conversion of basic ASCII letters. Remove all uses of strcasecmp and
strncasecmp in favor of new functions pg_strcasecmp and pg_strncasecmp;
remove most but not all direct uses of toupper and tolower in favor of
pg_toupper and pg_tolower. These functions use the same notions of
case folding already developed for identifier case conversion. I left
the straight locale-based folding in place for situations where we are
just manipulating user data and not trying to match it to built-in
strings --- for example, the SQL upper() function is still locale
dependent. Perhaps this will prove not to be what's wanted, but at
the moment we can initdb and pass regression tests in Turkish locale.
only remnant of this failed experiment is that the server will take
SET AUTOCOMMIT TO ON. Still TODO: provide some client-side autocommit
logic in libpq.
is pgcrypto bug as it assumed too much about inner workings of OpenSSL.
Following patch stops pgcrypto using EVP* functions for ciphers and lets
it manage ciphers itself.
This patch supports Blowfish, DES and CAST5 algorithms.
Marko Kreen
Create objects in public schema.
Make spacing/capitalization consistent.
Remove transaction block use for object creation.
Remove unneeded function GRANTs.
o Change all current CVS messages of NOTICE to WARNING. We were going
to do this just before 7.3 beta but it has to be done now, as you will
see below.
o Change current INFO messages that should be controlled by
client_min_messages to NOTICE.
o Force remaining INFO messages, like from EXPLAIN, VACUUM VERBOSE, etc.
to always go to the client.
o Remove INFO from the client_min_messages options and add NOTICE.
Seems we do need three non-ERROR elog levels to handle the various
behaviors we need for these messages.
Regression passed.
Marko Kreen says:
This is so obvious that I would like to make it 'official'.
Seems like the theology around bytea<>text casting kept me from
seeing the simple :)
wrote:
> > > Just testing pgcrypto on freebsd/alpha. I get some warnings:
> > They should be harmless, although I should fix them.
>
> The actual code is:
>
> if ((dlen & 15) || (((unsigned) res) & 3))
> return -1;
> Hard to imagine how (uint *) & 3 makes any sense, unless res isn't
> always a (uint8 *). Is that true?
At some point it was casted to (uint32*) so I wanted to be sure its ok.
ATM its pointless. Please apply the following patch.
--
marko
produces garbage.
I learned the hard way that
#if UNDEFINED_1 == UNDEFINED_2
#error "gcc is idiot"
#endif
prints "gcc is idiot" ...
Affected are MD5/SHA1 in internal library, and also HMAC-MD5/HMAC-SHA1/
crypt-md5 which use them. Blowfish is ok, also Rijndael on at
least x86.
Big thanks to Daniel Holtzman who send me a build log which
contained warning:
md5.c:246: warning: `X' defined but not used
Yes, gcc is that helpful...
Please apply this.
--
marko
failures on FreeBSD. This patch replaces uint -> unsigned.
This was reported by Daniel Holtzman against 0.4pre3 standalone
package, but it needs fixing in contrib/pgcrypto too.
Marko Kreen
these macros fail in if/else cases:
#define X \
{ \
... \
}
{
if (...)
X;
else
...
}
with proper setup:
#define X \
do { \
... \
} while (0)
it works fine.
Converted pgcrypto one too.
* Changed default randomness source to libc random()
That way pgcrypto does not have any external dependencies
and should work everywhere.
* Re-enabled pgcrypto build in contrib/makefile
* contrib/README update - there is more stuff than
only 'hash functions'
* Noted the libc random fact in README.pgcrypto
Marko Kreen
salt generation code. He also urged using better random source
and making possible to choose using bcrypt and xdes rounds more
easily. So, here's patch:
* For all salt generation, use Solar Designer's own code. This
is mostly due fact that his code is more fit for get_random_bytes()
style interface.
* New function: gen_salt(type, rounds). This lets specify iteration
count for algorithm.
* random.c: px_get_random_bytes() function.
Supported randomness soure: /dev/urandom, OpenSSL PRNG, libc random()
Default: /dev/urandom.
* Draft description of C API for pgcrypto functions.
New files: API, crypt-gensalt.c, random.c
Marko Kreen
under libdir, for a cleaner separation in the installation layout
and compatibility with binary packaging standards. Point backend's
default search location there. The contrib modules are also
installed in the said location, giving them the benefit of the
default search path as well. No changes in user interface
nevertheless.
* remove support for encode() as it is in main tree now
* remove krb5.c
* new 'PX library' architecture
* remove BSD license from my code to let the general
PostgreSQL one to apply
* md5, sha1: ANSIfy, use const where appropriate
* various other formatting and clarity changes
* hmac()
* UN*X-like crypt() - system or internal crypt
* Internal crypt: DES, Extended DES, MD5, Blowfish
crypt-des.c, crypt-md5.c from FreeBSD
crypt-blowfish.c from Solar Designer
* gen_salt() for crypt() - Blowfish, MD5, DES, Extended DES
* encrypt(), decrypt(), encrypt_iv(), decrypt_iv()
* Cipher support in mhash.c, openssl.c
* internal: Blowfish, Rijndael-128 ciphers
* blf.[ch], rijndael.[ch] from OpenBSD
* there will be generated file rijndael-tbl.inc.
Marko Kreen
Cygwin with the possible exception of mSQL-interface. Since I don't
have mSQL installed, I skipped this tool.
Except for dealing with a missing getopt.h (oid2name) and HUGE (seg),
the bulk of the patch uses the standard PostgreSQL approach to deal with
Windows DLL issues.
I tested the build aspect of this patch under Cygwin and Linux without
any ill affects. Note that I did not actually attempt to test the code
for functionality.
The procedure to apply the patch is as follows:
$ # save the attachment as /tmp/contrib.patch
$ # change directory to the top of the PostgreSQL source tree
$ patch -p0 </tmp/contrib.patch
Jason
> Postgres 7.1.0), and I think I've found a bug.
>
> I compiled Pgcrypto with OpenSSL, using gcc 2.95.4 and
> OpenSSL 0.9.6a (the latest Debian 'unstable' packages).
> web=> select encode(digest('blah', 'sha1'), 'base64');
> FATAL 1: pg_encode: overflow, encode estimate too small
> pqReadData() -- backend closed the channel unexpectedly.
> This probably means the backend terminated abnormally
> before or while processing the request.
> The connection to the server was lost. Attempting reset: Succeeded.
> Is this a bug? Can it be fixed?
This is a bug alright. And a silly one :)
Marko Kreen
