Refactor the code for verifying user's password. Split md5_crypt_verify() into three functions: * get_role_password() to fetch user's password from pg_authid, and check its expiration. * md5_crypt_verify() to check an MD5 authentication challenge * plain_crypt_verify() to check a plaintext password.
get_role_password() will be needed as a separate function by the upcoming SCRAM authentication patch set. Most of the remaining functionality in md5_crypt_verify() was different for MD5 and plaintext authentication, so split that for readability. While we're at it, simplify the *_crypt_verify functions by using stack-allocated buffers to hold the temporary MD5 hashes, instead of pallocing. Reviewed by Michael Paquier. Discussion: https://www.postgresql.org/message-id/[email protected] Branch ------ master Details ------- http://git.postgresql.org/pg/commitdiff/e7f051b8f9a6341f6d3bf80b29c1dbc1837be9ab Modified Files -------------- src/backend/libpq/auth.c | 18 +++- src/backend/libpq/crypt.c | 217 ++++++++++++++++++++++++++++------------------ src/include/libpq/crypt.h | 9 +- 3 files changed, 153 insertions(+), 91 deletions(-) -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
