Use MD5 for wire protocol encryption for >= 7.2 client/server.

Allow pg_shadow to be MD5 encrypted. Add ENCRYPTED/UNENCRYPTED option to CREATE/ALTER user. Add password_encryption postgresql.conf option. Update wire protocol version to 2.1.
author: Bruce Momjian 2001-08-15 18:42:16 +0000
committer: Bruce Momjian 2001-08-15 18:42:16 +0000
commit: 38bb1abcda9119957e836f731a1cfea6d2079499 (patch)
tree: 8f61d7b57cc171d8307a81dc7c4b7a382be58f43 /src/interfaces
parent: 397f65d102b7f9998411f2a8c2d1c66dfe712320 (diff)
7 files changed, 76 insertions, 29 deletions
diff --git a/src/interfaces/libpq/Makefile b/src/interfaces/libpq/Makefile
index 91759e9786d..73507a15b34 100644
--- a/src/interfaces/libpq/Makefile
+++ b/src/interfaces/libpq/Makefile
@@ -4,7 +4,7 @@
 #
 # Copyright (c) 1994, Regents of the University of California
 #
-# $Header: /cvsroot/pgsql/src/interfaces/libpq/Makefile,v 1.53 2001/07/15 13:45:04 petere Exp $
+# $Header: /cvsroot/pgsql/src/interfaces/libpq/Makefile,v 1.54 2001/08/15 18:42:15 momjian Exp $
 #
 #-------------------------------------------------------------------------
 
@@ -20,7 +20,7 @@ SO_MINOR_VERSION= 2
 override CPPFLAGS := -I$(srcdir) $(CPPFLAGS) -DFRONTEND -DSYSCONFDIR='"$(sysconfdir)"'
 
 OBJS= fe-auth.o fe-connect.o fe-exec.o fe-misc.o fe-print.o fe-lobj.o \
-      pqexpbuffer.o dllist.o pqsignal.o \
+      pqexpbuffer.o dllist.o md5.o pqsignal.o \
       $(INET_ATON) $(SNPRINTF) $(STRERROR)
 
 ifdef MULTIBYTE
@@ -33,7 +33,7 @@ endif
 SHLIB_LINK += $(filter -L%, $(LDFLAGS)) $(filter -lcrypt -ldes -lkrb -lcom_err -lcrypto -lk5crypto -lkrb5 -lssl -lsocket -lnsl -lresolv -lintl, $(LIBS))
 
 
-all: all-lib
+all: md5.c md5.h all-lib
 
 # Shared library stuff
 include $(top_srcdir)/src/Makefile.shlib
@@ -49,6 +49,12 @@ backend_src = $(top_srcdir)/src/backend
 dllist.c: $(backend_src)/lib/dllist.c
 	rm -f $@ && $(LN_S) $< .
 
+md5.c: $(backend_src)/libpq/md5.c
+	rm -f $@ && $(LN_S) $< .
+
+md5.h: $(backend_src)/../include/libpq/md5.h
+	rm -f $@ && $(LN_S) $< .
+
 # this only gets done if configure finds system doesn't have inet_aton()
 inet_aton.c: $(backend_src)/port/inet_aton.c
 	rm -f $@ && $(LN_S) $< .
@@ -82,7 +88,7 @@ uninstall: uninstall-lib
 	rm -f $(addprefix $(DESTDIR)$(includedir)/, libpq-fe.h libpq-int.h pqexpbuffer.h)
 
 clean distclean maintainer-clean: clean-lib
-	rm -f $(OBJS) dllist.c wchar.c
+	rm -f $(OBJS) dllist.c md5.c md5.h wchar.c
 	rm -f $(OBJS) inet_aton.c snprintf.c strerror.c
 
 depend dep:
diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c
index d8b27c37729..6f874c485bb 100644
--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -10,7 +10,7 @@
  * exceed INITIAL_EXPBUFFER_SIZE (currently 256 bytes).
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.48 2001/07/15 13:45:04 petere Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.49 2001/08/15 18:42:15 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -33,6 +33,7 @@
 #include "libpq-fe.h"
 #include "libpq-int.h"
 #include "fe-auth.h"
+#include "md5.h"
 
