Changeset: 4f0545be34a5 for MonetDB
URL: http://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=4f0545be34a5
Modified Files:
MonetDB.spec
clients/ChangeLog.Feb2013
clients/mapiclient/Makefile.ag
clients/mapilib/Makefile.ag
clients/mapilib/mapi.c
clients/perl/Mapi.pm
clients/perl/mclient.pl
clients/php/lib/php_mapi.inc
clients/python/monetdb/mapi.py
clients/python3/monetdb/mapi.py
clients/ruby/lib/MonetDBConnection.rb
configure.ag
debian/monetdb-client.install
java/ChangeLog.Feb2013
java/Makefile.ag
java/build.properties
java/release.txt
java/src/nl/cwi/monetdb/client/JMonetDB.java
java/src/nl/cwi/monetdb/mcl/net/MapiSocket.java
java/src/nl/cwi/monetdb/merovingian/SabaothDB.java
monetdb5/optimizer/opt_pipes.c
sql/test/BugTracker-2010/Tests/group-by_ordered_column.Bug-2564.stable.out
sql/test/BugTracker/Tests/explain.SF-1739353.stable.out
sql/test/BugTracker/Tests/jdbc_no_debug.SF-1739356.stable.out
sql/test/BugTracker/Tests/jdbc_no_debug.SF-1739356.stable.out.32bit
tools/merovingian/ChangeLog.Feb2013
tools/merovingian/client/monetdb.c
tools/merovingian/daemon/handlers.c
tools/merovingian/daemon/merovingian.c
tools/merovingian/utils/utils.c
Branch: default
Log Message:
Merged from Feb2013
diffs (truncated from 1472 to 300 lines):
diff --git a/MonetDB.spec b/MonetDB.spec
--- a/MonetDB.spec
+++ b/MonetDB.spec
@@ -140,7 +140,6 @@ MonetDB, you will very likely need this
%files client
%defattr(-,root,root)
%{_bindir}/mclient
-%{_bindir}/mnc
%{_bindir}/msqldump
%{_bindir}/stethoscope
%{_libdir}/libmapi.so.*
diff --git a/clients/ChangeLog.Feb2013 b/clients/ChangeLog.Feb2013
--- a/clients/ChangeLog.Feb2013
+++ b/clients/ChangeLog.Feb2013
@@ -1,6 +1,11 @@
# ChangeLog file for clients
# This file is updated with Maddlog
+* Sat Dec 1 2012 Fabian Groffen <[email protected]>
+- Mapi protocol v8 support was removed from all client drivers. Protocol
+ v8 has not been used by the servers any more since Apr2012 release
+- The tool mnc was removed from installations
+
* Wed Nov 7 2012 Sjoerd Mullender <[email protected]>
- msqldump: Implmented an option (--table/-t) to dump a single table.
- Changed msqdump's trace option to be in line with mclient. In both
diff --git a/clients/mapiclient/Makefile.ag b/clients/mapiclient/Makefile.ag
--- a/clients/mapiclient/Makefile.ag
+++ b/clients/mapiclient/Makefile.ag
@@ -52,12 +52,14 @@ bin_tomograph = {
$(curl_LIBS) $(MALLOC_LIBS) $(PTHREAD_LIBS) $(SOCKET_LIBS)
}
-bin_mnc = {
- SOURCES = mnc.c
- LIBS = ../../common/stream/libstream \
- ../mapilib/libmapi \
- $(curl_LIBS) $(MALLOC_LIBS) $(PTHREAD_LIBS) $(SOCKET_LIBS)
-}
+# disabled: it's not really a tool for users, more to debug mapi
+# problems, or measure performance
+#bin_mnc = {
+# SOURCES = mnc.c
+# LIBS = ../../common/stream/libstream \
+# ../mapilib/libmapi \
+# $(curl_LIBS) $(MALLOC_LIBS) $(PTHREAD_LIBS) $(SOCKET_LIBS)
+#}
man_MANS = mclient.1 msqldump.1
diff --git a/clients/mapilib/Makefile.ag b/clients/mapilib/Makefile.ag
--- a/clients/mapilib/Makefile.ag
+++ b/clients/mapilib/Makefile.ag
@@ -25,7 +25,7 @@ lib_mapi = {
SOURCES = mapi.c mapi.rc
LIBS = $(SOCKET_LIBS) ../../common/stream/libstream \
../../common/options/libmoptions \
- ../../common/utils/libmcrypt $(openssl_LIBS) $(CRYPT_LIBS)
+ ../../common/utils/libmcrypt $(openssl_LIBS)
}
headers_mapi = {
diff --git a/clients/mapilib/mapi.c b/clients/mapilib/mapi.c
--- a/clients/mapilib/mapi.c
+++ b/clients/mapilib/mapi.c
@@ -823,14 +823,6 @@
# endif
#endif
-#ifdef HAVE_CRYPT_H
-# include <crypt.h>
-#else
-# if defined(HAVE_CRYPT) && defined(__MINGW32__)
-_CRTIMP char *__cdecl crypt(const char *key, const char *salt);
-# endif
-#endif
-
#ifndef INVALID_SOCKET
#define INVALID_SOCKET (-1)
#endif
@@ -2436,21 +2428,19 @@ mapi_start_talking(Mapi mid)
}
pversion = atoi(protover);
- if (pversion < 8) {
- /* because the headers changed, and because it makes no sense to
- * try and be backwards compatible, we bail out with a friendly
- * message saying so.
