On 8/30/06, Bruce Momjian <[EMAIL PROTECTED]> wrote:
Michael Fuhr wrote:
> In README.pgcrypto, Section 2.3 "Deprecated functions" says that
> digest_exists(), hmac_exists(), and cipher_exists() are planned to
> be removed in PostgreSQL 8.2. Those functions still exist -- should
> they be removed or does that section need updating?
Marko, any comment on this pgcrypto item?
Heh, I had it forgotten. Lets do it. Although there's no hurry with it,
delaying just will annoy more users.
Also, update my email address.
--
marko
Index: contrib/pgcrypto/README.pgcrypto
===================================================================
RCS file: /opt/cvs/pgsql/contrib/pgcrypto/README.pgcrypto,v
retrieving revision 1.17
diff -u -c -r1.17 README.pgcrypto
*** contrib/pgcrypto/README.pgcrypto 5 Aug 2006 00:29:11 -0000 1.17
--- contrib/pgcrypto/README.pgcrypto 5 Sep 2006 08:29:58 -0000
***************
*** 1,6 ****
pgcrypto - cryptographic functions for PostgreSQL
=================================================
! Marko Kreen <marko@l-t.ee>
// Note: this document is in asciidoc format.
--- 1,6 ----
pgcrypto - cryptographic functions for PostgreSQL
=================================================
! Marko Kreen <[EMAIL PROTECTED]>
// Note: this document is in asciidoc format.
***************
*** 79,92 ****
are NULL. This may create security risks on careless usage.
! 2.3. Deprecated functions
! ~~~~~~~~~~~~~~~~~~~~~~~~~~~
!
! The `digest_exists()`, `hmac_exists()` and `cipher_exists()` functions
! are deprecated. The plan is to remove them in PostgreSQL 8.2.
!
!
! 2.4. Security
~~~~~~~~~~~~~~~
All the functions here run inside database server. That means that all
--- 79,85 ----
are NULL. This may create security risks on careless usage.
! 2.3. Security
~~~~~~~~~~~~~~~
All the functions here run inside database server. That means that all
Index: contrib/pgcrypto/pgcrypto.c
===================================================================
RCS file: /opt/cvs/pgsql/contrib/pgcrypto/pgcrypto.c,v
retrieving revision 1.22
diff -u -c -r1.22 pgcrypto.c
*** contrib/pgcrypto/pgcrypto.c 13 Jul 2006 04:15:25 -0000 1.22
--- contrib/pgcrypto/pgcrypto.c 5 Sep 2006 08:28:23 -0000
***************
*** 87,118 ****
PG_RETURN_BYTEA_P(res);
}
- /* check if given hash exists */
- PG_FUNCTION_INFO_V1(pg_digest_exists);
-
- Datum
- pg_digest_exists(PG_FUNCTION_ARGS)
- {
- text *name;
- PX_MD *res;
-
- if (PG_ARGISNULL(0))
- PG_RETURN_NULL();
-
- name = PG_GETARG_TEXT_P(0);
-
- res = find_provider(name, (PFN) px_find_digest, "Digest", 1);
-
- PG_FREE_IF_COPY(name, 0);
-
- if (res == NULL)
- PG_RETURN_BOOL(false);
-
- res->free(res);
-
- PG_RETURN_BOOL(true);
- }
-
/* SQL function: hmac(data:bytea, key:bytea, type:text) returns bytea */
PG_FUNCTION_INFO_V1(pg_hmac);
--- 87,92 ----
***************
*** 158,189 ****
PG_RETURN_BYTEA_P(res);
}
- /* check if given hmac type exists */
- PG_FUNCTION_INFO_V1(pg_hmac_exists);
-
- Datum
- pg_hmac_exists(PG_FUNCTION_ARGS)
- {
- text *name;
- PX_HMAC *h;
-
- if (PG_ARGISNULL(0))
- PG_RETURN_NULL();
-
- name = PG_GETARG_TEXT_P(0);
-
- h = find_provider(name, (PFN) px_find_hmac, "HMAC", 1);
-
- PG_FREE_IF_COPY(name, 0);
-
- if (h != NULL)
- {
- px_hmac_free(h);
- PG_RETURN_BOOL(true);
- }
- PG_RETURN_BOOL(false);
- }
-
/* SQL function: pg_gen_salt(text) returns text */
PG_FUNCTION_INFO_V1(pg_gen_salt);
--- 132,137 ----
***************
*** 565,591 ****
PG_RETURN_BYTEA_P(res);
}
- /* SQL function: pg_cipher_exists(text) returns bool */
- PG_FUNCTION_INFO_V1(pg_cipher_exists);
-
- Datum
- pg_cipher_exists(PG_FUNCTION_ARGS)
- {
- text *arg;
- PX_Combo *c;
-
- if (PG_ARGISNULL(0))
- PG_RETURN_NULL();
-
- arg = PG_GETARG_TEXT_P(0);
-
- c = find_provider(arg, (PFN) px_find_combo, "Cipher", 1);
- if (c != NULL)
- px_combo_free(c);
-
