#include "postgres.h"
#include <unistd.h>
#include "catalog/pg_authid.h"
#include "common/md5.h"
#include "common/scram-common.h"
#include "libpq/crypt.h"
#include "libpq/scram.h"
#include "miscadmin.h"
#include "utils/builtins.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/timestamp.h"

Include dependency graph for crypt.c:

Functions
char *	get_role_password (const char role, const char *logdetail)

PasswordType	get_password_type (const char *shadow_pass)

char *	encrypt_password (PasswordType target_type, const char role, const char password)

int	md5_crypt_verify (const char role, const char shadow_pass, const char client_pass, const uint8 md5_salt, int md5_salt_len, const char **logdetail)

int	plain_crypt_verify (const char role, const char shadow_pass, const char client_pass, const char *logdetail)

Variables
int	password_expiration_warning_threshold = 604800

bool	md5_password_warnings = true

Function Documentation

◆ encrypt_password()

char * encrypt_password	(	PasswordType	target_type,
		const char *	role,
		const char *	password
	)

Definition at line 180 of file crypt.c.

{
    PasswordType guessed_type = get_password_type(password);
    char       *encrypted_password = NULL;
    const char *errstr = NULL;
 
    if (guessed_type != PASSWORD_TYPE_PLAINTEXT)
    {
        /*
         * Cannot convert an already-encrypted password from one format to
         * another, so return it as it is.
         */
        encrypted_password = pstrdup(password);
    }
    else
    {
        switch (target_type)
        {
            case PASSWORD_TYPE_MD5:
                encrypted_password = palloc(MD5_PASSWD_LEN + 1);
 
                if (!pg_md5_encrypt(password, (const uint8 *) role, strlen(role),
                                    encrypted_password, &errstr))
                    elog(ERROR, "password encryption failed: %s", errstr);
                break;
 
            case PASSWORD_TYPE_SCRAM_SHA_256:
                encrypted_password = pg_be_scram_build_secret(password);
                break;
 
            case PASSWORD_TYPE_PLAINTEXT:
                elog(ERROR, "cannot encrypt password with 'plaintext'");
                break;
        }
    }
 
    Assert(encrypted_password);
 
    /*
     * Valid password hashes may be very long, but we don't want to store
     * anything that might need out-of-line storage, since de-TOASTing won't
     * work during authentication because we haven't selected a database yet
     * and cannot read pg_class. 512 bytes should be more than enough for all
     * practical use, so fail for anything longer.
     */
    if (encrypted_password &&   /* keep compiler quiet */
        strlen(encrypted_password) > MAX_ENCRYPTED_PASSWORD_LEN)
    {
        /*
         * We don't expect any of our own hashing routines to produce hashes
         * that are too long.
         */
        Assert(guessed_type != PASSWORD_TYPE_PLAINTEXT);
 
        ereport(ERROR,
                (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
                 errmsg("encrypted password is too long"),
                 errdetail("Encrypted passwords must be no longer than %d bytes.",
                           MAX_ENCRYPTED_PASSWORD_LEN)));
    }
 
    if (md5_password_warnings &&
        get_password_type(encrypted_password) == PASSWORD_TYPE_MD5)
        ereport(WARNING,
                (errcode(ERRCODE_WARNING_DEPRECATED_FEATURE),
                 errmsg("setting an MD5-encrypted password"),
                 errdetail("MD5 password support is deprecated and will be removed in a future release of PostgreSQL."),
                 errhint("Refer to the PostgreSQL documentation for details about migrating to another password type.")));
 
    return encrypted_password;
}

References Assert, elog, ereport, errcode(), errdetail(), errhint(), errmsg(), ERROR, fb(), get_password_type(), MAX_ENCRYPTED_PASSWORD_LEN, MD5_PASSWD_LEN, md5_password_warnings, palloc(), password, PASSWORD_TYPE_MD5, PASSWORD_TYPE_PLAINTEXT, PASSWORD_TYPE_SCRAM_SHA_256, pg_be_scram_build_secret(), pg_md5_encrypt(), pstrdup(), and WARNING.

Referenced by AlterRole(), and CreateRole().

◆ get_password_type()

PasswordType get_password_type ( const char * shadow_pass )

Definition at line 153 of file crypt.c.

