49 *logdetail =
psprintf(
_(
"Role \"%s\" does not exist."),
55 Anum_pg_authid_rolpassword, &isnull);
59 *logdetail =
psprintf(
_(
"User \"%s\" has no password assigned."),
66 Anum_pg_authid_rolvaliduntil, &isnull);
77 *logdetail =
psprintf(
_(
"User \"%s\" has an expired password."),
98 if (strncmp(shadow_pass,
"md5", 3) == 0 &&
103 &encoded_salt, stored_key, server_key))
120 char *encrypted_password;
121 const char *errstr = NULL;
138 encrypted_password, &errstr))
139 elog(
ERROR,
"password encryption failed: %s", errstr);
140 return encrypted_password;
146 elog(
ERROR,
"cannot encrypt password with 'plaintext'");
153 elog(
ERROR,
"cannot encrypt password to requested type");
170 const char *client_pass,
171 const char *md5_salt,
int md5_salt_len,
172 const char **logdetail)
176 const char *errstr = NULL;
183 *logdetail =
psprintf(
_(
"User \"%s\" has a password that cannot be used with MD5 authentication."),
193 md5_salt, md5_salt_len,
200 if (strcmp(client_pass, crypt_pwd) == 0)
204 *logdetail =
psprintf(
_(
"Password does not match for user \"%s\"."),
224 const char *client_pass,
225 const char **logdetail)
228 const char *errstr = NULL;
246 *logdetail =
psprintf(
_(
"Password does not match for user \"%s\"."),
262 if (strcmp(crypt_client_pass, shadow_pass) == 0)
266 *logdetail =
psprintf(
_(
"Password does not match for user \"%s\"."),
285 *logdetail =
psprintf(
_(
"Password of user \"%s\" is in unrecognized format."),
bool parse_scram_secret(const char *secret, int *iterations, pg_cryptohash_type *hash_type, int *key_length, char **salt, uint8 *stored_key, uint8 *server_key)
char * pg_be_scram_build_secret(const char *password)
bool scram_verify_plain_password(const char *username, const char *password, const char *secret)
TimestampTz GetCurrentTimestamp(void)
#define TextDatumGetCString(d)
int plain_crypt_verify(const char *role, const char *shadow_pass, const char *client_pass, const char **logdetail)
char * get_role_password(const char *role, const char **logdetail)
PasswordType get_password_type(const char *shadow_pass)
char * encrypt_password(PasswordType target_type, const char *role, const char *password)
int md5_crypt_verify(const char *role, const char *shadow_pass, const char *client_pass, const char *md5_salt, int md5_salt_len, const char **logdetail)
@ PASSWORD_TYPE_PLAINTEXT
@ PASSWORD_TYPE_SCRAM_SHA_256
elog(ERROR, "%s: %s", p2, msg)
#define HeapTupleIsValid(tuple)
Assert(fmt[strlen(fmt) - 1] !='\n')
char * pstrdup(const char *in)
#define MD5_PASSWD_CHARSET
bool pg_md5_encrypt(const char *passwd, const char *salt, size_t salt_len, char *buf, const char **errstr)
static Datum PointerGetDatum(const void *X)
char * psprintf(const char *fmt,...)
#define SCRAM_MAX_KEY_LEN
void ReleaseSysCache(HeapTuple tuple)
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Datum SysCacheGetAttr(int cacheId, HeapTuple tup, AttrNumber attributeNumber, bool *isNull)
static TimestampTz DatumGetTimestampTz(Datum X)