- PG_RETURN_BOOL((c != NULL) ? true : false);
- }
-
static void *
find_provider(text *name,
PFN provider_lookup,
--- 513,518 ----
Index: contrib/pgcrypto/pgcrypto.h
===================================================================
RCS file: /opt/cvs/pgsql/contrib/pgcrypto/pgcrypto.h,v
retrieving revision 1.10
diff -u -c -r1.10 pgcrypto.h
*** contrib/pgcrypto/pgcrypto.h 13 Jul 2006 04:15:25 -0000 1.10
--- contrib/pgcrypto/pgcrypto.h 5 Sep 2006 08:27:28 -0000
***************
*** 36,44 ****
/* exported functions */
Datum pg_digest(PG_FUNCTION_ARGS);
- Datum pg_digest_exists(PG_FUNCTION_ARGS);
Datum pg_hmac(PG_FUNCTION_ARGS);
- Datum pg_hmac_exists(PG_FUNCTION_ARGS);
Datum pg_gen_salt(PG_FUNCTION_ARGS);
Datum pg_gen_salt_rounds(PG_FUNCTION_ARGS);
Datum pg_crypt(PG_FUNCTION_ARGS);
--- 36,42 ----
***************
*** 46,52 ****
Datum pg_decrypt(PG_FUNCTION_ARGS);
Datum pg_encrypt_iv(PG_FUNCTION_ARGS);
Datum pg_decrypt_iv(PG_FUNCTION_ARGS);
- Datum pg_cipher_exists(PG_FUNCTION_ARGS);
Datum pg_random_bytes(PG_FUNCTION_ARGS);
#endif
--- 44,49 ----
Index: contrib/pgcrypto/pgcrypto.sql.in
===================================================================
RCS file: /opt/cvs/pgsql/contrib/pgcrypto/pgcrypto.sql.in,v
retrieving revision 1.13
diff -u -c -r1.13 pgcrypto.sql.in
*** contrib/pgcrypto/pgcrypto.sql.in 13 Jul 2006 04:15:25 -0000 1.13
--- contrib/pgcrypto/pgcrypto.sql.in 5 Sep 2006 08:27:12 -0000
***************
*** 11,21 ****
AS 'MODULE_PATHNAME', 'pg_digest'
LANGUAGE C IMMUTABLE STRICT;
- CREATE OR REPLACE FUNCTION digest_exists(text)
- RETURNS bool
- AS 'MODULE_PATHNAME', 'pg_digest_exists'
- LANGUAGE C IMMUTABLE STRICT;
-
CREATE OR REPLACE FUNCTION hmac(text, text, text)
RETURNS bytea
AS 'MODULE_PATHNAME', 'pg_hmac'
--- 11,16 ----
***************
*** 26,36 ****
AS 'MODULE_PATHNAME', 'pg_hmac'
LANGUAGE C IMMUTABLE STRICT;
- CREATE OR REPLACE FUNCTION hmac_exists(text)
- RETURNS bool
- AS 'MODULE_PATHNAME', 'pg_hmac_exists'
- LANGUAGE C IMMUTABLE STRICT;
-
CREATE OR REPLACE FUNCTION crypt(text, text)
RETURNS text
AS 'MODULE_PATHNAME', 'pg_crypt'
--- 21,26 ----
***************
*** 66,76 ****
AS 'MODULE_PATHNAME', 'pg_decrypt_iv'
LANGUAGE C IMMUTABLE STRICT;
- CREATE OR REPLACE FUNCTION cipher_exists(text)
- RETURNS bool
- AS 'MODULE_PATHNAME', 'pg_cipher_exists'
- LANGUAGE C IMMUTABLE STRICT;
-
CREATE OR REPLACE FUNCTION gen_random_bytes(int4)
RETURNS bytea
AS 'MODULE_PATHNAME', 'pg_random_bytes'
--- 56,61 ----
Index: contrib/pgcrypto/uninstall_pgcrypto.sql
===================================================================
RCS file: /opt/cvs/pgsql/contrib/pgcrypto/uninstall_pgcrypto.sql,v
retrieving revision 1.1
diff -u -c -r1.1 uninstall_pgcrypto.sql
*** contrib/pgcrypto/uninstall_pgcrypto.sql 13 Jul 2006 04:15:25 -0000 1.1
--- contrib/pgcrypto/uninstall_pgcrypto.sql 5 Sep 2006 08:29:32 -0000
***************
*** 3,13 ****
DROP FUNCTION digest(text, text);
DROP FUNCTION digest(bytea, text);
- DROP FUNCTION digest_exists(text);
DROP FUNCTION hmac(text, text, text);
DROP FUNCTION hmac(bytea, bytea, text);
- DROP FUNCTION hmac_exists(text);
DROP FUNCTION crypt(text, text);
DROP FUNCTION gen_salt(text);
--- 3,11 ----
***************
*** 17,23 ****
DROP FUNCTION decrypt(bytea, bytea, text);
DROP FUNCTION encrypt_iv(bytea, bytea, bytea, text);
DROP FUNCTION decrypt_iv(bytea, bytea, bytea, text);
! DROP FUNCTION cipher_exists(text);
DROP FUNCTION gen_random_bytes(int4);
DROP FUNCTION pgp_sym_encrypt(text, text);
--- 15,21 ----
DROP FUNCTION decrypt(bytea, bytea, text);
DROP FUNCTION encrypt_iv(bytea, bytea, bytea, text);
DROP FUNCTION decrypt_iv(bytea, bytea, bytea, text);
!
DROP FUNCTION gen_random_bytes(int4);
DROP FUNCTION pgp_sym_encrypt(text, text);
---------------------------(end of broadcast)---------------------------
TIP 6: explain analyze is your friend