1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
|
/*
* PostgreSQL type definitions for chkpass
* Written by D'Arcy J.M. Cain
* darcy@druid.net
* http://www.druid.net/darcy/
*
* $Id: chkpass.c,v 1.5 2001/10/25 05:49:19 momjian Exp $
* best viewed with tabs set to 4
*/
#include <stdio.h>
#include <string.h>
#include <time.h>
#include <unistd.h>
#include <postgres.h>
#include <fmgr.h>
/*
* This type encrypts it's input unless the first character is a colon.
* The output is the encrypted form with a leading colon. The output
* format is designed to allow dump and reload operations to work as
* expected without doing special tricks.
*/
/*
* This is the internal storage format for CHKPASSs.
* 15 is all I need but add a little buffer
*/
typedef struct chkpass
{
char password[16];
} chkpass;
/*
* Various forward declarations:
*/
Datum chkpass_in(PG_FUNCTION_ARGS);
Datum chkpass_out(PG_FUNCTION_ARGS);
Datum chkpass_rout(PG_FUNCTION_ARGS);
/* Only equal or not equal make sense */
Datum chkpass_eq(PG_FUNCTION_ARGS);
Datum chkpass_ne(PG_FUNCTION_ARGS);
/* This function checks that the password is a good one
* It's just a placeholder for now */
static int
verify_pass(const char *str)
{
return 0;
}
/*
* CHKPASS reader.
*/
PG_FUNCTION_INFO_V1(chkpass_in)
Datum
chkpass_in(PG_FUNCTION_ARGS)
{
char *str = PG_GETARG_CSTRING(0);
chkpass *result;
char mysalt[4];
static bool random_initialized = false;
static char salt_chars[] =
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
/* special case to let us enter encrypted passwords */
if (*str == ':')
{
result = (chkpass *) palloc(sizeof(chkpass));
strncpy(result->password, str + 1, 13);
result->password[13] = 0;
PG_RETURN_POINTER(result);
}
if (verify_pass(str) != 0)
{
elog(ERROR, "chkpass_in: purported CHKPASS \"%s\" is a weak password",
str);
PG_RETURN_POINTER(NULL);
}
result = (chkpass *) palloc(sizeof(chkpass));
if (!random_initialized)
{
srandom((unsigned int) time(NULL));
random_initialized = true;
}
mysalt[0] = salt_chars[random() & 0x3f];
mysalt[1] = salt_chars[random() & 0x3f];
mysalt[2] = 0; /* technically the terminator is not
* necessary but I like to play safe */
strcpy(result->password, crypt(str, mysalt));
PG_RETURN_POINTER(result);
}
/*
* CHKPASS output function.
* Just like any string but we know it is max 15 (13 plus colon and terminator.)
*/
PG_FUNCTION_INFO_V1(chkpass_out)
Datum
chkpass_out(PG_FUNCTION_ARGS)
{
chkpass *password = (chkpass *) PG_GETARG_POINTER(0);
char *result;
if (password == NULL)
PG_RETURN_POINTER(NULL);
if ((result = (char *) palloc(16)) != NULL)
{
result[0] = ':';
strcpy(result + 1, password->password);
}
PG_RETURN_CSTRING(result);
}
/*
* special output function that doesn't output the colon
*/
PG_FUNCTION_INFO_V1(chkpass_rout)
Datum
chkpass_rout(PG_FUNCTION_ARGS)
{
chkpass *password = (chkpass *) PG_GETARG_POINTER(0);
text *result = NULL;
if (password == NULL)
PG_RETURN_POINTER(NULL);
if ((result = (text *) palloc(VARHDRSZ + 16)) != NULL)
{
result->vl_len = VARHDRSZ + strlen(password->password);
memcpy(result->vl_dat, password->password, strlen(password->password));
}
PG_RETURN_CSTRING(result);
}
/*
* Boolean tests
*/
PG_FUNCTION_INFO_V1(chkpass_eq)
Datum
chkpass_eq(PG_FUNCTION_ARGS)
{
chkpass *a1 = (chkpass *) PG_GETARG_POINTER(0);
text *a2 = (text *) PG_GETARG_TEXT_P(1);
char str[10];
int sz = 8;
if (!a1 || !a2)
PG_RETURN_BOOL(0);
if (a2->vl_len < 12)
sz = a2->vl_len - 4;
strncpy(str, a2->vl_dat, sz);
str[sz] = 0;
PG_RETURN_BOOL(strcmp(a1->password, crypt(str, a1->password)) == 0);
}
PG_FUNCTION_INFO_V1(chkpass_ne)
Datum
chkpass_ne(PG_FUNCTION_ARGS)
{
chkpass *a1 = (chkpass *) PG_GETARG_POINTER(0);
text *a2 = (text *) PG_GETARG_TEXT_P(1);
char str[10];
int sz = 8;
if (!a1 || !a2)
PG_RETURN_BOOL(0);
if (a2->vl_len < 12)
sz = a2->vl_len - 4;
strncpy(str, a2->vl_dat, sz);
str[sz] = 0;
PG_RETURN_BOOL(strcmp(a1->password, crypt(str, a1->password)) != 0);
}
|