Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit53a5026

Browse files
committed
Remove support for (insecure) crypt authentication.
This breaks compatibility with pre-7.2 versions.
1 parentba4eb01 commit53a5026

File tree

13 files changed

+30
-200
lines changed

13 files changed

+30
-200
lines changed

‎doc/src/sgml/client-auth.sgml‎

Lines changed: 5 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<!-- $PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.109 2008/10/23 13:31:09 mha Exp $ -->
1+
<!-- $PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.110 2008/10/28 12:10:42 mha Exp $ -->
22

33
<chapter id="client-authentication">
44
<title>Client Authentication</title>
@@ -315,24 +315,6 @@ hostnossl <replaceable>database</replaceable> <replaceable>user</replaceable>
315315
</listitem>
316316
</varlistentry>
317317

318-
<varlistentry>
319-
<term><literal>crypt</></term>
320-
<listitem>
321-
<note>
322-
<para>
323-
This option is recommended only for communicating with pre-7.2
324-
clients.
325-
</para>
326-
</note>
327-
<para>
328-
Require the client to supply a <function>crypt()</>-encrypted
329-
password for authentication.
330-
<literal>md5</literal> is now recommended over <literal>crypt</>.
331-
See <xref linkend="auth-password"> for details.
332-
</para>
333-
</listitem>
334-
</varlistentry>
335-
336318
<varlistentry>
337319
<term><literal>password</></term>
338320
<listitem>
@@ -704,31 +686,22 @@ omicron bryanh guest1
704686
<indexterm>
705687
<primary>MD5</>
706688
</indexterm>
707-
<indexterm>
708-
<primary>crypt</>
709-
</indexterm>
710689
<indexterm>
711690
<primary>password</primary>
712691
<secondary>authentication</secondary>
713692
</indexterm>
714693

715694
<para>
716695
The password-based authentication methods are <literal>md5</>,
717-
<literal>crypt</>,and <literal>password</>. These methods operate
696+
and <literal>password</>. These methods operate
718697
similarly except for the way that the password is sent across the
719-
connection: respectively, MD5-hashed, crypt-encrypted, and clear-text.
720-
A limitation is that the <literal>crypt</> method does not work with
721-
passwords that have been encrypted in <structname>pg_authid</structname>.
698+
connection: respectively, MD5-hashed and clear-text.
722699
</para>
723700

724701
<para>
725702
If you are at all concerned about password
726-
<quote>sniffing</> attacks then <literal>md5</> is preferred, with
727-
<literal>crypt</> to be used only if you must support pre-7.2
728-
clients. Plain <literal>password</> should be avoided especially for
729-
connections over the open Internet (unless you use <acronym>SSL</acronym>,
730-
<acronym>SSH</>, or another
731-
communications security wrapper around the connection).
703+
<quote>sniffing</> attacks then <literal>md5</> is preferred.
704+
Plain <literal>password</> should always be avoided if possible.
732705
</para>
733706

734707
<para>

‎doc/src/sgml/protocol.sgml‎

Lines changed: 1 addition & 69 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<!-- $PostgreSQL: pgsql/doc/src/sgml/protocol.sgml,v 1.73 2008/02/08 18:18:05 tgl Exp $ -->
1+
<!-- $PostgreSQL: pgsql/doc/src/sgml/protocol.sgml,v 1.74 2008/10/28 12:10:42 mha Exp $ -->
22

33
<chapter id="protocol">
44
<title>Frontend/Backend Protocol</title>
@@ -295,19 +295,6 @@
295295
</listitem>
296296
</varlistentry>
297297

298-
<varlistentry>
299-
<term>AuthenticationCryptPassword</term>
300-
<listitem>
301-
<para>
302-
The frontend must now send a PasswordMessage containing the
303-
password encrypted via crypt(3), using the 2-character salt
304-
specified in the AuthenticationCryptPassword message. If
305-
this is the correct password, the server responds with an
306-
AuthenticationOk, otherwise it responds with an ErrorResponse.
307-
</para>
308-
</listitem>
309-
</varlistentry>
310-
311298
<varlistentry>
312299
<term>AuthenticationMD5Password</term>
313300
<listitem>
@@ -1531,61 +1518,6 @@ AuthenticationCleartextPassword (B)
15311518
</varlistentry>
15321519

15331520

1534-
<varlistentry>
1535-
<term>
1536-
AuthenticationCryptPassword (B)
1537-
</term>
1538-
<listitem>
1539-
<para>
1540-
1541-
<variablelist>
1542-
<varlistentry>
1543-
<term>
1544-
Byte1('R')
1545-
</term>
1546-
<listitem>
1547-
<para>
1548-
Identifies the message as an authentication request.
1549-
</para>
1550-
</listitem>
1551-
</varlistentry>
1552-
<varlistentry>
1553-
<term>
1554-
Int32(10)
1555-
</term>
1556-
<listitem>
1557-
<para>
1558-
Length of message contents in bytes, including self.
1559-
</para>
1560-
</listitem>
1561-
</varlistentry>
1562-
<varlistentry>
1563-
<term>
1564-
Int32(4)
1565-
</term>
1566-
<listitem>
1567-
<para>
1568-
Specifies that a crypt()-encrypted password is required.
1569-
</para>
1570-
</listitem>
1571-
</varlistentry>
1572-
<varlistentry>
1573-
<term>
1574-
Byte2
1575-
</term>
1576-
<listitem>
1577-
<para>
1578-
The salt to use when encrypting the password.
1579-
</para>
1580-
</listitem>
1581-
</varlistentry>
1582-
</variablelist>
1583-
1584-
</para>
1585-
</listitem>
1586-
</varlistentry>
1587-
1588-
15891521
<varlistentry>
15901522
<term>
15911523
AuthenticationMD5Password (B)

‎doc/src/sgml/user-manag.sgml‎

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<!-- $PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.40 2008/09/08 00:47:40 tgl Exp $ -->
1+
<!-- $PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.41 2008/10/28 12:10:42 mha Exp $ -->
22

33
<chapter id="user-manag">
44
<title>Database Roles and Privileges</title>
@@ -215,8 +215,8 @@ CREATE USER <replaceable>name</replaceable>;
215215
<para>
216216
A password is only significant if the client authentication
217217
method requires the user to supply a password when connecting
218-
to the database. The <option>password</>,
219-
<option>md5</>, and <option>crypt</> authentication methods
218+
to the database. The <option>password</> and
219+
<option>md5</> authentication methods
220220
make use of passwords. Database passwords are separate from
221221
operating system passwords. Specify a password upon role
222222
creation with <literal>CREATE ROLE

‎src/backend/libpq/auth.c‎

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.169 2008/10/23 13:31:10 mha Exp $
11+
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.170 2008/10/28 12:10:43 mha Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -230,7 +230,6 @@ auth_failed(Port *port, int status)
230230
errstr=gettext_noop("Ident authentication failed for user \"%s\"");
231231
break;
232232
caseuaMD5:
233-
caseuaCrypt:
234233
caseuaPassword:
235234
errstr=gettext_noop("password authentication failed for user \"%s\"");
236235
break;
@@ -373,11 +372,6 @@ ClientAuthentication(Port *port)
373372
status=recv_and_check_password_packet(port);
374373
break;
375374

376-
caseuaCrypt:
377-
sendAuthRequest(port,AUTH_REQ_CRYPT);
378-
status=recv_and_check_password_packet(port);
379-
break;
380-
381375
caseuaPassword:
382376
sendAuthRequest(port,AUTH_REQ_PASSWORD);
383377
status=recv_and_check_password_packet(port);
@@ -426,8 +420,6 @@ sendAuthRequest(Port *port, AuthRequest areq)
426420
/* Add the salt for encrypted passwords. */
427421
if (areq==AUTH_REQ_MD5)
428422
pq_sendbytes(&buf,port->md5Salt,4);
429-
elseif (areq==AUTH_REQ_CRYPT)
430-
pq_sendbytes(&buf,port->cryptSalt,2);
431423

432424
#if defined(ENABLE_GSS)|| defined(ENABLE_SSPI)
433425

‎src/backend/libpq/crypt.c‎

Lines changed: 1 addition & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
1010
* Portions Copyright (c) 1994, Regents of the University of California
1111
*
12-
* $PostgreSQL: pgsql/src/backend/libpq/crypt.c,v 1.75 2008/09/15 12:32:56 mha Exp $
12+
* $PostgreSQL: pgsql/src/backend/libpq/crypt.c,v 1.76 2008/10/28 12:10:43 mha Exp $
1313
*
1414
*-------------------------------------------------------------------------
1515
*/
@@ -53,14 +53,6 @@ md5_crypt_verify(const Port *port, const char *role, char *client_pass)
5353
if (shadow_pass==NULL||*shadow_pass=='\0')
5454
returnSTATUS_ERROR;
5555

56-
/* We can't do crypt with MD5 passwords */
57-
if (isMD5(shadow_pass)&&port->hba->auth_method==uaCrypt)
58-
{
59-
ereport(LOG,
60-
(errmsg("cannot use authentication method \"crypt\" because password is MD5-encrypted")));
61-
returnSTATUS_ERROR;
62-
}
63-
6456
/*
6557
* Compare with the encrypted or plain password depending on the
6658
* authentication method being used for this connection.
@@ -106,14 +98,6 @@ md5_crypt_verify(const Port *port, const char *role, char *client_pass)
10698
pfree(crypt_pwd2);
10799
}
108100
break;
109-
caseuaCrypt:
110-
{
111-
charsalt[3];
112-
113-
strlcpy(salt,port->cryptSalt,sizeof(salt));
114-
crypt_pwd=crypt(shadow_pass,salt);
115-
break;
116-
}
117101
default:
118102
if (isMD5(shadow_pass))
119103
{

‎src/backend/libpq/hba.c‎

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
*
1111
*
1212
* IDENTIFICATION
13-
* $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.171 2008/10/27 20:04:45 mha Exp $
13+
* $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.172 2008/10/28 12:10:43 mha Exp $
1414
*
1515
*-------------------------------------------------------------------------
1616
*/
@@ -847,8 +847,6 @@ parse_hba_line(List *line, int line_num, HbaLine *parsedline)
847847
parsedline->auth_method=uaReject;
848848
elseif (strcmp(token, "md5")==0)
849849
parsedline->auth_method=uaMD5;
850-
elseif (strcmp(token, "crypt")==0)
851-
parsedline->auth_method=uaCrypt;
852850
elseif (strcmp(token, "pam")==0)
853851
#ifdefUSE_PAM
854852
parsedline->auth_method=uaPAM;

‎src/backend/postmaster/postmaster.c‎

Lines changed: 6 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@
3737
*
3838
*
3939
* IDENTIFICATION
40-
* $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.565 2008/09/23 20:35:38 momjian Exp $
40+
* $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.566 2008/10/28 12:10:43 mha Exp $
4141
*
4242
* NOTES
4343
*
@@ -323,7 +323,7 @@ static intinitMasks(fd_set *rmask);
323323
staticvoidreport_fork_failure_to_client(Port*port,interrnum);
324324
staticenumCAC_statecanAcceptConnections(void);
325325
staticlongPostmasterRandom(void);
326-
staticvoidRandomSalt(char*cryptSalt,char*md5Salt);
326+
staticvoidRandomSalt(char*md5Salt);
327327
staticvoidsignal_child(pid_tpid,intsignal);
328328
staticvoidSignalSomeChildren(intsignal,boolonly_autovac);
329329

@@ -1808,7 +1808,7 @@ ConnCreate(int serverFd)
18081808
* fork, not after. Else the postmaster's random sequence won't get
18091809
* advanced, and all backends would end up using the same salt...
18101810
*/
1811-
RandomSalt(port->cryptSalt,port->md5Salt);
1811+
RandomSalt(port->md5Salt);
18121812
}
18131813

18141814
/*
@@ -3910,49 +3910,20 @@ dummy_handler(SIGNAL_ARGS)
39103910
{
39113911
}
39123912