 #ifdef WIN32
 #include "win32.h"
@@ -434,12 +435,52 @@ pg_krb5_sendauth(char *PQerrormsg, int sock,
 static int
 pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
 {
+	int ret;
+	char *crypt_pwd;
+
 	/* Encrypt the password if needed. */
 
-	if (areq == AUTH_REQ_CRYPT)
-		password = crypt(password, conn->salt);
+	switch (areq)
+	{
+		case AUTH_REQ_CRYPT:
+			crypt_pwd = crypt(password, conn->salt);
+			break;
+		case AUTH_REQ_MD5:
+			{
+				char *crypt_pwd2;
+
+				if (!(crypt_pwd = malloc(MD5_PASSWD_LEN+1)) ||
+					!(crypt_pwd2 = malloc(MD5_PASSWD_LEN+1)))
+				{
+					perror("malloc");
+					return STATUS_ERROR;
+				}
+				if (!EncryptMD5(password, conn->pguser, crypt_pwd2))
+				{
+					free(crypt_pwd);
+					free(crypt_pwd2);
+					return STATUS_ERROR;
+				}
+				if (!EncryptMD5(crypt_pwd2 + strlen("md5"), conn->salt,
+								crypt_pwd))
+				{
+					free(crypt_pwd);
+					free(crypt_pwd2);
+					return STATUS_ERROR;
+				}
+				free(crypt_pwd2);
+				break;
+			}
+		default:
+			/* discard const so we can assign it */
+			crypt_pwd = (char *)password;
+			break;
+	}
 
-	return pqPacketSend(conn, password, strlen(password) + 1);
+	ret = pqPacketSend(conn, crypt_pwd, strlen(crypt_pwd) + 1);
+	if (areq == AUTH_REQ_MD5)
+		free(crypt_pwd);
+	return ret;
 }
 
 /*
@@ -494,6 +535,7 @@ fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
 
 		case AUTH_REQ_PASSWORD:
 		case AUTH_REQ_CRYPT:
+		case AUTH_REQ_MD5:
 			if (password == NULL || *password == '\0')
 			{
 				(void) sprintf(PQerrormsg,
@@ -506,9 +548,7 @@ fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
 				 "fe_sendauth: error sending password authentication\n");
 				return STATUS_ERROR;
 			}
-
 			break;
-
 		default:
 			snprintf(PQerrormsg, PQERRORMSG_LENGTH,
 					 libpq_gettext("authentication method %u not supported\n"), areq);
diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
index 47f5d55c323..32983c53ad1 100644
--- a/src/interfaces/libpq/fe-connect.c
+++ b/src/interfaces/libpq/fe-connect.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.172 2001/08/03 22:11:39 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.173 2001/08/15 18:42:15 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -1341,7 +1341,7 @@ keep_going:						/* We will come back to here until there
 				}
 
 				/* Get the password salt if there is one. */
-				if (areq == AUTH_REQ_CRYPT)
+				if (areq == AUTH_REQ_CRYPT || areq == AUTH_REQ_MD5)
 				{
 					if (pqGetnchar(conn->salt, sizeof(conn->salt), conn))
 					{
@@ -1960,7 +1960,7 @@ static void
 closePGconn(PGconn *conn)
 {
 	/* Note that the protocol doesn't allow us to send Terminate
-       messages during the startup phase. */
+	   messages during the startup phase. */
 	if (conn->sock >= 0 && conn->status == CONNECTION_OK)
 	{
 
diff --git a/src/interfaces/libpq/fe-exec.c b/src/interfaces/libpq/fe-exec.c
index c512f6928c6..c5dfcd4210d 100644
--- a/src/interfaces/libpq/fe-exec.c
+++ b/src/interfaces/libpq/fe-exec.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-exec.c,v 1.105 2001/08/03 22:11:39 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-exec.c,v 1.106 2001/08/15 18:42:15 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -1269,7 +1269,6 @@ errout:
 static int
 getNotice(PGconn *conn)
 {
-
 	/*
 	 * Since the Notice might be pretty long, we create a temporary
 	 * PQExpBuffer rather than using conn->workBuffer.	workBuffer is
diff --git a/src/interfaces/libpq/libpq-int.h b/src/interfaces/libpq/libpq-int.h
index 5e90e492f12..a681e72beed 100644
--- a/src/interfaces/libpq/libpq-int.h
+++ b/src/interfaces/libpq/libpq-int.h
@@ -12,7 +12,7 @@
  * Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- * $Id: libpq-int.h,v 1.36 2001/07/15 13:45:04 petere Exp $
+ * $Id: libpq-int.h,v 1.37 2001/08/15 18:42:16 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -45,7 +45,7 @@
  * pqcomm.h describe what the backend knows, not what libpq knows.
  */
 
