diff options
| author | Heikki Linnakangas <heikki.linnakangas@iki.fi> | 2016-10-17 11:52:50 +0300 |
|---|---|---|
| committer | Heikki Linnakangas <heikki.linnakangas@iki.fi> | 2016-10-17 11:52:50 +0300 |
| commit | 9e083fd4683294f41544e6d0d72f6e258ff3a77c (patch) | |
| tree | bbacc73b0c4a29a0d7b62d3c5a7bb4583d592ad1 /src/backend/libpq/auth.c | |
| parent | 5dfc198146b49ce7ecc8a1fc9d5e171fb75f6ba5 (diff) | |
| download | postgresql-9e083fd4683294f41544e6d0d72f6e258ff3a77c.tar.gz postgresql-9e083fd4683294f41544e6d0d72f6e258ff3a77c.zip | |
Replace PostmasterRandom() with a stronger way of generating randomness.
This adds a new routine, pg_strong_random() for generating random bytes,
for use in both frontend and backend. At the moment, it's only used in
the backend, but the upcoming SCRAM authentication patches need strong
random numbers in libpq as well.
pg_strong_random() is based on, and replaces, the existing implementation
in pgcrypto. It can acquire strong random numbers from a number of sources,
depending on what's available:
- OpenSSL RAND_bytes(), if built with OpenSSL
- On Windows, the native cryptographic functions are used
- /dev/urandom
- /dev/random
Original patch by Magnus Hagander, with further work by Michael Paquier
and me.
Discussion: <CAB7nPqRy3krN8quR9XujMVVHYtXJ0_60nqgVc6oUk8ygyVkZsA@mail.gmail.com>
Diffstat (limited to 'src/backend/libpq/auth.c')
| -rw-r--r-- | src/backend/libpq/auth.c | 27 |
1 files changed, 23 insertions, 4 deletions
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index 0ba85301149..44b2212b1da 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -45,6 +45,12 @@ static void auth_failed(Port *port, int status, char *logdetail); static char *recv_password_packet(Port *port); static int recv_and_check_password_packet(Port *port, char **logdetail); +/*---------------------------------------------------------------- + * MD5 authentication + *---------------------------------------------------------------- + */ +static int CheckMD5Auth(Port *port, char **logdetail); + /*---------------------------------------------------------------- * Ident authentication @@ -535,9 +541,7 @@ ClientAuthentication(Port *port) ereport(FATAL, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), errmsg("MD5 authentication is not supported when \"db_user_namespace\" is enabled"))); - /* include the salt to use for computing the response */ - sendAuthRequest(port, AUTH_REQ_MD5, port->md5Salt, 4); - status = recv_and_check_password_packet(port, &logdetail); + status = CheckMD5Auth(port, &logdetail); break; case uaPassword: @@ -692,10 +696,25 @@ recv_password_packet(Port *port) /*---------------------------------------------------------------- - * MD5 authentication + * MD5 and password authentication *---------------------------------------------------------------- */ +static int +CheckMD5Auth(Port *port, char **logdetail) +{ + /* include the salt to use for computing the response */ + if (!pg_strong_random(port->md5Salt, sizeof(port->md5Salt))) + { + *logdetail = psprintf(_("Could not generate random salt")); + return STATUS_ERROR; + } + + sendAuthRequest(port, AUTH_REQ_MD5, port->md5Salt, 4); + return recv_and_check_password_packet(port, logdetail); +} + + /* * Called when we have sent an authorization request for a password. * Get the response and check it. |