- */
- snprintf(buf, BLOCK, "Unsupported protocol version: %d. "
- "This client only supports version 8 and 9. "
- "Sorry, can't help you here!", pversion);
- mapi_setError(mid, buf, "mapi_start_talking", MERROR);
- return mid->error;
- } else if (pversion == 8 || pversion == 9) {
+ if (pversion == 9) {
char *hash = NULL;
char *hashes = NULL;
char *byteo = NULL;
char *serverhash = NULL;
+ char *algsv[] = {
+ "RIPEMD160",
+ "SHA1",
+ "MD5",
+ NULL
+ };
+ char **algs = algsv;
+ char *p;
/* rBuCQ9WTn3:mserver:9:RIPEMD160,SHA256,SHA1,MD5:LIT:SHA1: */
@@ -2462,11 +2452,11 @@ mapi_start_talking(Mapi mid)
/* the database has sent a list of supported hashes to us, it's
* in the form of a comma separated list and in the variable
- * rest. We try to use the strongest algorithm.
- */
+ * rest. We try to use the strongest algorithm. */
if (rest == NULL) {
/* protocol violation, not enough fields */
- mapi_setError(mid, "Not enough fields in challenge
string", "mapi_start_talking", MERROR);
+ mapi_setError(mid, "Not enough fields in challenge
string",
+ "mapi_start_talking", MERROR);
return mid->error;
}
hashes = rest;
@@ -2488,133 +2478,67 @@ mapi_start_talking(Mapi mid)
* hash, that is salted like in v8. The hash algorithm is
* specified in the 6th field. If we don't support it, we
* can't login. */
- if (pversion == 9) {
- serverhash = rest;
- hash = strchr(serverhash, ':');
- if (hash) {
- *hash = '\0';
- rest = hash + 1;
+ serverhash = rest;
+ hash = strchr(serverhash, ':');
+ if (hash) {
+ *hash = '\0';
+ rest = hash + 1;
+ }
+ hash = NULL;
+ /* hash password, if not already */
+ if (mid->password[0] != '\1') {
+ char *pwdhash = NULL;
+ if (strcmp(serverhash, "RIPEMD160") == 0) {
+ pwdhash = mcrypt_RIPEMD160Sum(mid->password,
+ strlen(mid->password));
+ } else if (strcmp(serverhash, "SHA512") == 0) {
+ pwdhash = mcrypt_SHA512Sum(mid->password,
+ strlen(mid->password));
+ } else if (strcmp(serverhash, "SHA384") == 0) {
+ pwdhash = mcrypt_SHA384Sum(mid->password,
+ strlen(mid->password));
+ } else if (strcmp(serverhash, "SHA256") == 0) {
+ pwdhash = mcrypt_SHA256Sum(mid->password,
+ strlen(mid->password));
+ } else if (strcmp(serverhash, "SHA224") == 0) {
+ pwdhash = mcrypt_SHA224Sum(mid->password,
+ strlen(mid->password));
+ } else if (strcmp(serverhash, "SHA1") == 0) {
+ pwdhash = mcrypt_SHA1Sum(mid->password,
+ strlen(mid->password));
+ } else if (strcmp(serverhash, "MD5") == 0) {
+ pwdhash = mcrypt_MD5Sum(mid->password,
+ strlen(mid->password));
+ } else {
+ snprintf(buf, BLOCK, "server requires unknown
hash '%s'",
+ serverhash);
+ close_connection(mid);
+ return mapi_setError(mid, buf,
"mapi_start_talking", MERROR);
}
- hash = NULL;
- /* hash password, if not already */
- if (mid->password[0] != '\1') {
- char *pwdhash = NULL;
- if (strcmp(serverhash, "RIPEMD160") == 0) {
- pwdhash =
mcrypt_RIPEMD160Sum(mid->password,
- strlen(mid->password));
- } else if (strcmp(serverhash, "SHA512") == 0) {
- pwdhash =
mcrypt_SHA512Sum(mid->password,
- strlen(mid->password));
- } else if (strcmp(serverhash, "SHA384") == 0) {
- pwdhash =
mcrypt_SHA384Sum(mid->password,
- strlen(mid->password));
- } else if (strcmp(serverhash, "SHA256") == 0) {
- pwdhash =
mcrypt_SHA256Sum(mid->password,
