Thread

  1. Re: The Axe list

    D'Arcy Cain <darcy@druid.net> — 2008-10-11T19:55:56Z

    On Sat, 11 Oct 2008 11:57:50 -0700
    Josh Berkus <josh@agliodbs.com> wrote:
    > > However, if all it needs is a modern encryption scheme that's probably
    > > an hour's work.  The only reason that I haven't done so yet is because
    > > I have no use case. 
    > 
    > Well, I had no use case either which is why I didn't propose updating 
    > it.  I can certainly see having chkpass live on pgFoundry, though.
    
    No need.  I have places to put it up.  I would like to make the
    following changes for the CVS archives before it is removed though.
    Any objections?
    
    Index: chkpass.c
    ===================================================================
    RCS file: /cvsroot/pgsql/contrib/chkpass/chkpass.c,v
    retrieving revision 1.20
    diff -u -p -u -r1.20 chkpass.c
    --- chkpass.c   25 Mar 2008 22:42:41 -0000  1.20
    +++ chkpass.c   11 Oct 2008 19:52:52 -0000
    @@ -70,6 +70,7 @@ chkpass_in(PG_FUNCTION_ARGS)
        char       *str = PG_GETARG_CSTRING(0);
        chkpass    *result;
        char        mysalt[4];
    +   static bool random_initialized = false;
        static char salt_chars[] =
        "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
     
    @@ -88,10 +89,16 @@ chkpass_in(PG_FUNCTION_ARGS)
     
        result = (chkpass *) palloc(sizeof(chkpass));
     
    +   if (!random_initialized)
    +   {
    +       srandom((unsigned int) time(NULL));
    +       random_initialized = true;
    +   }
    +
        mysalt[0] = salt_chars[random() & 0x3f];
        mysalt[1] = salt_chars[random() & 0x3f];
    -   mysalt[2] = 0;              /* technically the terminator is not
    necessary
    -                                * but I like to play safe */
    +   mysalt[2] = 0;              /* technically the terminator is not
    +                                * necessary but I like to play safe */
        strcpy(result->password, crypt(str, mysalt));
        PG_RETURN_POINTER(result);
     }
    @@ -108,9 +115,11 @@ chkpass_out(PG_FUNCTION_ARGS)
        chkpass    *password = (chkpass *) PG_GETARG_POINTER(0);
        char       *result;
     
    -   result = (char *) palloc(16);
    -   result[0] = ':';
    -   strcpy(result + 1, password->password);
    +   if ((result = (char *) palloc(16)) != NULL)
    +   {
    +       result[0] = ':';
    +       strcpy(result + 1, password->password);
    +   }
     
        PG_RETURN_CSTRING(result);
     }
    @@ -142,6 +151,9 @@ chkpass_eq(PG_FUNCTION_ARGS)
        text       *a2 = PG_GETARG_TEXT_PP(1);
        char        str[9];
     
    +   if (!a1 || !a2)
    +       PG_RETURN_BOOL(0);
    +
        text_to_cstring_buffer(a2, str, sizeof(str));
        PG_RETURN_BOOL(strcmp(a1->password, crypt(str, a1->password)) == 0);
     }
    @@ -154,6 +166,9 @@ chkpass_ne(PG_FUNCTION_ARGS)
        text       *a2 = PG_GETARG_TEXT_PP(1);
        char        str[9];
     
    +   if (!a1 || !a2)
    +       PG_RETURN_BOOL(0);
    +
        text_to_cstring_buffer(a2, str, sizeof(str));
        PG_RETURN_BOOL(strcmp(a1->password, crypt(str, a1->password)) != 0);
     }
    
    -- 
    D'Arcy J.M. Cain <darcy@druid.net>         |  Democracy is three wolves
    http://www.druid.net/darcy/                |  and a sheep voting on
    +1 416 425 1212     (DoD#0082)    (eNTP)   |  what's for dinner.