mirror of
https://github.com/postgres/postgres.git
synced 2025-05-24 00:03:23 -04:00
e7f051b8f9
Split md5_crypt_verify() into three functions: * get_role_password() to fetch user's password from pg_authid, and check its expiration. * md5_crypt_verify() to check an MD5 authentication challenge * plain_crypt_verify() to check a plaintext password. get_role_password() will be needed as a separate function by the upcoming SCRAM authentication patch set. Most of the remaining functionality in md5_crypt_verify() was different for MD5 and plaintext authentication, so split that for readability. While we're at it, simplify the *_crypt_verify functions by using stack-allocated buffers to hold the temporary MD5 hashes, instead of pallocing. Reviewed by Michael Paquier. Discussion: https://www.postgresql.org/message-id/3029e460-d47c-710e-507e-d8ba759d7cbb@iki.fi
27 lines
841 B
C
27 lines
841 B
C
/*-------------------------------------------------------------------------
|
|
*
|
|
* crypt.h
|
|
* Interface to libpq/crypt.c
|
|
*
|
|
* Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
|
*
|
|
* src/include/libpq/crypt.h
|
|
*
|
|
*-------------------------------------------------------------------------
|
|
*/
|
|
#ifndef PG_CRYPT_H
|
|
#define PG_CRYPT_H
|
|
|
|
#include "datatype/timestamp.h"
|
|
|
|
extern int get_role_password(const char *role, char **shadow_pass, char **logdetail);
|
|
|
|
extern int md5_crypt_verify(const char *role, const char *shadow_pass,
|
|
const char *client_pass, const char *md5_salt,
|
|
int md5_salt_len, char **logdetail);
|
|
extern int plain_crypt_verify(const char *role, const char *shadow_pass,
|
|
const char *client_pass, char **logdetail);
|
|
|
|
#endif
|