- strlen(mid->password));
- } else if (strcmp(serverhash, "SHA224") == 0) {
- pwdhash =
mcrypt_SHA224Sum(mid->password,
- strlen(mid->password));
- } else if (strcmp(serverhash, "SHA1") == 0) {
- pwdhash = mcrypt_SHA1Sum(mid->password,
- strlen(mid->password));
- } else if (strcmp(serverhash, "MD5") == 0) {
- pwdhash = mcrypt_MD5Sum(mid->password,
- strlen(mid->password));
- } else {
- snprintf(buf, BLOCK, "server requires
unknown hash '%s'", serverhash);
- close_connection(mid);
- return mapi_setError(mid, buf,
"mapi_start_talking", MERROR);
- }
-
- free(mid->password);
- mid->password = malloc(sizeof(char) * (1 +
strlen(pwdhash) + 1));
- sprintf(mid->password, "\1%s", pwdhash);
- free(pwdhash);
+
+ free(mid->password);
+ mid->password = malloc(sizeof(char) * (1 +
strlen(pwdhash) + 1));
+ sprintf(mid->password, "\1%s", pwdhash);
+ free(pwdhash);
+ }
+
+ p = mid->password + 1;
+
+ for (; *algs != NULL; algs++) {
+ /* TODO: make this actually obey the separation by
+ * commas, and only allow full matches */
+ if (strstr(hashes, *algs) != NULL) {
+ char *pwh = mcrypt_hashPassword(*algs, p, chal);
+ size_t len;
+ if (pwh == NULL)
+ continue;
+ len = strlen(pwh) + 11 /* {RIPEMD160} */ + 1;
+ hash = malloc(sizeof(char) * len);
+ snprintf(hash, len, "{%s}%s", *algs, pwh);
+ free(pwh);
+ break;
}
}
-
- {
- char *algsv[] = {
- "RIPEMD160",
- "SHA1",
- "MD5",
- NULL
- };
- char **algs = algsv;
- char *p;
-
- if (pversion == 9) {
- p = mid->password + 1;
- } else {
- p = mid->password;
- }
-
- for (; *algs != NULL; algs++) {
- /* TODO: make this actually obey the separation
by
- * commas, and only allow full matches */
- if (strstr(hashes, *algs) != NULL) {
- char *pwh = mcrypt_hashPassword(*algs,
p, chal);
- size_t len;
- if (pwh == NULL)
- continue;
- len = strlen(pwh) + 11 /* {RIPEMD160}
*/ + 1;
- hash = malloc(sizeof(char) * len);
- snprintf(hash, len, "{%s}%s", *algs,
pwh);
- free(pwh);
- break;
- }
- }
- }
-#ifdef HAVE_CRYPT
- if (pversion == 8 && hash == NULL && strstr(hashes, "crypt") !=
NULL) {
- /* The crypt hash algorithm uses UNIX crypt, a
modification of
- * DES which uses a 2-char wide salt. Because crypt
only cares
- * about the first eight characters of the given
password, the
- * challenge may not be taken into account at all. As
salt, the
- * last two characters of the challenge are used.
- * As of proto v9 this weak hash has been dropped. */
- char key[8]; /* NULL termination is not necessary */
- char salt[3]; /* NULL termination is a necessity! */
- char *cr;
- int n;
-
- /* prepare the key */
- n = strlen(mid->password);
- if (n >= 8) {
- strncpy(key, mid->password, 8);
- } else {
- /* pad with the challenge, we know it is always
8+ chars */
- strncpy(key, mid->password, n);
- strncpy(key + n, chal, 8 - n);
- }
-
- /* prepare the salt */
- n = strlen(chal);
- salt[0] = chal[n - 2];
- salt[1] = chal[n - 1];
- salt[2] = '\0';
-
- /* call crypt to do the work */
- cr = crypt(key, salt);
- assert(cr != NULL);
- hash = malloc(sizeof(char) * ( /*{crypt} */ 7 +
strlen(cr) + 1));
- sprintf(hash, "{crypt}%s", cr);
- } else
_______________________________________________
checkin-list mailing list
[email protected]
http://mail.monetdb.org/mailman/listinfo/checkin-list
