Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit60f11b8

Browse files
committed
Use SASLprep to normalize passwords for SCRAM authentication.
An important step of SASLprep normalization, is to convert the string toUnicode normalization form NFKC. Unicode normalization requires a fairlylarge table of character decompositions, which is generated from datapublished by the Unicode consortium. The script to generate the table isput in src/common/unicode, as well test code for the normalization.A pre-generated version of the tables is included in src/include/common,so you don't need the code in src/common/unicode to build PostgreSQL, onlyif you wish to modify the normalization tables.The SASLprep implementation depends on the UTF-8 functions fromsrc/backend/utils/mb/wchar.c. So to use it, you must also compile and linkthat. That doesn't change anything for the current users of thesefunctions, the backend and libpq, as they both already link with wchar.o.It would be good to move those functions into a separate file insrc/commmon, but I'll leave that for another day.No documentation changes included, because there is no details on theSCRAM mechanism in the docs anyway. An overview on that in the protocolspecification would probably be good, even though SCRAM is documented indetail in RFC5802. I'll write that as a separate patch. An important thingto mention there is that we apply SASLprep even on invalid UTF-8 strings,to support other encodings.Patch by Michael Paquier and me.Discussion:https://www.postgresql.org/message-id/CAB7nPqSByyEmAVLtEf1KxTRh=PWNKiWKEKQR=e1yGehz=wbymQ@mail.gmail.com
1 parent32e33a7 commit60f11b8

File tree

19 files changed

+11322
-32
lines changed

19 files changed

+11322
-32
lines changed

‎src/backend/libpq/auth-scram.c

Lines changed: 59 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,13 +11,43 @@
1111
*
1212
* - Username from the authentication exchange is not used. The client
1313
* should send an empty string as the username.
14-
* - Password is not processed with the SASLprep algorithm.
14+
*
15+
* - If the password isn't valid UTF-8, or contains characters prohibited
16+
* by the SASLprep profile, we skip the SASLprep pre-processing and use
17+
* the raw bytes in calculating the hash.
18+
*
1519
* - Channel binding is not supported yet.
1620
*
21+
*
1722
* The password stored in pg_authid consists of the salt, iteration count,
1823
* StoredKey and ServerKey.
1924
*
20-
* On error handling:
25+
* SASLprep usage
26+
* --------------
27+
*
28+
* One notable difference to the SCRAM specification is that while the
29+
* specification dictates that the password is in UTF-8, and prohibits
30+
* certain characters, we are more lenient. If the password isn't a valid
31+
* UTF-8 string, or contains prohibited characters, the raw bytes are used
32+
* to calculate the hash instead, without SASLprep processing. This is
33+
* because PostgreSQL supports other encodings too, and the encoding being
34+
* used during authentication is undefined (client_encoding isn't set until
35+
* after authentication). In effect, we try to interpret the password as
36+
* UTF-8 and apply SASLprep processing, but if it looks invalid, we assume
37+
* that it's in some other encoding.
38+
*
39+
* In the worst case, we misinterpret a password that's in a different
40+
* encoding as being Unicode, because it happens to consists entirely of
41+
* valid UTF-8 bytes, and we apply Unicode normalization to it. As long
42+
* as we do that consistently, that will not lead to failed logins.
43+
* Fortunately, the UTF-8 byte sequences that are ignored by SASLprep
44+
* don't correspond to any commonly used characters in any of the other
45+
* supported encodings, so it should not lead to any significant loss in
46+
* entropy, even if the normalization is incorrectly applied to a
47+
* non-UTF-8 password.
48+
*
49+
* Error handling
50+
* --------------
2151
*
2252
* Don't reveal user information to an unauthenticated client. We don't
2353
* want an attacker to be able to probe whether a particular username is
@@ -37,6 +67,7 @@
3767
* to the encoding being used, whatever that is. We cannot avoid that in
3868
* general, after logging in, but let's do what we can here.
3969
*
70+
*
4071
* Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group
4172
* Portions Copyright (c) 1994, Regents of the University of California
4273
*
@@ -52,6 +83,7 @@
5283
#include"catalog/pg_authid.h"
5384
#include"catalog/pg_control.h"
5485
#include"common/base64.h"
86+
#include"common/saslprep.h"
5587
#include"common/scram-common.h"
5688
#include"common/sha2.h"
5789
#include"libpq/auth.h"
@@ -344,6 +376,17 @@ scram_build_verifier(const char *username, const char *password,
344376
charsalt[SCRAM_SALT_LEN];
345377
char*encoded_salt;
346378
intencoded_len;
379+
char*prep_password=NULL;
380+
pg_saslprep_rcrc;
381+
382+
/*
383+
* Normalize the password with SASLprep. If that doesn't work, because
384+
* the password isn't valid UTF-8 or contains prohibited characters, just
385+
* proceed with the original password. (See comments at top of file.)
386+
*/
387+
rc=pg_saslprep(password,&prep_password);
388+
if (rc==SASLPREP_SUCCESS)
389+
password= (constchar*)prep_password;
347390

