Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit95c1dbc

Browse files
committed
A collection of small fixes for the SCRAM patch.
* Add required #includes for htonl. Per buildfarm members pademelon/gaur.* Remove unnecessary "#include <utils/memutils>".* Fix checking for empty string in pg_SASL_init. (Reported by Peter Eisentraut and his compiler)* Move code in pg_SASL_init to match the recent changes (commitba005f1) to pg_fe_sendauth() function, where it's copied from.* Return value of malloc() was not checked for NULL in scram_SaltedPassword(). Fix by avoiding the malloc().
1 parent3bc7daf commit95c1dbc

File tree

2 files changed

+14
-23
lines changed

2 files changed

+14
-23
lines changed

‎src/common/scram-common.c

Lines changed: 10 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -15,11 +15,14 @@
1515
*/
1616
#ifndefFRONTEND
1717
#include"postgres.h"
18-
#include"utils/memutils.h"
1918
#else
2019
#include"postgres_fe.h"
2120
#endif
2221

22+
/* for htonl */
23+
#include<netinet/in.h>
24+
#include<arpa/inet.h>
25+
2326
#include"common/scram-common.h"
2427

2528
#defineHMAC_IPAD 0x36
@@ -145,10 +148,13 @@ scram_H(const uint8 *input, int len, uint8 *result)
145148
}
146149

147150
/*
148-
* Normalize a password for SCRAM authentication.
151+
* Encrypt password for SCRAM authentication. This basically applies the
152+
* normalization of the password and a hash calculation using the salt
153+
* value given by caller.
149154
*/
150155
staticvoid
151-
scram_Normalize(constchar*password,char*result)
156+
scram_SaltedPassword(constchar*password,constchar*salt,intsaltlen,intiterations,
157+
uint8*result)
152158
{
153159
/*
154160
* XXX: Here SASLprep should be applied on password. However, per RFC5802,
@@ -158,24 +164,8 @@ scram_Normalize(const char *password, char *result)
158164
* the frontend in order to be able to encode properly this string, and
159165
* then apply SASLprep on it.
160166
*/
161-
memcpy(result,password,strlen(password)+1);
162-
}
163-
164-
/*
165-
* Encrypt password for SCRAM authentication. This basically applies the
166-
* normalization of the password and a hash calculation using the salt
167-
* value given by caller.
168-
*/
169-
staticvoid
170-
scram_SaltedPassword(constchar*password,constchar*salt,intsaltlen,intiterations,
171-
uint8*result)
172-
{
173-
char*pwbuf;
174167

175-
pwbuf= (char*)malloc(strlen(password)+1);
176-
scram_Normalize(password,pwbuf);
177-
scram_Hi(pwbuf,salt,saltlen,iterations,result);
178-
free(pwbuf);
168+
scram_Hi(password,salt,saltlen,iterations,result);
179169
}
180170

181171
/*

‎src/interfaces/libpq/fe-auth.c

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -445,12 +445,13 @@ pg_SASL_init(PGconn *conn, const char *auth_mechanism)
445445
*/
446446
if (strcmp(auth_mechanism,SCRAM_SHA256_NAME)==0)
447447
{
448-
char*password=conn->connhost[conn->whichhost].password;
448+
char*password;
449449

450+
conn->password_needed= true;
451+
password=conn->connhost[conn->whichhost].password;
450452
if (password==NULL)
451453
password=conn->pgpass;
452-
conn->password_needed= true;
453-
if (password==NULL||password=='\0')
454+
if (password==NULL||password[0]=='\0')
454455
{
455456
printfPQExpBuffer(&conn->errorMessage,
456457
PQnoPasswordSupplied);

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp