Commit Graph

79 Commits

Author SHA1 Message Date
Tom Lane
84d630eb24 Dept of second thoughts: don't expose rijndael.tbl: rijndael.c dependency
to make.  We ship the table file in the tarball and so this dependency
just opens file timestamp skew problems without doing anything useful.
(Not that it should hurt, either ... except for cross-compile builds.)
2005-07-05 23:18:44 +00:00
Tom Lane
c19aa704c8 Fix contrib/pgcrypto to autoconfigure for OpenSSL when --with-openssl
is used in the toplevel configure.  Per Marko Kreen.
2005-07-05 23:13:57 +00:00
Tom Lane
576ac4b8c9 Fix initialization bug in pgcrypto openssl code. Marko Kreen 2005-07-05 18:15:36 +00:00
Bruce Momjian
a3ff1aad5d Bruce, please apply this additional patch, that fixes the
auto-detection of AES.

Now openssl.c just checks OpenSSL version.  Whoever compiles
newer OpenSSL without AES is on his own.

Marko Kreen
2005-07-04 02:02:01 +00:00
Bruce Momjian
76eca0ec98 This patch allows contrib/pgcrypto to build with OpenSSL 0.9.8
(currently in beta) when cryptolib = openssl.  According to the
following checkin message from several years ago, OpenSSL application
developers should no longer rely on <openssl/evp.h> to include
everything they need:

http://cvs.openssl.org/chngview?cn=9888

This patch adds the necessary header files.  It doesn't appear to
break anything when building against OpenSSL 0.9.7.

BTW, core appears to build and work fine with OpenSSL 0.9.8.  I've
built 7.3 through HEAD against 0.9.8-beta6 without noticing any
problems.

Michael Fuhr
2005-07-03 02:32:56 +00:00
Bruce Momjian
b492c3accc Add parentheses to macros when args are used in computations. Without
them, the executation behavior could be unexpected.
2005-05-25 21:40:43 +00:00
Neil Conway
39e54e3208 Fix typos in documentation. 2005-05-03 03:10:01 +00:00
Neil Conway
6a8eb1a7b6 pgcrypto update:
* test error handling
* add tests for des, 3des, cast5
* add some tests to blowfish, rijndael
* Makefile: ability to specify different tests for different crypto
  libraries, so we can skip des, 3des and cast5 for builtin.

Marko Kreen
2005-03-21 05:24:52 +00:00
Neil Conway
19b676869a pgcrypto update:
Reserve px_get_random_bytes() for strong randomness,
add new function px_get_pseudo_random_bytes() for
weak randomness and use it in gen_salt().

On openssl case, use RAND_pseudo_bytes() for
px_get_pseudo_random_bytes().

Final result is that is user has not configured random
souce but kept the 'silly' one, gen_salt() keeps
working, but pgp_encrypt() will throw error.

Marko Kreen
2005-03-21 05:22:14 +00:00
Neil Conway
1ea9169b42 pgcrypto update:
* openssl.c: Add 3des and AES support
* README.pgcrypto: list only supported ciphers for openssl

OpenSSL has pre-processor symbol OPENSSL_NO_AES, which
isn't that helpful for detecting if it _does_ exist.
Thus the hack with AES_ENCRYPT.

Marko Kreen
2005-03-21 05:21:04 +00:00
Neil Conway
b160d6b9dc pgcrypto update:
* Use error codes instead of -1
* px_strerror for new error codes
* calling convention change for px_gen_salt - return error code
* use px_strerror in pgcrypto.c

Marko Kreen
2005-03-21 05:19:55 +00:00
Neil Conway
fa332a06ec * construct "struct {} list [] = {}" confuses pgindent - split those.
It was a bad style to begin with, and now several loops can be clearer.
* pgcrypto.c: Fix function comments
* crypt-gensalt.c, crypt-blowfish.c: stop messing with errno
* openssl.c: use px_free instead pfree
* px.h: make redefining px_alloc/px_realloc/px_free easier

Marko Kreen
2005-03-21 05:18:46 +00:00
Neil Conway
3cc8661232 Remove support for libmhash/libmcrypt.
libmcrypt seems to dead, maintainer address bounces,
and cast-128 fails on 2 of the 3 test vectors from RFC2144.

So I see no reason to keep around stuff I don't trust
anymore.

Support for several crypto libraries is probably only
confusing to users, although it was good for initial
developing - it helped to find hidden assumptions and
forced me to create regression tests for all functionality.

Marko Kreen
2005-03-21 05:17:16 +00:00
Neil Conway
919594f3e2 Some builds (depends on crypto engine support?) of OpenSSL
0.9.7x have EVP_DigestFinal function which which clears all of
EVP_MD_CTX.  This makes pgcrypto crash in functions which
re-use one digest context several times: hmac() and crypt()
with md5 algorithm.

Following patch fixes it by carring the digest info around
EVP_DigestFinal and re-initializing cipher.