348391
if (iterations <=0)
349392
iterations=SCRAM_ITERATIONS_DEFAULT;
@@ -373,6 +416,9 @@ scram_build_verifier(const char *username, const char *password,
373416
(void)hex_encode((constchar*)keybuf,SCRAM_KEY_LEN,serverkey_hex);
374417
serverkey_hex[SCRAM_KEY_LEN*2]='\0';
375418

419+
if (prep_password)
420+
pfree(prep_password);
421+
376422
returnpsprintf("scram-sha-256:%s:%d:%s:%s",encoded_salt,iterations,storedkey_hex,serverkey_hex);
377423
}
378424

@@ -392,13 +438,14 @@ scram_verify_plain_password(const char *username, const char *password,
392438
uint8stored_key[SCRAM_KEY_LEN];
393439
uint8server_key[SCRAM_KEY_LEN];
394440
uint8computed_key[SCRAM_KEY_LEN];
441+
char*prep_password=NULL;
442+
pg_saslprep_rcrc;
395443

396444
if (!parse_scram_verifier(verifier,&encoded_salt,&iterations,
397445
stored_key,server_key))
398446
{
399447
/*
400-
* The password looked like a SCRAM verifier, but could not be
401-
* parsed.
448+
* The password looked like a SCRAM verifier, but could not be parsed.
402449
*/
403450
elog(LOG,"invalid SCRAM verifier for user \"%s\"",username);
404451
return false;
@@ -412,10 +459,18 @@ scram_verify_plain_password(const char *username, const char *password,
412459
return false;
413460
}
414461

462+
/* Normalize the password */
463+
rc=pg_saslprep(password,&prep_password);
464+
if (rc==SASLPREP_SUCCESS)
465+
password=prep_password;
466+
415467
/* Compute Server key based on the user-supplied plaintext password */
416468
scram_ClientOrServerKey(password,salt,saltlen,iterations,
417469
SCRAM_SERVER_KEY_NAME,computed_key);
418470

471+
if (prep_password)
472+
pfree(prep_password);
473+
419474
/*
420475
* Compare the verifier's Server Key with the one computed from the
421476
* user-supplied password.

‎src/common/Makefile

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,8 @@ override CPPFLAGS += -DVAL_LIBS="\"$(LIBS)\""
4242

4343
OBJS_COMMON = base64.o config_info.o controldata_utils.o exec.o ip.o\
4444
keywords.o md5.o pg_lzcompress.o pgfnames.o psprintf.o relpath.o\
45-
rmtree.o scram-common.o string.o username.o wait_error.o
45+
rmtree.o saslprep.o scram-common.o string.o unicode_norm.o\
46+
username.o wait_error.o
4647

4748
ifeq ($(with_openssl),yes)
4849
OBJS_COMMON += sha2_openssl.o

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp