saslprep.h File Reference

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Enumerations
enum	pg_saslprep_rc { SASLPREP_SUCCESS = 0 , SASLPREP_OOM = -1 , SASLPREP_INVALID_UTF8 = -2 , SASLPREP_PROHIBITED = -3 }

Functions
pg_saslprep_rc	pg_saslprep (const char *input, char **output)

Enumeration Type Documentation

pg_saslprep_rc

enum pg_saslprep_rc

Enumerator
SASLPREP_SUCCESS
SASLPREP_OOM
SASLPREP_INVALID_UTF8
SASLPREP_PROHIBITED

Definition at line 20 of file saslprep.h.

{
    SASLPREP_SUCCESS = 0,
    SASLPREP_OOM = -1,          /* out of memory (only in frontend) */
    SASLPREP_INVALID_UTF8 = -2, /* input is not a valid UTF-8 string */
    SASLPREP_PROHIBITED = -3,   /* output would contain prohibited characters */
} pg_saslprep_rc;

Function Documentation

pg_saslprep()

pg_saslprep_rc pg_saslprep	(	const char *	input,
		char **	output
	)

Definition at line 1047 of file saslprep.c.

{
    pg_wchar   *input_chars = NULL;
    pg_wchar   *output_chars = NULL;
    int         input_size;
    char       *result;
    int         result_size;
    int         count;
    int         i;
    bool        contains_RandALCat;
    unsigned char *p;
    pg_wchar   *wp;
 
    /* Ensure we return *output as NULL on failure */
    *output = NULL;
 
    /*
     * Quick check if the input is pure ASCII.  An ASCII string requires no
     * further processing.
     */
    if (pg_is_ascii(input))
    {
        *output = STRDUP(input);
        if (!(*output))
            goto oom;
        return SASLPREP_SUCCESS;
    }
 
    /*
     * Convert the input from UTF-8 to an array of Unicode codepoints.
     *
     * This also checks that the input is a legal UTF-8 string.
     */
    input_size = pg_utf8_string_len(input);
    if (input_size < 0)
        return SASLPREP_INVALID_UTF8;
    if (input_size >= MaxAllocSize / sizeof(pg_wchar))
        goto oom;
 
    input_chars = ALLOC((input_size + 1) * sizeof(pg_wchar));
    if (!input_chars)
        goto oom;
 
    p = (unsigned char *) input;
    for (i = 0; i < input_size; i++)
    {
        input_chars[i] = utf8_to_unicode(p);
        p += pg_utf_mblen(p);
    }
    input_chars[i] = (pg_wchar) '\0';
 
    /*
     * The steps below correspond to the steps listed in [RFC3454], Section
     * "2. Preparation Overview"
     */
 
    /*
     * 1) Map -- For each character in the input, check if it has a mapping
     * and, if so, replace it with its mapping.
     */
    count = 0;
    for (i = 0; i < input_size; i++)
    {
        pg_wchar    code = input_chars[i];
 
        if (IS_CODE_IN_TABLE(code, non_ascii_space_ranges))
            input_chars[count++] = 0x0020;
        else if (IS_CODE_IN_TABLE(code, commonly_mapped_to_nothing_ranges))
        {
            /* map to nothing */
        }
        else
            input_chars[count++] = code;
    }
    input_chars[count] = (pg_wchar) '\0';
    input_size = count;
 
    if (input_size == 0)
        goto prohibited;        /* don't allow empty password */
 
    /*
     * 2) Normalize -- Normalize the result of step 1 using Unicode
     * normalization.
     */
    output_chars = unicode_normalize(UNICODE_NFKC, input_chars);
    if (!output_chars)
        goto oom;
 
    /*
     * 3) Prohibit -- Check for any characters that are not allowed in the
     * output.  If any are found, return an error.
     */
    for (i = 0; i < input_size; i++)
    {
        pg_wchar    code = input_chars[i];
 
        if (IS_CODE_IN_TABLE(code, prohibited_output_ranges))
            goto prohibited;
        if (IS_CODE_IN_TABLE(code, unassigned_codepoint_ranges))
            goto prohibited;
    }
 
    /*
     * 4) Check bidi -- Possibly check for right-to-left characters, and if
     * any are found, make sure that the whole string satisfies the
     * requirements for bidirectional strings.  If the string does not satisfy
     * the requirements for bidirectional strings, return an error.
     *
     * [RFC3454], Section "6. Bidirectional Characters" explains in more
     * detail what that means:
     *
     * "In any profile that specifies bidirectional character handling, all
     * three of the following requirements MUST be met:
     *
     * 1) The characters in section 5.8 MUST be prohibited.
     *
     * 2) If a string contains any RandALCat character, the string MUST NOT
     * contain any LCat character.
     *
     * 3) If a string contains any RandALCat character, a RandALCat character
     * MUST be the first character of the string, and a RandALCat character
     * MUST be the last character of the string."
     */
    contains_RandALCat = false;
    for (i = 0; i < input_size; i++)
    {
        pg_wchar    code = input_chars[i];
 
        if (IS_CODE_IN_TABLE(code, RandALCat_codepoint_ranges))
        {
            contains_RandALCat = true;
            break;
        }
    }
 
    if (contains_RandALCat)
    {
        pg_wchar    first = input_chars[0];
        pg_wchar    last = input_chars[input_size - 1];
 
        for (i = 0; i < input_size; i++)
        {
            pg_wchar    code = input_chars[i];
 
            if (IS_CODE_IN_TABLE(code, LCat_codepoint_ranges))
                goto prohibited;
        }
 
        if (!IS_CODE_IN_TABLE(first, RandALCat_codepoint_ranges) ||
            !IS_CODE_IN_TABLE(last, RandALCat_codepoint_ranges))
            goto prohibited;
    }
 
    /*
     * Finally, convert the result back to UTF-8.
     */
    result_size = 0;
    for (wp = output_chars; *wp; wp++)
    {
        unsigned char buf[4];
 
        unicode_to_utf8(*wp, buf);
        result_size += pg_utf_mblen(buf);
    }
 
    result = ALLOC(result_size + 1);
    if (!result)
        goto oom;
 
    /*
     * There are no error exits below here, so the error exit paths don't need
     * to worry about possibly freeing "result".
     */
    p = (unsigned char *) result;
    for (wp = output_chars; *wp; wp++)
    {
        unicode_to_utf8(*wp, p);
        p += pg_utf_mblen(p);
    }
    Assert((char *) p == result + result_size);
    *p = '\0';
 
    FREE(input_chars);
    FREE(output_chars);
 
    *output = result;
    return SASLPREP_SUCCESS;
 
prohibited:
    if (input_chars)
        FREE(input_chars);
    if (output_chars)
        FREE(output_chars);
 
    return SASLPREP_PROHIBITED;
 
oom:
    if (input_chars)
        FREE(input_chars);
    if (output_chars)
        FREE(output_chars);
 
    return SASLPREP_OOM;
}

References ALLOC, Assert(), buf, commonly_mapped_to_nothing_ranges, FREE, i, input, IS_CODE_IN_TABLE, LCat_codepoint_ranges, MaxAllocSize, non_ascii_space_ranges, output, pg_is_ascii(), pg_utf8_string_len(), pg_utf_mblen, prohibited_output_ranges, RandALCat_codepoint_ranges, SASLPREP_INVALID_UTF8, SASLPREP_OOM, SASLPREP_PROHIBITED, SASLPREP_SUCCESS, STRDUP, unassigned_codepoint_ranges, UNICODE_NFKC, unicode_normalize(), unicode_to_utf8(), and utf8_to_unicode().

Referenced by pg_be_scram_build_secret(), pg_fe_scram_build_secret(), scram_init(), and scram_verify_plain_password().