{
    char       *encoded_salt;
    int         iterations;
    int         key_length = 0;
    pg_cryptohash_type hash_type;
    uint8       stored_key[SCRAM_MAX_KEY_LEN];
    uint8       server_key[SCRAM_MAX_KEY_LEN];
 
    if (strncmp(shadow_pass, "md5", 3) == 0 &&
        strlen(shadow_pass) == MD5_PASSWD_LEN &&
        strspn(shadow_pass + 3, MD5_PASSWD_CHARSET) == MD5_PASSWD_LEN - 3)
        return PASSWORD_TYPE_MD5;
    if (parse_scram_secret(shadow_pass, &iterations, &hash_type, &key_length,
                           &encoded_salt, stored_key, server_key))
        return PASSWORD_TYPE_SCRAM_SHA_256;
    return PASSWORD_TYPE_PLAINTEXT;
}

References fb(), iterations, MD5_PASSWD_CHARSET, MD5_PASSWD_LEN, parse_scram_secret(), PASSWORD_TYPE_MD5, PASSWORD_TYPE_PLAINTEXT, PASSWORD_TYPE_SCRAM_SHA_256, and SCRAM_MAX_KEY_LEN.

Referenced by AlterRole(), CheckPWChallengeAuth(), CreateRole(), encrypt_password(), md5_crypt_verify(), plain_crypt_verify(), RenameRole(), and scram_init().

◆ get_role_password()

char * get_role_password	(	const char *	role,
		const char **	logdetail
	)

Definition at line 43 of file crypt.c.

{
    TimestampTz vuntil = 0;
    HeapTuple   roleTup;
    Datum       datum;
    bool        isnull;
    char       *shadow_pass;
 
    /* Get role info from pg_authid */
    roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(role));
    if (!HeapTupleIsValid(roleTup))
    {
        *logdetail = psprintf(_("Role \"%s\" does not exist."),
                              role);
        return NULL;            /* no such user */
    }
 
    datum = SysCacheGetAttr(AUTHNAME, roleTup,
                            Anum_pg_authid_rolpassword, &isnull);
    if (isnull)
    {
        ReleaseSysCache(roleTup);
        *logdetail = psprintf(_("User \"%s\" has no password assigned."),
                              role);
        return NULL;            /* user has no password */
    }
    shadow_pass = TextDatumGetCString(datum);
 
    datum = SysCacheGetAttr(AUTHNAME, roleTup,
                            Anum_pg_authid_rolvaliduntil, &isnull);
    if (!isnull)
        vuntil = DatumGetTimestampTz(datum);
 
    ReleaseSysCache(roleTup);
 
    /*
     * Password OK, but check to be sure we are not past rolvaliduntil or
     * password_expiration_warning_threshold.
     */
    if (!isnull)
    {
        TimestampTz now = GetCurrentTimestamp();
        uint64      expire_time = TimestampDifferenceMicroseconds(now, vuntil);
 
        /*
         * If we're past rolvaliduntil, the connection attempt should fail, so
         * update logdetail and return NULL.
         */
        if (vuntil < now)
        {
            *logdetail = psprintf(_("User \"%s\" has an expired password."),
                                  role);
            return NULL;
        }
 
        /*
         * If we're past the warning threshold, the connection attempt should
         * succeed, but we still want to emit a warning.  To do so, we queue
         * the warning message using StoreConnectionWarning() so that it will
         * be emitted at the end of InitPostgres(), and we return normally.
         */
        if (expire_time / USECS_PER_SEC < password_expiration_warning_threshold)
        {
            MemoryContext oldcontext;
            int         days;
            int         hours;
            int         minutes;
            char       *warning;
            char       *detail;
 
            oldcontext = MemoryContextSwitchTo(TopMemoryContext);
 
            days = expire_time / USECS_PER_DAY;
            hours = (expire_time % USECS_PER_DAY) / USECS_PER_HOUR;
            minutes = (expire_time % USECS_PER_HOUR) / USECS_PER_MINUTE;
 
            warning = pstrdup(_("role password will expire soon"));
 
            if (days > 0)
                detail = psprintf(ngettext("The password for role \"%s\" will expire in %d day.",
                                           "The password for role \"%s\" will expire in %d days.",
                                           days),
                                  role, days);
            else if (hours > 0)
                detail = psprintf(ngettext("The password for role \"%s\" will expire in %d hour.",
                                           "The password for role \"%s\" will expire in %d hours.",
                                           hours),
                                  role, hours);
            else if (minutes > 0)
                detail = psprintf(ngettext("The password for role \"%s\" will expire in %d minute.",
                                           "The password for role \"%s\" will expire in %d minutes.",
                                           minutes),
                                  role, minutes);
            else
                detail = psprintf(_("The password for role \"%s\" will expire in less than 1 minute."),
                                  role);
 
            StoreConnectionWarning(warning, detail);
 
            MemoryContextSwitchTo(oldcontext);
        }
    }
 
    return shadow_pass;
}

References _, DatumGetTimestampTz(), days, fb(), GetCurrentTimestamp(), HeapTupleIsValid, MemoryContextSwitchTo(), ngettext, now(), password_expiration_warning_threshold, PointerGetDatum(), psprintf(), pstrdup(), ReleaseSysCache(), SearchSysCache1(), StoreConnectionWarning(), SysCacheGetAttr(), TextDatumGetCString, TimestampDifferenceMicroseconds(), TopMemoryContext, USECS_PER_DAY, USECS_PER_HOUR, USECS_PER_MINUTE, USECS_PER_SEC, and warning().

Referenced by CheckPasswordAuth(), and CheckPWChallengeAuth().

◆ md5_crypt_verify()

int md5_crypt_verify	(	const char *	role,
		const char *	shadow_pass,
		const char *	client_pass,
		const uint8 *	md5_salt,
		int	md5_salt_len,
		const char **	logdetail
	)

Definition at line 265 of file crypt.c.

{
    int         retval;
    char        crypt_pwd[MD5_PASSWD_LEN + 1];
    const char *errstr = NULL;
 
    Assert(md5_salt_len > 0);
 
    if (get_password_type(shadow_pass) != PASSWORD_TYPE_MD5)
    {
        /* incompatible password hash format. */
        *logdetail = psprintf(_("User \"%s\" has a password that cannot be used with MD5 authentication."),
                              role);
        return STATUS_ERROR;
    }
 
    /*
     * Compute the correct answer for the MD5 challenge.
     */
    /* stored password already encrypted, only do salt */
    if (!pg_md5_encrypt(shadow_pass + strlen("md5"),
                        md5_salt, md5_salt_len,
                        crypt_pwd, &errstr))
    {
        *logdetail = errstr;
        return STATUS_ERROR;
    }
 
    if (strcmp(client_pass, crypt_pwd) == 0)
    {
        retval = STATUS_OK;
 
        if (md5_password_warnings)
        {
            MemoryContext oldcontext;
            char       *warning;
            char       *detail;
 
            oldcontext = MemoryContextSwitchTo(TopMemoryContext);
 
            warning = pstrdup(_("authenticated with an MD5-encrypted password"));
            detail = pstrdup(_("MD5 password support is deprecated and will be removed in a future release of PostgreSQL."));
            StoreConnectionWarning(warning, detail);
 
            MemoryContextSwitchTo(oldcontext);
        }
    }
    else
    {
        *logdetail = psprintf(_("Password does not match for user \"%s\"."),
                              role);
        retval = STATUS_ERROR;
    }
 
    return retval;
}

References _, Assert, fb(), get_password_type(), MD5_PASSWD_LEN, md5_password_warnings, MemoryContextSwitchTo(), PASSWORD_TYPE_MD5, pg_md5_encrypt(), psprintf(), pstrdup(), STATUS_ERROR, STATUS_OK, StoreConnectionWarning(), TopMemoryContext, and warning().

Referenced by CheckMD5Auth().

◆ plain_crypt_verify()

int plain_crypt_verify	(	const char *	role,
		const char *	shadow_pass,
		const char *	client_pass,
		const char **	logdetail
	)

Definition at line 336 of file crypt.c.

{
    char        crypt_client_pass[MD5_PASSWD_LEN + 1];
    const char *errstr = NULL;
 
    /*
     * Client sent password in plaintext.  If we have an MD5 hash stored, hash
     * the password the client sent, and compare the hashes.  Otherwise
     * compare the plaintext passwords directly.
     */
    switch (get_password_type(shadow_pass))
    {
        case PASSWORD_TYPE_SCRAM_SHA_256:
            if (scram_verify_plain_password(role,
                                            client_pass,
                                            shadow_pass))
            {
                return STATUS_OK;
            }
            else
            {
                *logdetail = psprintf(_("Password does not match for user \"%s\"."),
                                      role);
                return STATUS_ERROR;
            }
            break;
 
        case PASSWORD_TYPE_MD5:
            if (!pg_md5_encrypt(client_pass,
                                (const uint8 *) role,
                                strlen(role),
                                crypt_client_pass,
                                &errstr))
            {
                *logdetail = errstr;
                return STATUS_ERROR;
            }
            if (strcmp(crypt_client_pass, shadow_pass) == 0)
                return STATUS_OK;
            else
            {
                *logdetail = psprintf(_("Password does not match for user \"%s\"."),
                                      role);
                return STATUS_ERROR;
            }
            break;
 
        case PASSWORD_TYPE_PLAINTEXT:
 
            /*
             * We never store passwords in plaintext, so this shouldn't
             * happen.
             */
            break;
    }
 
    /*
     * This shouldn't happen.  Plain "password" authentication is possible
     * with any kind of stored password hash.
     */
    *logdetail = psprintf(_("Password of user \"%s\" is in unrecognized format."),
                          role);
    return STATUS_ERROR;
}