Marko Kreen.
2005-03-12 06:53:54 +00:00
Neil Conway
dec2c77c1f Prevent pgcrypto from successfully compiling if no valid random source
has been defined. Previously, pgcrypto would compile but would be
unusable.
2004-11-23 23:44:08 +00:00
Tom Lane
f1283ed6cc Fix a bunch of 'old-style parameter declaration' warnings induced by
writing 'foo()' rather than 'foo(void)'.
2004-10-25 02:15:02 +00:00
Neil Conway
125bb6cee4 Pickup fix from upstream OpenBSD sources: mark a read-only local array as
"static" to reduce size of generated code slightly.
2004-10-05 00:14:45 +00:00
Tom Lane
bf06825e31 Win32 compile fixes for pgbench, pgcrypto, and tsearch.
Claudio Natoli
2004-09-14 03:39:55 +00:00
Tom Lane
b83e592671 Replace bcopy by memmove for more portability. 2004-08-29 16:43:05 +00:00
Bruce Momjian
ee85595d46 > Please find enclose a submission to fix these problems.
>
> The patch adds missing the "libpgport.a" file to the installation under
> "install-all-headers". It is needed by some contribs. I install the
> library in "pkglibdir", but I was wondering whether it should be "libdir"?
> I was wondering also whether it would make sense to have a "libpgport.so"?
>
> It fixes various macros which are used by contrib makefiles, especially
> libpq_*dir and LDFLAGS when used under PGXS. It seems to me that they are
> needed to
>
> It adds the ability to test and use PGXS with contribs, with "make
> USE_PGXS=1". Without the macro, this is exactly as before, there should be
> no difference, esp. wrt the vpath feature that seemed broken by previous
> submission. So it should not harm anybody, and it is useful at least to me.
>
> It fixes some inconsistencies in various contrib makefiles
> (useless override, ":=" instead of "=").

Fabien COELHO
2004-08-20 20:13:10 +00:00
Tom Lane
0bd61548ab Solve the 'Turkish problem' with undesirable locale behavior for case
conversion of basic ASCII letters.  Remove all uses of strcasecmp and
strncasecmp in favor of new functions pg_strcasecmp and pg_strncasecmp;
remove most but not all direct uses of toupper and tolower in favor of
pg_toupper and pg_tolower.  These functions use the same notions of
case folding already developed for identifier case conversion.  I left
the straight locale-based folding in place for situations where we are
just manipulating user data and not trying to match it to built-in
strings --- for example, the SQL upper() function is still locale
dependent.  Perhaps this will prove not to be what's wanted, but at
the moment we can initdb and pass regression tests in Turkish locale.
2004-05-07 00:24:59 +00:00
PostgreSQL Daemon
55b113257c make sure the $Id tags are converted to $PostgreSQL as well ... 2003-11-29 22:41:33 +00:00
PostgreSQL Daemon
969685ad44 $Header: -> $PostgreSQL Changes ... 2003-11-29 19:52:15 +00:00
Bruce Momjian
089003fb46 pgindent run. 2003-08-04 00:43:34 +00:00
Tom Lane
8fd5b3ed67 Error message editing in contrib (mostly by Joe Conway --- thanks Joe!) 2003-07-24 17:52:50 +00:00
Tom Lane
78b08584b4 Fix various recent build and regression-test problems in contrib/.
Includes fixes from Joe Conway.
2003-05-14 03:27:22 +00:00
Tom Lane
f85f43dfb5 Backend support for autocommit removed, per recent discussions. The
only remnant of this failed experiment is that the server will take
SET AUTOCOMMIT TO ON.  Still TODO: provide some client-side autocommit
logic in libpq.
2003-05-14 03:26:03 +00:00
Tom Lane
e4704001ea This patch fixes a bunch of spelling mistakes in comments throughout the
PostgreSQL source code.

Neil Conway
2003-03-10 22:28:22 +00:00
Bruce Momjian
728fa75edc OpenSSL 0.9.6g in Debian/unstable stopped working with pgcrypto. This
is pgcrypto bug as it assumed too much about inner workings of OpenSSL.

Following patch stops pgcrypto using EVP* functions for ciphers and lets
it manage ciphers itself.

This patch supports Blowfish, DES and CAST5 algorithms.

Marko Kreen
2002-11-15 02:54:44 +00:00
Peter Eisentraut
0530d7a24b Need sys/param.h for endianness macros. 2002-10-21 18:56:30 +00:00
Bruce Momjian
e5cf1a8a26 SET autocommit no longer needed in /contrib because pg_regress.sh does
it automatically now on regression session startup.
2002-10-21 01:42:14 +00:00
Bruce Momjian
aa4c702eac Update /contrib for "autocommit TO 'on'".
Create objects in public schema.

Make spacing/capitalization consistent.

Remove transaction block use for object creation.