3913-
3914-
/*
3915-
* CharRemap: given an int in range 0..61, produce textual encoding of it
3916-
* per crypt(3) conventions.
3917-
*/
3918-
staticchar
3919-
CharRemap(longch)
3920-
{
3921-
if (ch<0)
3922-
ch=-ch;
3923-
ch=ch %62;
3924-
3925-
if (ch<26)
3926-
return'A'+ch;
3927-
3928-
ch-=26;
3929-
if (ch<26)
3930-
return'a'+ch;
3931-
3932-
ch-=26;
3933-
return'0'+ch;
3934-
}
3935-
39363913
/*
39373914
* RandomSalt
39383915
*/
39393916
staticvoid
3940-
RandomSalt(char*cryptSalt,char*md5Salt)
3917+
RandomSalt(char*md5Salt)
39413918
{
3942-
longrand=PostmasterRandom();
3943-
3944-
cryptSalt[0]=CharRemap(rand %62);
3945-
cryptSalt[1]=CharRemap(rand /62);
3919+
longrand;
39463920

39473921
/*
3948-
* It's okay to reuse the first random value for one of the MD5 salt
3949-
* bytes, since only one of the two salts will be sent to the client.
3950-
* After that we need to compute more random bits.
3951-
*
39523922
* We use % 255, sacrificing one possible byte value, so as to ensure that
39533923
* all bits of the random() value participate in the result. While at it,
39543924
* add one to avoid generating any null bytes.
39553925
*/
3926+
rand=PostmasterRandom();
39563927
md5Salt[0]= (rand %255)+1;
39573928
rand=PostmasterRandom();
39583929
md5Salt[1]= (rand %255)+1;

‎src/include/libpq/hba.h‎

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
* Interface to hba.c
55
*
66
*
7-
* $PostgreSQL: pgsql/src/include/libpq/hba.h,v 1.50 2008/10/23 13:31:10 mha Exp $
7+
* $PostgreSQL: pgsql/src/include/libpq/hba.h,v 1.51 2008/10/28 12:10:44 mha Exp $
88
*
99
*-------------------------------------------------------------------------
1010
*/
@@ -22,7 +22,6 @@ typedef enum UserAuth
2222
uaTrust,
2323
uaIdent,
2424
uaPassword,
25-
uaCrypt,
2625
uaMD5,
2726
uaGSS,
2827
uaSSPI,

‎src/include/libpq/libpq-be.h‎

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
1212
* Portions Copyright (c) 1994, Regents of the University of California
1313
*
14-
* $PostgreSQL: pgsql/src/include/libpq/libpq-be.h,v 1.67 2008/09/15 12:32:57 mha Exp $
14+
* $PostgreSQL: pgsql/src/include/libpq/libpq-be.h,v 1.68 2008/10/28 12:10:44 mha Exp $
1515
*
1616
*-------------------------------------------------------------------------
1717
*/
@@ -123,7 +123,6 @@ typedef struct Port
123123
*/
124124
HbaLine*hba;
125125
charmd5Salt[4];/* Password salt */
126-
charcryptSalt[2];/* Password salt */
127126

128127
/*
129128
* Information that really has no business at all being in struct Port,

‎src/include/libpq/pqcomm.h‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
1010
* Portions Copyright (c) 1994, Regents of the University of California
1111
*
12-
* $PostgreSQL: pgsql/src/include/libpq/pqcomm.h,v 1.108 2008/01/01 19:45:58 momjian Exp $
12+
* $PostgreSQL: pgsql/src/include/libpq/pqcomm.h,v 1.109 2008/10/28 12:10:44 mha Exp $
1313
*
1414
*-------------------------------------------------------------------------
1515
*/
@@ -153,7 +153,7 @@ extern bool Db_user_namespace;
153153
#defineAUTH_REQ_KRB41/* Kerberos V4. Not supported any more. */
154154
#defineAUTH_REQ_KRB52/* Kerberos V5 */
155155
#defineAUTH_REQ_PASSWORD3/* Password */
156-
#defineAUTH_REQ_CRYPT4/* crypt password */
156+
#defineAUTH_REQ_CRYPT4/* crypt password. Not supported any more. */
157157
#defineAUTH_REQ_MD55/* md5 password */
158158
#defineAUTH_REQ_SCM_CREDS6/* transfer SCM credentials */
159159
#defineAUTH_REQ_GSS7/* GSSAPI without wrap() */

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp