48 *logdetail =
psprintf(
_(
"Role \"%s\" does not exist."),
54 Anum_pg_authid_rolpassword, &isnull);
58 *logdetail =
psprintf(
_(
"User \"%s\" has no password assigned."),
65 Anum_pg_authid_rolvaliduntil, &isnull);
76 *logdetail =
psprintf(
_(
"User \"%s\" has an expired password."),
97 if (strncmp(shadow_pass,
"md5", 3) == 0 &&
102 &encoded_salt, stored_key, server_key))
119 char *encrypted_password;
120 const char *errstr = NULL;
137 encrypted_password, &errstr))
138 elog(
ERROR,
"password encryption failed: %s", errstr);
139 return encrypted_password;
145 elog(
ERROR,
"cannot encrypt password with 'plaintext'");
152 elog(
ERROR,
"cannot encrypt password to requested type");
169 const char *client_pass,
170 const char *md5_salt,
int md5_salt_len,
171 const char **logdetail)
175 const char *errstr = NULL;
182 *logdetail =
psprintf(
_(
"User \"%s\" has a password that cannot be used with MD5 authentication."),
192 md5_salt, md5_salt_len,
199 if (strcmp(client_pass, crypt_pwd) == 0)
203 *logdetail =
psprintf(
_(
"Password does not match for user \"%s\"."),
223 const char *client_pass,
224 const char **logdetail)
227 const char *errstr = NULL;
245 *logdetail =
psprintf(
_(
"Password does not match for user \"%s\"."),
261 if (strcmp(crypt_client_pass, shadow_pass) == 0)
265 *logdetail =
psprintf(
_(
"Password does not match for user \"%s\"."),
284 *logdetail =
psprintf(
_(
"Password of user \"%s\" is in unrecognized format."),
bool parse_scram_secret(const char *secret, int *iterations, pg_cryptohash_type *hash_type, int *key_length, char **salt, uint8 *stored_key, uint8 *server_key)
char * pg_be_scram_build_secret(const char *password)
bool scram_verify_plain_password(const char *username, const char *password, const char *secret)
TimestampTz GetCurrentTimestamp(void)
#define TextDatumGetCString(d)
#define Assert(condition)
int plain_crypt_verify(const char *role, const char *shadow_pass, const char *client_pass, const char **logdetail)
char * get_role_password(const char *role, const char **logdetail)
PasswordType get_password_type(const char *shadow_pass)
char * encrypt_password(PasswordType target_type, const char *role, const char *password)
int md5_crypt_verify(const char *role, const char *shadow_pass, const char *client_pass, const char *md5_salt, int md5_salt_len, const char **logdetail)
@ PASSWORD_TYPE_PLAINTEXT
@ PASSWORD_TYPE_SCRAM_SHA_256
#define HeapTupleIsValid(tuple)
char * pstrdup(const char *in)
#define MD5_PASSWD_CHARSET
bool pg_md5_encrypt(const char *passwd, const char *salt, size_t salt_len, char *buf, const char **errstr)
static Datum PointerGetDatum(const void *X)
char * psprintf(const char *fmt,...)
#define SCRAM_MAX_KEY_LEN
void ReleaseSysCache(HeapTuple tuple)
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Datum SysCacheGetAttr(int cacheId, HeapTuple tup, AttrNumber attributeNumber, bool *isNull)
static TimestampTz DatumGetTimestampTz(Datum X)