Remove unneeded function GRANTs.
2002-10-18 18:41:22 +00:00
Tom Lane
fb473bc6fa Fix unsafe macro definitions (which were producing incorrect code,
leading to compile warnings).
2002-09-05 21:08:26 +00:00
Bruce Momjian
92288a1cf9 Change made to elog:
o  Change all current CVS messages of NOTICE to WARNING.  We were going
to do this just before 7.3 beta but it has to be done now, as you will
see below.

o Change current INFO messages that should be controlled by
client_min_messages to NOTICE.

o Force remaining INFO messages, like from EXPLAIN, VACUUM VERBOSE, etc.
to always go to the client.

o Remove INFO from the client_min_messages options and add NOTICE.

Seems we do need three non-ERROR elog levels to handle the various
behaviors we need for these messages.

Regression passed.
2002-03-06 06:10:59 +00:00
Tom Lane
7798b50c60 Remove gratuitous redefinition of inline, which should already have been
taken care of in pg_config.h.
2002-01-29 15:40:45 +00:00
Tom Lane
6d6b3e911c Add variants of digest() and hmac() that accept text inputs.
Marko Kreen says:
This is so obvious that I would like to make it 'official'.

Seems like the theology around bytea<>text casting kept me from
seeing the simple :)
2002-01-07 18:56:09 +00:00
Bruce Momjian
b490469cb9 > > On Fri, Dec 21, 2001 at 11:43:21AM +0800, Christopher Kings-Lynne
wrote:
> > > Just testing pgcrypto on freebsd/alpha.  I get some warnings:
> > They should be harmless, although I should fix them.
>
> The actual code is:
>
>     if ((dlen & 15) || (((unsigned) res) & 3))
>         return -1;

> Hard to imagine how (uint *) & 3 makes any sense, unless res isn't
> always a (uint8 *).  Is that true?

At some point it was casted to (uint32*) so I wanted to be sure its ok.
ATM its pointless.  Please apply the following patch.

--
marko
2002-01-03 07:21:48 +00:00
Tom Lane
ee051baeac Make sure that all <ctype.h> routines are called with unsigned char
values; it's not portable to call them with signed chars.  I recall doing
this for the last release, but a few more uncasted calls have snuck in.
2001-12-30 23:09:42 +00:00
Bruce Momjian
8f73bb4da9 * include <endian.h> is not enough, include sys/types.h too
everywhere.

At least it was now detected correctly.

marko
2001-11-30 17:39:20 +00:00
Bruce Momjian
8aa538cfd5 * When postgres.h does not define BYTE_ENDIAN pgcrypto
produces garbage.

I learned the hard way that

        #if UNDEFINED_1 == UNDEFINED_2
        #error "gcc is idiot"
        #endif

prints "gcc is idiot" ...

Affected are MD5/SHA1 in internal library, and also HMAC-MD5/HMAC-SHA1/
crypt-md5 which use them.  Blowfish is ok, also Rijndael on at
least x86.

Big thanks to Daniel Holtzman who send me a build log which
contained warning:

        md5.c:246: warning: `X' defined but not used

Yes, gcc is that helpful...

Please apply this.

--
marko
2001-11-29 19:40:37 +00:00
Bruce Momjian
c78975f845 Include sys/types.h in crypt-des.c. FreeBSD netinet/in.h
needs it.

Seems it is getting compileable...

Marko Kreen
2001-11-20 21:10:38 +00:00
Bruce Momjian
60f777606f Duh, my regexp's missed bunch of them. Here's next batch, this
should be all.

Marko Kreen
2001-11-20 18:54:07 +00:00
Bruce Momjian
540155b777 pgcrypto uses non-standard type uint, which causes compile
failures on FreeBSD.  This patch replaces uint -> unsigned.

This was reported by Daniel Holtzman against 0.4pre3 standalone
package, but it needs fixing in contrib/pgcrypto too.

Marko Kreen
2001-11-20 15:50:53 +00:00
Bruce Momjian
149d13de74 When given oversized key, encrypt/decrypt corrupted
memory.  This fixes it.  Also a free() was missing.

marko
2001-11-08 15:56:58 +00:00
Bruce Momjian
ea08e6cd55 New pgindent run with fixes suggested by Tom. Patch manually reviewed,
initdb/regression tests pass.
2001-11-05 17:46:40 +00:00
Bruce Momjian
c41b6b1b9c Fix small problem Tom Lane found with pgindent run. 2001-10-30 05:38:56 +00:00
Bruce Momjian
6783b2372e Another pgindent run. Fixes enum indenting, and improves #endif
spacing.  Also adds space for one-line comments.
2001-10-28 06:26:15 +00:00
Bruce Momjian
b81844b173 pgindent run on all C files. Java run to follow. initdb/regression
tests pass.
2001-10-25 05:50:21 +00:00
Bruce Momjian
fde8edaf53 Add do { ... } while (0) to more bad macros. 2001-10-25 01:29:37 +00:00
Bruce Momjian
b4a57b0648 Add more missing 'do { ... } while (0)' in missing macros. Without it,
these macros fail in if/else cases:

#define X \
{ \
	... \
}


{

	if (...)
		X;
	else
		...
}

with proper setup:

#define X \
do { \
	... \
} while (0)

it works fine.
2001-10-25 00:55:48 +00:00