Commit Graph

21 Commits

Author SHA1 Message Date
Alvaro Herrera
743229a67e Add forgotten CHECK_FOR_INTERRUPT calls in pgcrypto's crypt()
Both Blowfish and DES implementations of crypt() can take arbitrarily
long time, depending on the number of rounds specified by the caller;
make sure they can be interrupted.

Author: Andreas Karlsson
Reviewer: Jeff Janes

Backpatch to 9.1.
2015-12-27 13:03:19 -03:00
Noah Misch
1d812c8b05 pgcrypto: Detect and report too-short crypt() salts.
Certain short salts crashed the backend or disclosed a few bytes of
backend memory.  For existing salt-induced error conditions, emit a
message saying as much.  Back-patch to 9.0 (all supported versions).

Josh Kupershmidt

Security: CVE-2015-5288
2015-10-05 10:06:29 -04:00
Bruce Momjian
9fe55259fd pgcrypto: fix memset() calls that might be optimized away
Specifically, on-stack memset() might be removed, so:

	* Replace memset() with px_memset()
	* Add px_memset to copy_crlf()
	* Add px_memset to pgp-s2k.c

Patch by Marko Kreen

Report by PVS-Studio

Backpatch through 8.4.
2014-04-17 12:37:53 -04:00
Peter Eisentraut
1b81c2fe6e Remove many -Wcast-qual warnings
This addresses only those cases that are easy to fix by adding or
moving a const qualifier or removing an unnecessary cast.  There are
many more complicated cases remaining.
2011-09-11 21:54:32 +03:00
Bruce Momjian
6416a82a62 Remove unnecessary #include references, per pgrminclude script. 2011-09-01 10:04:27 -04:00
Tom Lane
ca59dfa6f7 Apply upstream fix for blowfish signed-character bug (CVE-2011-2483).
A password containing a character with the high bit set was misprocessed
on machines where char is signed (which is most).  This could cause the
preceding one to three characters to fail to affect the hashed result,
thus weakening the password.  The result was also unportable, and failed
to match some other blowfish implementations such as OpenBSD's.

Since the fix changes the output for such passwords, upstream chose
to provide a compatibility hack: password salts beginning with $2x$
(instead of the usual $2a$ for blowfish) are intentionally processed
"wrong" to give the same hash as before.  Stored password hashes can
thus be modified if necessary to still match, though it'd be better
to change any affected passwords.

In passing, sync a couple other upstream changes that marginally improve
performance and/or tighten error checking.

Back-patch to all supported branches.  Since this issue is already
public, no reason not to commit the fix ASAP.
2011-06-21 14:41:05 -04:00
Magnus Hagander
9f2e211386 Remove cvs keywords from all files. 2010-09-20 22:08:53 +02:00
Bruce Momjian
d747140279 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
provided by Andrew.
2009-06-11 14:49:15 +00:00
Bruce Momjian
fdf5a5efb7 pgindent run for 8.3. 2007-11-15 21:14:46 +00:00
Tom Lane
37a609b27f Now that core functionality is depending on autoconf's AC_C_BIGENDIAN to be
right, there seems precious little reason to have a pile of hand-maintained
endianness definitions in src/include/port/*.h.  Get rid of those, and make
the couple of places that used them depend on WORDS_BIGENDIAN instead.
2007-04-06 05:36:51 +00:00
Bruce Momjian
f3d99d160d Add CVS tag lines to files that were lacking them. 2006-03-11 04:38:42 +00:00
Bruce Momjian
1dc3498251 Standard pgindent run for 8.1. 2005-10-15 02:49:52 +00:00
Bruce Momjian
b492c3accc Add parentheses to macros when args are used in computations. Without
them, the executation behavior could be unexpected.
2005-05-25 21:40:43 +00:00
Neil Conway
fa332a06ec * construct "struct {} list [] = {}" confuses pgindent - split those.
It was a bad style to begin with, and now several loops can be clearer.
* pgcrypto.c: Fix function comments
* crypt-gensalt.c, crypt-blowfish.c: stop messing with errno
* openssl.c: use px_free instead pfree
* px.h: make redefining px_alloc/px_realloc/px_free easier

Marko Kreen
2005-03-21 05:18:46 +00:00
Bruce Momjian
8aa538cfd5 * When postgres.h does not define BYTE_ENDIAN pgcrypto
produces garbage.

I learned the hard way that

        #if UNDEFINED_1 == UNDEFINED_2
        #error "gcc is idiot"
        #endif

prints "gcc is idiot" ...

Affected are MD5/SHA1 in internal library, and also HMAC-MD5/HMAC-SHA1/
crypt-md5 which use them.  Blowfish is ok, also Rijndael on at
least x86.

Big thanks to Daniel Holtzman who send me a build log which
contained warning:

        md5.c:246: warning: `X' defined but not used

Yes, gcc is that helpful...

Please apply this.

--
marko
2001-11-29 19:40:37 +00:00
Bruce Momjian
ea08e6cd55 New pgindent run with fixes suggested by Tom. Patch manually reviewed,
initdb/regression tests pass.
2001-11-05 17:46:40 +00:00
Bruce Momjian
b81844b173 pgindent run on all C files. Java run to follow. initdb/regression
tests pass.
2001-10-25 05:50:21 +00:00
Bruce Momjian
b4a57b0648 Add more missing 'do { ... } while (0)' in missing macros. Without it,
these macros fail in if/else cases:

#define X \
{ \
	... \
}


{

	if (...)
		X;
	else
		...
}

with proper setup:

#define X \
do { \
	... \
} while (0)

it works fine.
2001-10-25 00:55:48 +00:00
Tom Lane
77f27d5ec3 Fix some portability problems (get it to compile, at least, on HP's cc) 2001-10-15 19:15:18 +00:00
Bruce Momjian
ab56022864 Big thanks to Solar Designer who pointed out a bug in bcrypt
salt generation code.  He also urged using better random source
and making possible to choose using bcrypt and xdes rounds more
easily.  So, here's patch:

* For all salt generation, use Solar Designer's own code.  This
  is mostly due fact that his code is more fit for get_random_bytes()
  style interface.
* New function: gen_salt(type, rounds).  This lets specify iteration
  count for algorithm.
* random.c: px_get_random_bytes() function.
  Supported randomness soure: /dev/urandom, OpenSSL PRNG, libc random()
  Default: /dev/urandom.
* Draft description of C API for pgcrypto functions.

New files: API, crypt-gensalt.c, random.c

Marko Kreen
2001-09-23 04:12:44 +00:00
Bruce Momjian
df24cb73f6 Add missing pgcrypto file. 2001-08-21 01:32:01 +00:00