diff options
| author | Michael Paquier <michael@paquier.xyz> | 2022-01-14 11:25:39 +0900 |
|---|---|---|
| committer | Michael Paquier <michael@paquier.xyz> | 2022-01-14 11:25:39 +0900 |
| commit | ad5b6f248ab288c3252d8122d12a1eb410d4a0b6 (patch) | |
| tree | dd914d58c9e73ef85bad9978e7c249462374a404 /src/interfaces/libpq/fe-auth.c | |
| parent | 4aee39ddb8fa748a6beea2bc1b48882990c226a7 (diff) | |
| download | postgresql-ad5b6f248ab288c3252d8122d12a1eb410d4a0b6.tar.gz postgresql-ad5b6f248ab288c3252d8122d12a1eb410d4a0b6.zip | |
Revert error handling improvements for cryptohashes
This reverts commits ab27df2, af8d530 and 3a0cced, that introduced
pg_cryptohash_error(). In order to make the core code able to pass down
the new error types that this introduced, some of the MD5-related
routines had to be reworked, causing an ABI breakage, but we found that
some external extensions rely on them. Maintaining compatibility
outweights the error report benefits, so just revert the change in v14.
Reported-by: Laurenz Albe
Discussion: https://postgr.es/m/9f0c0a96d28cf14fc87296bbe67061c14eb53ae8.camel@cybertec.at
Diffstat (limited to 'src/interfaces/libpq/fe-auth.c')
| -rw-r--r-- | src/interfaces/libpq/fe-auth.c | 33 |
1 files changed, 8 insertions, 25 deletions
diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c index 5d0aaa8536b..e8062647e60 100644 --- a/src/interfaces/libpq/fe-auth.c +++ b/src/interfaces/libpq/fe-auth.c @@ -765,7 +765,6 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq) case AUTH_REQ_MD5: { char *crypt_pwd2; - const char *errstr = NULL; /* Allocate enough space for two MD5 hashes */ crypt_pwd = malloc(2 * (MD5_PASSWD_LEN + 1)); @@ -778,21 +777,14 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq) crypt_pwd2 = crypt_pwd + MD5_PASSWD_LEN + 1; if (!pg_md5_encrypt(password, conn->pguser, - strlen(conn->pguser), crypt_pwd2, - &errstr)) + strlen(conn->pguser), crypt_pwd2)) { - appendPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not encrypt password: %s\n"), - errstr); free(crypt_pwd); return STATUS_ERROR; } if (!pg_md5_encrypt(crypt_pwd2 + strlen("md5"), md5Salt, - 4, crypt_pwd, &errstr)) + 4, crypt_pwd)) { - appendPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not encrypt password: %s\n"), - errstr); free(crypt_pwd); return STATUS_ERROR; } @@ -1158,13 +1150,12 @@ char * PQencryptPassword(const char *passwd, const char *user) { char *crypt_pwd; - const char *errstr = NULL; crypt_pwd = malloc(MD5_PASSWD_LEN + 1); if (!crypt_pwd) return NULL; - if (!pg_md5_encrypt(passwd, user, strlen(user), crypt_pwd, &errstr)) + if (!pg_md5_encrypt(passwd, user, strlen(user), crypt_pwd)) { free(crypt_pwd); return NULL; @@ -1265,30 +1256,18 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user, if (strcmp(algorithm, "scram-sha-256") == 0) { crypt_pwd = pg_fe_scram_build_secret(passwd); - /* We assume the only possible failure is OOM */ - if (!crypt_pwd) - appendPQExpBufferStr(&conn->errorMessage, - libpq_gettext("out of memory\n")); } else if (strcmp(algorithm, "md5") == 0) { crypt_pwd = malloc(MD5_PASSWD_LEN + 1); if (crypt_pwd) { - const char *errstr = NULL; - - if (!pg_md5_encrypt(passwd, user, strlen(user), crypt_pwd, &errstr)) + if (!pg_md5_encrypt(passwd, user, strlen(user), crypt_pwd)) { - appendPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not encrypt password: %s\n"), - errstr); free(crypt_pwd); crypt_pwd = NULL; } } - else - appendPQExpBufferStr(&conn->errorMessage, - libpq_gettext("out of memory\n")); } else { @@ -1298,5 +1277,9 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user, return NULL; } + if (!crypt_pwd) + appendPQExpBufferStr(&conn->errorMessage, + libpq_gettext("out of memory\n")); + return crypt_pwd; } |