This breaks compatibility with pre-7.2 versions.
-
+
Client Authentication
-
- crypt
-
-
- This option is recommended only for communicating with pre-7.2
- clients.
-
-
- Require the client to supply a crypt()-encrypted
- password for authentication.
- md5 is now recommended over crypt.
- See for details.
-
-
-
-
password
-
-
authentication
The password-based authentication methods are md5,
- crypt, and password. These methods operate
+ and password. These methods operate
similarly except for the way that the password is sent across the
- connection: respectively, MD5-hashed, crypt-encrypted, and clear-text.
- A limitation is that the crypt method does not work with
- passwords that have been encrypted in pg_authid.
+ connection: respectively, MD5-hashed and clear-text.
If you are at all concerned about password
- sniffing attacks then md5 is preferred, with
- crypt to be used only if you must support pre-7.2
- clients. Plain password should be avoided especially for
- connections over the open Internet (unless you use
SSL,
- communications security wrapper around the connection).
+ sniffing attacks then md5 is preferred.
+ Plain password should always be avoided if possible.
-
+
Frontend/Backend Protocol
-
- AuthenticationCryptPassword
-
- The frontend must now send a PasswordMessage containing the
- password encrypted via crypt(3), using the 2-character salt
- specified in the AuthenticationCryptPassword message. If
- this is the correct password, the server responds with an
- AuthenticationOk, otherwise it responds with an ErrorResponse.
-
-
-
-
AuthenticationMD5Password
-
-
-AuthenticationCryptPassword (B)
-
-
-
-
-
-
- Byte1('R')
-
-
- Identifies the message as an authentication request.
-
-
-
-
-
- Int32(10)
-
-
- Length of message contents in bytes, including self.
-
-
-
-
-
- Int32(4)
-
-
- Specifies that a crypt()-encrypted password is required.
-
-
-
-
-
- Byte2
-
-
- The salt to use when encrypting the password.
-
-
-
-
-
-
-
-
-
-
AuthenticationMD5Password (B)
-
+
Database Roles and Privileges
A password is only significant if the client authentication
method requires the user to supply a password when connecting
- to the database. The
-
+ to the database. The
+
make use of passwords. Database passwords are separate from
operating system passwords. Specify a password upon role
creation with CREATE ROLE
*
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.169 2008/10/23 13:31:10 mha Exp $
+ * $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.170 2008/10/28 12:10:43 mha Exp $
*
*-------------------------------------------------------------------------
*/
errstr = gettext_noop("Ident authentication failed for user \"%s\"");
break;
case uaMD5:
- case uaCrypt:
case uaPassword:
errstr = gettext_noop("password authentication failed for user \"%s\"");
break;
status = recv_and_check_password_packet(port);
break;
- case uaCrypt:
- sendAuthRequest(port, AUTH_REQ_CRYPT);
- status = recv_and_check_password_packet(port);
- break;
-
case uaPassword:
sendAuthRequest(port, AUTH_REQ_PASSWORD);
status = recv_and_check_password_packet(port);
/* Add the salt for encrypted passwords. */
if (areq == AUTH_REQ_MD5)
pq_sendbytes(&buf, port->md5Salt, 4);
- else if (areq == AUTH_REQ_CRYPT)
- pq_sendbytes(&buf, port->cryptSalt, 2);
#if defined(ENABLE_GSS) || defined(ENABLE_SSPI)
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/backend/libpq/crypt.c,v 1.75 2008/09/15 12:32:56 mha Exp $
+ * $PostgreSQL: pgsql/src/backend/libpq/crypt.c,v 1.76 2008/10/28 12:10:43 mha Exp $
*
*-------------------------------------------------------------------------
*/
if (shadow_pass == NULL || *shadow_pass == '\0')
return STATUS_ERROR;
- /* We can't do crypt with MD5 passwords */
- if (isMD5(shadow_pass) && port->hba->auth_method == uaCrypt)
- {
- ereport(LOG,
- (errmsg("cannot use authentication method \"crypt\" because password is MD5-encrypted")));
- return STATUS_ERROR;
- }
-
/*
* Compare with the encrypted or plain password depending on the
* authentication method being used for this connection.
pfree(crypt_pwd2);
}
break;
- case uaCrypt:
- {
- char salt[3];
-
- strlcpy(salt, port->cryptSalt, sizeof(salt));
- crypt_pwd = crypt(shadow_pass, salt);
- break;
- }
default:
if (isMD5(shadow_pass))
{
*
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.171 2008/10/27 20:04:45 mha Exp $
+ * $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.172 2008/10/28 12:10:43 mha Exp $
*
*-------------------------------------------------------------------------
*/
parsedline->auth_method = uaReject;
else if (strcmp(token, "md5") == 0)
parsedline->auth_method = uaMD5;
- else if (strcmp(token, "crypt") == 0)
- parsedline->auth_method = uaCrypt;
else if (strcmp(token, "pam") == 0)
#ifdef USE_PAM
parsedline->auth_method = uaPAM;
*
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.565 2008/09/23 20:35:38 momjian Exp $
+ * $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.566 2008/10/28 12:10:43 mha Exp $
*
* NOTES
*
static void report_fork_failure_to_client(Port *port, int errnum);
static enum CAC_state canAcceptConnections(void);
static long PostmasterRandom(void);
-static void RandomSalt(char *cryptSalt, char *md5Salt);
+static void RandomSalt(char *md5Salt);
static void signal_child(pid_t pid, int signal);
static void SignalSomeChildren(int signal, bool only_autovac);
* fork, not after. Else the postmaster's random sequence won't get
* advanced, and all backends would end up using the same salt...
*/
- RandomSalt(port->cryptSalt, port->md5Salt);
+ RandomSalt(port->md5Salt);
}
/*
{
}
-
-/*
- * CharRemap: given an int in range 0..61, produce textual encoding of it
- * per crypt(3) conventions.
- */
-static char
-CharRemap(long ch)
-{
- if (ch < 0)
- ch = -ch;
- ch = ch % 62;
-
- if (ch < 26)
- return 'A' + ch;
-
- ch -= 26;
- if (ch < 26)
- return 'a' + ch;
-
- ch -= 26;
- return '0' + ch;
-}
-
/*
* RandomSalt
*/
static void
-RandomSalt(char *cryptSalt, char *md5Salt)
+RandomSalt(char *md5Salt)
{
- long rand = PostmasterRandom();
-
- cryptSalt[0] = CharRemap(rand % 62);
- cryptSalt[1] = CharRemap(rand / 62);
+ long rand;
/*
- * It's okay to reuse the first random value for one of the MD5 salt
- * bytes, since only one of the two salts will be sent to the client.
- * After that we need to compute more random bits.
- *
* We use % 255, sacrificing one possible byte value, so as to ensure that
* all bits of the random() value participate in the result. While at it,
* add one to avoid generating any null bytes.
*/
+ rand = PostmasterRandom();
md5Salt[0] = (rand % 255) + 1;
rand = PostmasterRandom();
md5Salt[1] = (rand % 255) + 1;
* Interface to hba.c
*
*
- * $PostgreSQL: pgsql/src/include/libpq/hba.h,v 1.50 2008/10/23 13:31:10 mha Exp $
+ * $PostgreSQL: pgsql/src/include/libpq/hba.h,v 1.51 2008/10/28 12:10:44 mha Exp $
*
*-------------------------------------------------------------------------
*/
uaTrust,
uaIdent,
uaPassword,
- uaCrypt,
uaMD5,
uaGSS,
uaSSPI,
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/include/libpq/libpq-be.h,v 1.67 2008/09/15 12:32:57 mha Exp $
+ * $PostgreSQL: pgsql/src/include/libpq/libpq-be.h,v 1.68 2008/10/28 12:10:44 mha Exp $
*
*-------------------------------------------------------------------------
*/
*/
HbaLine *hba;
char md5Salt[4]; /* Password salt */
- char cryptSalt[2]; /* Password salt */
/*
* Information that really has no business at all being in struct Port,
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/include/libpq/pqcomm.h,v 1.108 2008/01/01 19:45:58 momjian Exp $
+ * $PostgreSQL: pgsql/src/include/libpq/pqcomm.h,v 1.109 2008/10/28 12:10:44 mha Exp $
*
*-------------------------------------------------------------------------
*/
#define AUTH_REQ_KRB4 1 /* Kerberos V4. Not supported any more. */
#define AUTH_REQ_KRB5 2 /* Kerberos V5 */
#define AUTH_REQ_PASSWORD 3 /* Password */
-#define AUTH_REQ_CRYPT 4 /* crypt password */
+#define AUTH_REQ_CRYPT 4 /* crypt password. Not supported any more. */
#define AUTH_REQ_MD5 5 /* md5 password */
#define AUTH_REQ_SCM_CREDS 6 /* transfer SCM credentials */
#define AUTH_REQ_GSS 7 /* GSSAPI without wrap() */
* Portions Copyright (c) 1994, Regents of the University of California
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.137 2008/01/31 18:58:30 tgl Exp $
+ * $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.138 2008/10/28 12:10:44 mha Exp $
*
*-------------------------------------------------------------------------
*/
#endif
-#ifdef HAVE_CRYPT_H
-#include
-#endif
-
#include "libpq-fe.h"
#include "fe-auth.h"
#include "libpq/md5.h"
}
break;
}
- case AUTH_REQ_CRYPT:
- {
- char salt[3];
-
- strlcpy(salt, conn->cryptSalt, sizeof(salt));
- crypt_pwd = crypt(password, salt);
- break;
- }
case AUTH_REQ_PASSWORD:
/* discard const so we can assign it */
crypt_pwd = (char *) password;
#endif
- case AUTH_REQ_MD5:
case AUTH_REQ_CRYPT:
+ printfPQExpBuffer(&conn->errorMessage,
+ libpq_gettext("Crypt authentication not supported\n"));
+ return STATUS_ERROR;
+
+ case AUTH_REQ_MD5:
case AUTH_REQ_PASSWORD:
conn->password_needed = true;
if (conn->pgpass == NULL || conn->pgpass[0] == '\0')
*
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.364 2008/10/27 09:42:31 mha Exp $
+ * $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.365 2008/10/28 12:10:44 mha Exp $
*
*-------------------------------------------------------------------------
*/
return PGRES_POLLING_READING;
}
}
- if (areq == AUTH_REQ_CRYPT)
- {
- if (pqGetnchar(conn->cryptSalt,
- sizeof(conn->cryptSalt), conn))
- {
- /* We'll come back when there are more data */
- return PGRES_POLLING_READING;
- }
- }
#if defined(ENABLE_GSS) || defined(ENABLE_SSPI)
/*
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/interfaces/libpq/libpq-int.h,v 1.135 2008/10/27 09:42:31 mha Exp $
+ * $PostgreSQL: pgsql/src/interfaces/libpq/libpq-int.h,v 1.136 2008/10/28 12:10:44 mha Exp $
*
*-------------------------------------------------------------------------
*/
int be_pid; /* PID of backend --- needed for cancels */
int be_key; /* key of backend --- needed for cancels */
char md5Salt[4]; /* password salt received from backend */
- char cryptSalt[2]; /* password salt received from backend */
pgParameterStatus *pstatus; /* ParameterStatus data */
int client_encoding; /* encoding id */
bool std_strings; /* standard_conforming_strings */
projects / postgresql.git / commitdiff