->cryptSalt, 3); StrNCpy(salt, port->cryptSalt, 3);
crypt_pwd = crypt(passwd, salt); crypt_pwd = crypt(shadow_pass, salt);
break; break;
} }
default: default:
if (isMD5(passwd)) if (isMD5(shadow_pass))
{ {
/* Encrypt user-supplied password to match MD5 in pg_shadow */ /* Encrypt user-supplied password to match MD5 in pg_shadow */
crypt_pgpass = palloc(MD5_PASSWD_LEN + 1); crypt_client_pass = palloc(MD5_PASSWD_LEN + 1);
if (!EncryptMD5(pgpass, port->user, strlen(port->user), if (!EncryptMD5(client_pass, port->user, strlen(port->user),
crypt_pgpass)) crypt_client_pass))
{ {
pfree(crypt_pgpass); pfree(crypt_client_pass);
return STATUS_ERROR; return STATUS_ERROR;
} }
} }
crypt_pwd = passwd; crypt_pwd = shadow_pass;
break; break;
} }
if (strcmp(crypt_pgpass, crypt_pwd) == 0) if (strcmp(crypt_client_pass, crypt_pwd) == 0)
{ {
/* /*
* Password OK, now check to be sure we are not past valuntil * Password OK, now check to be sure we are not past valuntil
@ -150,8 +150,8 @@ md5_crypt_verify(const Port *port, const char *user, char *pgpass)
if (port->auth_method == uaMD5) if (port->auth_method == uaMD5)
pfree(crypt_pwd); pfree(crypt_pwd);
if (crypt_pgpass != pgpass) if (crypt_client_pass != client_pass)
pfree(crypt_pgpass); pfree(crypt_client_pass);
return retval; return retval;
} }

4
src/include/libpq/crypt.h
View File

@ -6,7 +6,7 @@
* Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group * Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California * Portions Copyright (c) 1994, Regents of the University of California
* *
* $Id: crypt.h,v 1.23 2002/12/05 18:39:43 momjian Exp $ * $Id: crypt.h,v 1.24 2002/12/05 18:52:43 momjian Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -23,7 +23,7 @@
extern int md5_crypt_verify(const Port *port, const char *user, extern int md5_crypt_verify(const Port *port, const char *user,
char *pgpass); char *client_pass);
extern bool md5_hash(const void *buff, size_t len, char *hexsum); extern bool md5_hash(const void *buff, size_t len, char *hexsum);
extern bool CheckMD5Pwd(char *passwd, char *storedpwd, char *seed); extern bool CheckMD5Pwd(char *passwd, char *storedpwd, char *seed);