-#define PG_PROTOCOL_LIBPQ	PG_PROTOCOL(2,0)
+#define PG_PROTOCOL_LIBPQ	PG_PROTOCOL(2,1)
 
 /*
  * POSTGRES backend dependent Constants.
diff --git a/src/interfaces/odbc/connection.c b/src/interfaces/odbc/connection.c
index 90fc132b981..42196df9eed 100644
--- a/src/interfaces/odbc/connection.c
+++ b/src/interfaces/odbc/connection.c
@@ -677,7 +677,7 @@ CC_connect(ConnectionClass *self, char do_password)
 						mylog("auth got 'R'\n");
 
 						areq = SOCK_get_int(sock, 4);
-						if (areq == AUTH_REQ_CRYPT)
+						if (areq == AUTH_REQ_CRYPT || areq == AUTH_REQ_MD5)
 							SOCK_get_n_char(sock, salt, 2);
 
 						mylog("areq = %d\n", areq);
@@ -717,6 +717,7 @@ CC_connect(ConnectionClass *self, char do_password)
 							break;
 
 						case AUTH_REQ_CRYPT:
+						case AUTH_REQ_MD5:
 							self->errormsg = "Password crypt authentication not supported";
 							self->errornumber = CONN_AUTH_TYPE_UNSUPPORTED;
 							return 0;
@@ -1672,15 +1673,15 @@ CC_log_error(char *func, char *desc, ConnectionClass *self)
 
 int     CC_get_max_query_len(const ConnectionClass *conn)
 {
-        int     value;
-        /* Long Queries in 7.0+ */
-        if (PG_VERSION_GE(conn, 7.0))
-                value = 0 /* MAX_STATEMENT_LEN */;
-        /* Prior to 7.0 we used 2*BLCKSZ */
-        else if (PG_VERSION_GE(conn, 6.5))
-                value = (2 * BLCKSZ);
-        else
-                /* Prior to 6.5 we used BLCKSZ */
-                value = BLCKSZ;
-        return value;
+		int     value;
+		/* Long Queries in 7.0+ */
+		if (PG_VERSION_GE(conn, 7.0))
+				value = 0 /* MAX_STATEMENT_LEN */;
+		/* Prior to 7.0 we used 2*BLCKSZ */
+		else if (PG_VERSION_GE(conn, 6.5))
+				value = (2 * BLCKSZ);
+		else
+				/* Prior to 6.5 we used BLCKSZ */
+				value = BLCKSZ;
+		return value;
 }
diff --git a/src/interfaces/odbc/connection.h b/src/interfaces/odbc/connection.h
index d3eb8700b28..1038bf117ba 100644
--- a/src/interfaces/odbc/connection.h
+++ b/src/interfaces/odbc/connection.h
@@ -93,6 +93,7 @@ typedef enum
 #define AUTH_REQ_KRB5								2
 #define AUTH_REQ_PASSWORD							3
 #define AUTH_REQ_CRYPT								4
+#define AUTH_REQ_MD5								5
 
 /*	Startup Packet sizes */
 #define SM_DATABASE									64
author	Bruce Momjian	2001-08-15 18:42:16 +0000
committer	Bruce Momjian	2001-08-15 18:42:16 +0000
commit	38bb1abcda9119957e836f731a1cfea6d2079499 (patch)
tree	8f61d7b57cc171d8307a81dc7c4b7a382be58f43 /src/interfaces
parent	397f65d102b7f9998411f2a8c2d1c66dfe712320 (diff)