diff options
Diffstat (limited to 'src/backend/libpq/crypt.c')
| -rw-r--r-- | src/backend/libpq/crypt.c | 38 |
1 files changed, 21 insertions, 17 deletions
diff --git a/src/backend/libpq/crypt.c b/src/backend/libpq/crypt.c index 321603c1d8c..3fcad991a7e 100644 --- a/src/backend/libpq/crypt.c +++ b/src/backend/libpq/crypt.c @@ -34,7 +34,7 @@ * sent to the client, to avoid giving away user information! */ char * -get_role_password(const char *role, const char **logdetail) +get_role_password(const char *role, char **logdetail) { TimestampTz vuntil = 0; HeapTuple roleTup; @@ -116,7 +116,6 @@ encrypt_password(PasswordType target_type, const char *role, { PasswordType guessed_type = get_password_type(password); char *encrypted_password; - const char *errstr = NULL; if (guessed_type != PASSWORD_TYPE_PLAINTEXT) { @@ -133,8 +132,8 @@ encrypt_password(PasswordType target_type, const char *role, encrypted_password = palloc(MD5_PASSWD_LEN + 1); if (!pg_md5_encrypt(password, role, strlen(role), - encrypted_password, &errstr)) - elog(ERROR, "password encryption failed: %s", errstr); + encrypted_password)) + elog(ERROR, "password encryption failed"); return encrypted_password; case PASSWORD_TYPE_SCRAM_SHA_256: @@ -160,18 +159,17 @@ encrypt_password(PasswordType target_type, const char *role, * 'client_pass' is the response given by the remote user to the MD5 challenge. * 'md5_salt' is the salt used in the MD5 authentication challenge. * - * In the error case, save a string at *logdetail that will be sent to the - * postmaster log (but not the client). + * In the error case, optionally store a palloc'd string at *logdetail + * that will be sent to the postmaster log (but not the client). */ int md5_crypt_verify(const char *role, const char *shadow_pass, const char *client_pass, const char *md5_salt, int md5_salt_len, - const char **logdetail) + char **logdetail) { int retval; char crypt_pwd[MD5_PASSWD_LEN + 1]; - const char *errstr = NULL; Assert(md5_salt_len > 0); @@ -185,13 +183,16 @@ md5_crypt_verify(const char *role, const char *shadow_pass, /* * Compute the correct answer for the MD5 challenge. + * + * We do not bother setting logdetail for any pg_md5_encrypt failure + * below: the only possible error is out-of-memory, which is unlikely, and + * if it did happen adding a psprintf call would only make things worse. */ /* stored password already encrypted, only do salt */ if (!pg_md5_encrypt(shadow_pass + strlen("md5"), md5_salt, md5_salt_len, - crypt_pwd, &errstr)) + crypt_pwd)) { - *logdetail = errstr; return STATUS_ERROR; } @@ -214,16 +215,15 @@ md5_crypt_verify(const char *role, const char *shadow_pass, * pg_authid.rolpassword. * 'client_pass' is the password given by the remote user. * - * In the error case, store a string at *logdetail that will be sent to the - * postmaster log (but not the client). + * In the error case, optionally store a palloc'd string at *logdetail + * that will be sent to the postmaster log (but not the client). */ int plain_crypt_verify(const char *role, const char *shadow_pass, const char *client_pass, - const char **logdetail) + char **logdetail) { char crypt_client_pass[MD5_PASSWD_LEN + 1]; - const char *errstr = NULL; /* * Client sent password in plaintext. If we have an MD5 hash stored, hash @@ -251,10 +251,14 @@ plain_crypt_verify(const char *role, const char *shadow_pass, if (!pg_md5_encrypt(client_pass, role, strlen(role), - crypt_client_pass, - &errstr)) + crypt_client_pass)) { - *logdetail = errstr; + /* + * We do not bother setting logdetail for pg_md5_encrypt + * failure: the only possible error is out-of-memory, which is + * unlikely, and if it did happen adding a psprintf call would + * only make things worse. + */ return STATUS_ERROR; } if (strcmp(crypt_client_pass, shadow_pass) == 0) |