Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit3a306ee

Browse files
author
Barry Lind
committed
Commit to support MD5 passwords as per the backend for 7.2. This patch was submitted by Jeremy Wohl jeremyw-pgjdbc@igmus.org
1 parentd7a343d commit3a306ee

File tree

2 files changed

+100
-5
lines changed

2 files changed

+100
-5
lines changed

‎src/interfaces/jdbc/org/postgresql/Connection.java

Lines changed: 27 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
importorg.postgresql.core.*;
1212

1313
/**
14-
* $Id: Connection.java,v 1.34 2001/11/01 01:08:36 barry Exp $
14+
* $Id: Connection.java,v 1.35 2001/11/12 19:11:56 barry Exp $
1515
*
1616
* This abstract class is used by org.postgresql.Driver to open either the JDBC1 or
1717
* JDBC2 versions of the Connection class.
@@ -63,6 +63,7 @@ public abstract class Connection
6363
privatestaticfinalintAUTH_REQ_KRB5 =2;
6464
privatestaticfinalintAUTH_REQ_PASSWORD =3;
6565
privatestaticfinalintAUTH_REQ_CRYPT =4;
66+
privatestaticfinalintAUTH_REQ_MD5 =5;
6667

6768
// New for 6.3, salt value for crypt authorisation
6869
privateStringsalt;
@@ -180,22 +181,34 @@ protected void openConnection(String host, int port, Properties info, String dat
180181
// Get the type of request
181182
areq =pg_stream.ReceiveIntegerR(4);
182183

183-
// Get the password salt if there is one
184+
// Get thecryptpassword salt if there is one
184185
if (areq ==AUTH_REQ_CRYPT)
185186
{
186187
byte[]rst =newbyte[2];
187188
rst[0] = (byte)pg_stream.ReceiveChar();
188189
rst[1] = (byte)pg_stream.ReceiveChar();
189190
salt =newString(rst,0,2);
190-
DriverManager.println("Salt=" +salt);
191+
DriverManager.println("Crypt salt=" +salt);
192+
}
193+
194+
// Or get the md5 password salt if there is one
195+
if (areq ==AUTH_REQ_MD5)
196+
{
197+
byte[]rst =newbyte[4];
198+
rst[0] = (byte)pg_stream.ReceiveChar();
199+
rst[1] = (byte)pg_stream.ReceiveChar();
200+
rst[2] = (byte)pg_stream.ReceiveChar();
201+
rst[3] = (byte)pg_stream.ReceiveChar();
202+
salt =newString(rst,0,4);
203+
DriverManager.println("MD5 salt=" +salt);
191204
}
192205

193206
// now send the auth packet
194207
switch (areq)
195208
{
196209
caseAUTH_REQ_OK:
197-
break;
198-
210+
break;
211+
199212
caseAUTH_REQ_KRB4:
200213
DriverManager.println("postgresql: KRB4");
201214
thrownewPSQLException("postgresql.con.kerb4");
@@ -221,6 +234,15 @@ protected void openConnection(String host, int port, Properties info, String dat
221234
pg_stream.flush();
222235
break;
223236

237+
caseAUTH_REQ_MD5:
238+
DriverManager.println("postgresql: MD5");
239+
byte[]digest =MD5Digest.encode(PG_USER,PG_PASSWORD,salt);
240+
pg_stream.SendInteger(5 +digest.length,4);
241+
pg_stream.Send(digest);
242+
pg_stream.SendInteger(0,1);
243+
pg_stream.flush();
244+
break;
245+
224246
default:
225247
thrownewPSQLException("postgresql.con.auth",newInteger(areq));
226248
}
Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,73 @@
1+
packageorg.postgresql.util;
2+
3+
/**
4+
* MD5-based utility function to obfuscate passwords before network transmission
5+
*
6+
* @author Jeremy Wohl
7+
*
8+
*/
9+
10+
importjava.security.*;
11+
12+
publicclassMD5Digest
13+
{
14+
privateMD5Digest() {}
15+
16+
17+
/**
18+
* Encodes user/password/salt information in the following way:
19+
* MD5(MD5(password + user) + salt)
20+
*
21+
* @param user The connecting user.
22+
* @param password The connecting user's password.
23+
* @param salt A four-character string sent by the server.
24+
*
25+
* @return A 35-byte array, comprising the string "md5", followed by an MD5 digest.
26+
*/
27+
publicstaticbyte[]encode(Stringuser,Stringpassword,Stringsalt)
28+
{
29+
MessageDigestmd;
30+
byte[]temp_digest,pass_digest;
31+
byte[]hex_digest =newbyte[35];
32+
33+
34+
try {
35+
md =MessageDigest.getInstance("MD5");
36+
37+
md.update(password.getBytes());
38+
md.update(user.getBytes());
39+
temp_digest =md.digest();
40+
41+
bytesToHex(temp_digest,hex_digest,0);
42+
md.update(hex_digest,0,32);
43+
md.update(salt.getBytes());
44+
pass_digest =md.digest();
45+
46+
bytesToHex(pass_digest,hex_digest,3);
47+
hex_digest[0] = (byte)'m';hex_digest[1] = (byte)'d';hex_digest[2] = (byte)'5';
48+
}catch (Exceptione) {
49+
;// "MessageDigest failure; " + e
50+
}
51+
52+
returnhex_digest;
53+
}
54+
55+
56+
/**
57+
* Turn 16-byte stream into a human-readable 32-byte hex string
58+
*/
59+
privatestaticvoidbytesToHex(byte[]bytes,byte[]hex,intoffset)
60+
{
61+
finalcharlookup[] = {'0','1','2','3','4','5','6','7','8','9',
62+
'a','b','c','d','e','f' };
63+
64+
inti,c,j,pos =offset;
65+
66+
for (i =0;i <16;i++) {
67+
c =bytes[i] &0xFF;j =c >>4;
68+
hex[pos++] = (byte)lookup[j];
69+
j = (c &0xF);
70+
hex[pos++] = (byte)lookup[j];
71+
}
72+
}
73+
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp