v2-0002-WIP-use-uint8-in-more-places-for-byte-arrays.patch
text/x-patch
Filename: v2-0002-WIP-use-uint8-in-more-places-for-byte-arrays.patch
Type: text/x-patch
Part: 1
Patch
Format: format-patch
Series: patch v2-0002
Subject: WIP: use 'uint8 *' in more places for byte arrays
| File | + | − |
|---|---|---|
| src/backend/libpq/auth.c | 2 | 2 |
| src/backend/libpq/auth-scram.c | 13 | 13 |
| src/backend/libpq/crypt.c | 3 | 3 |
| src/common/md5_common.c | 2 | 2 |
| src/include/common/md5.h | 2 | 2 |
| src/include/libpq/auth.h | 1 | 1 |
| src/include/libpq/crypt.h | 1 | 1 |
| src/interfaces/libpq/fe-auth.c | 4 | 4 |
| src/interfaces/libpq/fe-auth-scram.c | 1 | 1 |
From e518b93e48fe9a14f5328e423e10e44b8c92b699 Mon Sep 17 00:00:00 2001
From: Heikki Linnakangas <heikki.linnakangas@iki.fi>
Date: Wed, 9 Apr 2025 13:45:10 +0300
Subject: [PATCH v2 2/2] WIP: use 'uint8 *' in more places for byte arrays
---
src/backend/libpq/auth-scram.c | 26 +++++++++++++-------------
src/backend/libpq/auth.c | 4 ++--
src/backend/libpq/crypt.c | 6 +++---
src/common/md5_common.c | 4 ++--
src/include/common/md5.h | 4 ++--
src/include/libpq/auth.h | 2 +-
src/include/libpq/crypt.h | 2 +-
src/interfaces/libpq/fe-auth-scram.c | 2 +-
src/interfaces/libpq/fe-auth.c | 8 ++++----
9 files changed, 29 insertions(+), 29 deletions(-)
diff --git a/src/backend/libpq/auth-scram.c b/src/backend/libpq/auth-scram.c
index f80333bb533..6ba8212326d 100644
--- a/src/backend/libpq/auth-scram.c
+++ b/src/backend/libpq/auth-scram.c
@@ -158,7 +158,7 @@ typedef struct
/* Fields from the last message from client */
char *client_final_message_without_proof;
char *client_final_nonce;
- char ClientProof[SCRAM_MAX_KEY_LEN];
+ uint8 ClientProof[SCRAM_MAX_KEY_LEN];
/* Fields generated in the server */
char *server_first_message;
@@ -186,7 +186,7 @@ static void mock_scram_secret(const char *username, pg_cryptohash_type *hash_typ
static bool is_scram_printable(char *p);
static char *sanitize_char(char c);
static char *sanitize_str(const char *s);
-static char *scram_mock_salt(const char *username,
+static uint8 *scram_mock_salt(const char *username,
pg_cryptohash_type hash_type,
int key_length);
@@ -524,7 +524,7 @@ scram_verify_plain_password(const char *username, const char *password,
const char *secret)
{
char *encoded_salt;
- char *salt;
+ uint8 *salt;
int saltlen;
int iterations;
int key_length = 0;
@@ -609,9 +609,9 @@ parse_scram_secret(const char *secret, int *iterations,
char *storedkey_str;
char *serverkey_str;
int decoded_len;
- char *decoded_salt_buf;
- char *decoded_stored_buf;
- char *decoded_server_buf;
+ uint8 *decoded_salt_buf;
+ uint8 *decoded_stored_buf;
+ uint8 *decoded_server_buf;
/*
* The secret is of form:
@@ -698,7 +698,7 @@ mock_scram_secret(const char *username, pg_cryptohash_type *hash_type,
int *iterations, int *key_length, char **salt,
uint8 *stored_key, uint8 *server_key)
{
- char *raw_salt;
+ uint8 *raw_salt;
char *encoded_salt;
int encoded_len;
@@ -1231,7 +1231,7 @@ build_server_first_message(scram_state *state)
* For convenience, however, we don't use the whole range available,
* rather, we generate some random bytes, and base64 encode them.
*/
- char raw_nonce[SCRAM_RAW_NONCE_LEN];
+ uint8 raw_nonce[SCRAM_RAW_NONCE_LEN];
int encoded_len;
if (!pg_strong_random(raw_nonce, SCRAM_RAW_NONCE_LEN))
@@ -1271,7 +1271,7 @@ read_client_final_message(scram_state *state, const char *input)
char *begin,
*proof;
char *p;
- char *client_proof;
+ uint8 *client_proof;
int client_proof_len;
begin = p = pstrdup(input);
@@ -1340,7 +1340,7 @@ read_client_final_message(scram_state *state, const char *input)
b64_message_len = pg_b64_enc_len(cbind_input_len);
/* don't forget the zero-terminator */
b64_message = palloc(b64_message_len + 1);
- b64_message_len = pg_b64_encode(cbind_input, cbind_input_len,
+ b64_message_len = pg_b64_encode((uint8 *) cbind_input, cbind_input_len,
b64_message, b64_message_len);
if (b64_message_len < 0)
elog(ERROR, "could not encode channel binding data");
@@ -1440,7 +1440,7 @@ build_server_final_message(scram_state *state)
siglen = pg_b64_enc_len(state->key_length);
/* don't forget the zero-terminator */
server_signature_base64 = palloc(siglen + 1);
- siglen = pg_b64_encode((const char *) ServerSignature,
+ siglen = pg_b64_encode(ServerSignature,
state->key_length, server_signature_base64,
siglen);
if (siglen < 0)
@@ -1467,7 +1467,7 @@ build_server_final_message(scram_state *state)
* hash based on the username and a cluster-level secret key. Returns a
* pointer to a static buffer of size SCRAM_DEFAULT_SALT_LEN, or NULL.
*/
-static char *
+static uint8 *
scram_mock_salt(const char *username, pg_cryptohash_type hash_type,
int key_length)
{
@@ -1501,5 +1501,5 @@ scram_mock_salt(const char *username, pg_cryptohash_type hash_type,
}
pg_cryptohash_free(ctx);
- return (char *) sha_digest;
+ return sha_digest;
}
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index e18683c47e7..9f4d05ffbd4 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -666,7 +666,7 @@ ClientAuthentication(Port *port)
* Send an authentication request packet to the frontend.
*/
void
-sendAuthRequest(Port *port, AuthRequest areq, const char *extradata, int extralen)
+sendAuthRequest(Port *port, AuthRequest areq, const void *extradata, int extralen)
{
StringInfoData buf;
@@ -874,7 +874,7 @@ CheckPWChallengeAuth(Port *port, const char **logdetail)
static int
CheckMD5Auth(Port *port, char *shadow_pass, const char **logdetail)
{
- char md5Salt[4]; /* Password salt */
+ uint8 md5Salt[4]; /* Password salt */
char *passwd;
int result;
diff --git a/src/backend/libpq/crypt.c b/src/backend/libpq/crypt.c
index cbb85a27cc1..f6b641e726e 100644
--- a/src/backend/libpq/crypt.c
+++ b/src/backend/libpq/crypt.c
@@ -136,7 +136,7 @@ encrypt_password(PasswordType target_type, const char *role,
case PASSWORD_TYPE_MD5:
encrypted_password = palloc(MD5_PASSWD_LEN + 1);
- if (!pg_md5_encrypt(password, role, strlen(role),
+ if (!pg_md5_encrypt(password, (uint8 *) role, strlen(role),
encrypted_password, &errstr))
elog(ERROR, "password encryption failed: %s", errstr);
break;
@@ -201,7 +201,7 @@ encrypt_password(PasswordType target_type, const char *role,
int
md5_crypt_verify(const char *role, const char *shadow_pass,
const char *client_pass,
- const char *md5_salt, int md5_salt_len,
+ const uint8 *md5_salt, int md5_salt_len,
const char **logdetail)
{
int retval;
@@ -284,7 +284,7 @@ plain_crypt_verify(const char *role, const char *shadow_pass,
case PASSWORD_TYPE_MD5:
if (!pg_md5_encrypt(client_pass,
- role,
+ (uint8 *) role,
strlen(role),
crypt_client_pass,
&errstr))
diff --git a/src/common/md5_common.c b/src/common/md5_common.c
index 61e396b0bbf..057ae7a449f 100644
--- a/src/common/md5_common.c
+++ b/src/common/md5_common.c
@@ -105,7 +105,7 @@ pg_md5_hash(const void *buff, size_t len, char *hexsum, const char **errstr)
* (of size MD5_DIGEST_LENGTH) rather than being converted to ASCII hex.
*/
bool
-pg_md5_binary(const void *buff, size_t len, void *outbuf, const char **errstr)
+pg_md5_binary(const void *buff, size_t len, uint8 *outbuf, const char **errstr)
{
pg_cryptohash_ctx *ctx;
@@ -142,7 +142,7 @@ pg_md5_binary(const void *buff, size_t len, void *outbuf, const char **errstr)
* error context.
*/
bool
-pg_md5_encrypt(const char *passwd, const char *salt, size_t salt_len,
+pg_md5_encrypt(const char *passwd, const uint8 *salt, size_t salt_len,
char *buf, const char **errstr)
{
size_t passwd_len = strlen(passwd);
diff --git a/src/include/common/md5.h b/src/include/common/md5.h
index 18ffd998453..0c9ae4888f2 100644
--- a/src/include/common/md5.h
+++ b/src/include/common/md5.h
@@ -28,9 +28,9 @@
/* Utilities common to all the MD5 implementations, as of md5_common.c */
extern bool pg_md5_hash(const void *buff, size_t len, char *hexsum,
const char **errstr);
-extern bool pg_md5_binary(const void *buff, size_t len, void *outbuf,
+extern bool pg_md5_binary(const void *buff, size_t len, uint8 *outbuf,
const char **errstr);
-extern bool pg_md5_encrypt(const char *passwd, const char *salt,
+extern bool pg_md5_encrypt(const char *passwd, const uint8 *salt,
size_t salt_len, char *buf,
const char **errstr);
diff --git a/src/include/libpq/auth.h b/src/include/libpq/auth.h
index 25b5742068f..cc9643cce2f 100644
--- a/src/include/libpq/auth.h
+++ b/src/include/libpq/auth.h
@@ -37,7 +37,7 @@ extern PGDLLIMPORT bool pg_krb_caseins_users;
extern PGDLLIMPORT bool pg_gss_accept_delegation;
extern void ClientAuthentication(Port *port);
-extern void sendAuthRequest(Port *port, AuthRequest areq, const char *extradata,
+extern void sendAuthRequest(Port *port, AuthRequest areq, const void *extradata,
int extralen);
extern void set_authn_id(Port *port, const char *id);
diff --git a/src/include/libpq/crypt.h b/src/include/libpq/crypt.h
index dee477428e4..a1b4b363143 100644
--- a/src/include/libpq/crypt.h
+++ b/src/include/libpq/crypt.h
@@ -51,7 +51,7 @@ extern char *encrypt_password(PasswordType target_type, const char *role,
extern char *get_role_password(const char *role, const char **logdetail);
extern int md5_crypt_verify(const char *role, const char *shadow_pass,
- const char *client_pass, const char *md5_salt,
+ const char *client_pass, const uint8 *md5_salt,
int md5_salt_len, const char **logdetail);
extern int plain_crypt_verify(const char *role, const char *shadow_pass,
const char *client_pass,
diff --git a/src/interfaces/libpq/fe-auth-scram.c b/src/interfaces/libpq/fe-auth-scram.c
index 3babbc8d522..807ee1f5d0d 100644
--- a/src/interfaces/libpq/fe-auth-scram.c
+++ b/src/interfaces/libpq/fe-auth-scram.c
@@ -77,7 +77,7 @@ typedef struct
/* These come from the server-final message */
char *server_final_message;
- char ServerSignature[SCRAM_MAX_KEY_LEN];
+ uint8 ServerSignature[SCRAM_MAX_KEY_LEN];
} fe_scram_state;
static bool read_server_first_message(fe_scram_state *state, char *input);
diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c
index ec7a9236044..84a042269de 100644
--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -798,7 +798,7 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
int ret;
char *crypt_pwd = NULL;
const char *pwd_to_send;
- char md5Salt[4];
+ uint8 md5Salt[4];
/* Read the salt from the AuthenticationMD5Password message. */
if (areq == AUTH_REQ_MD5)
@@ -829,7 +829,7 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
}
crypt_pwd2 = crypt_pwd + MD5_PASSWD_LEN + 1;
- if (!pg_md5_encrypt(password, conn->pguser,
+ if (!pg_md5_encrypt(password, (uint8 *) conn->pguser,
strlen(conn->pguser), crypt_pwd2,
&errstr))
{
@@ -1369,7 +1369,7 @@ PQencryptPassword(const char *passwd, const char *user)
if (!crypt_pwd)
return NULL;
- if (!pg_md5_encrypt(passwd, user, strlen(user), crypt_pwd, &errstr))
+ if (!pg_md5_encrypt(passwd, (uint8 *) user, strlen(user), crypt_pwd, &errstr))
{
free(crypt_pwd);
return NULL;
@@ -1482,7 +1482,7 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
{
const char *errstr = NULL;
- if (!pg_md5_encrypt(passwd, user, strlen(user), crypt_pwd, &errstr))
+ if (!pg_md5_encrypt(passwd, (uint8 *) user, strlen(user), crypt_pwd, &errstr))
{
libpq_append_conn_error(conn, "could not encrypt password: %s", errstr);
free(crypt_pwd);
--
2.39.5