diff options
author | Heikki Linnakangas <heikki.linnakangas@iki.fi> | 2016-10-18 16:28:23 +0300 |
---|---|---|
committer | Heikki Linnakangas <heikki.linnakangas@iki.fi> | 2016-10-18 16:28:23 +0300 |
commit | faae1c918e8aaae034eaf3ea103fcb6ba9adc5ab (patch) | |
tree | 4d2739ac51be02b6701d9d9c14e7e1058f8d5fe0 /src/backend/libpq/auth.c | |
parent | 7d3235ba42f8d5fc70c58e242702cc5e2e3549a6 (diff) | |
download | postgresql-faae1c918e8aaae034eaf3ea103fcb6ba9adc5ab.tar.gz postgresql-faae1c918e8aaae034eaf3ea103fcb6ba9adc5ab.zip |
Revert "Replace PostmasterRandom() with a stronger way of generating randomness."
This reverts commit 9e083fd4683294f41544e6d0d72f6e258ff3a77c. That was a
few bricks shy of a load:
* Query cancel stopped working
* Buildfarm member pademelon stopped working, because the box doesn't have
/dev/urandom nor /dev/random.
This clearly needs some more discussion, and a quite different patch, so
revert for now.
Diffstat (limited to 'src/backend/libpq/auth.c')
-rw-r--r-- | src/backend/libpq/auth.c | 27 |
1 files changed, 4 insertions, 23 deletions
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index 44b2212b1da..0ba85301149 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -45,12 +45,6 @@ static void auth_failed(Port *port, int status, char *logdetail); static char *recv_password_packet(Port *port); static int recv_and_check_password_packet(Port *port, char **logdetail); -/*---------------------------------------------------------------- - * MD5 authentication - *---------------------------------------------------------------- - */ -static int CheckMD5Auth(Port *port, char **logdetail); - /*---------------------------------------------------------------- * Ident authentication @@ -541,7 +535,9 @@ ClientAuthentication(Port *port) ereport(FATAL, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), errmsg("MD5 authentication is not supported when \"db_user_namespace\" is enabled"))); - status = CheckMD5Auth(port, &logdetail); + /* include the salt to use for computing the response */ + sendAuthRequest(port, AUTH_REQ_MD5, port->md5Salt, 4); + status = recv_and_check_password_packet(port, &logdetail); break; case uaPassword: @@ -696,25 +692,10 @@ recv_password_packet(Port *port) /*---------------------------------------------------------------- - * MD5 and password authentication + * MD5 authentication *---------------------------------------------------------------- */ -static int -CheckMD5Auth(Port *port, char **logdetail) -{ - /* include the salt to use for computing the response */ - if (!pg_strong_random(port->md5Salt, sizeof(port->md5Salt))) - { - *logdetail = psprintf(_("Could not generate random salt")); - return STATUS_ERROR; - } - - sendAuthRequest(port, AUTH_REQ_MD5, port->md5Salt, 4); - return recv_and_check_password_packet(port, logdetail); -} - - /* * Called when we have sent an authorization request for a password. * Get the response and check it. |