Misc cleanup of SCRAM code.

hlinnaka · hlinnaka · commit e6e9c4da3a55 · 2017-05-05T10:01:44.000+03:00
* Remove is_scram_verifier() function. It was unused. * Fix sanitize_char() function, used in error messages on protocol violations, to print bytes >= 0x7F correctly. * Change spelling of scram_MockSalt() function to be more consistent with the surroundings. * Change a few more references to "server proof" to "server signature" that I missed in commit d981074.
diff --git a/src/backend/libpq/auth-scram.c b/src/backend/libpq/auth-scram.c
@@ -153,7 +153,7 @@ static void mock_scram_verifier(const char *username, int *iterations,
 					char **salt, uint8 *stored_key, uint8 *server_key);
 static bool is_scram_printable(char *p);
 static char *sanitize_char(char c);
-static char *scram_MockSalt(const char *username);
+static char *scram_mock_salt(const char *username);
 
 /*
  * pg_be_scram_init
@@ -480,28 +480,6 @@ scram_verify_plain_password(const char *username, const char *password,
 	return memcmp(computed_key, server_key, SCRAM_KEY_LEN) == 0;
 }
 
-/*
- * Check if given verifier can be used for SCRAM authentication.
- *
- * Returns true if it is a SCRAM verifier, and false otherwise.
- */
-bool
-is_scram_verifier(const char *verifier)
-{
-	int			iterations;
-	char	   *salt = NULL;
-	uint8		stored_key[SCRAM_KEY_LEN];
-	uint8		server_key[SCRAM_KEY_LEN];
-	bool		result;
-
-	result = parse_scram_verifier(verifier, &iterations, &salt,
-								  stored_key, server_key);
-	if (salt)
-		pfree(salt);
-
-	return result;
-}
-
 
 /*
  * Parse and validate format of given SCRAM verifier.
@@ -592,7 +570,7 @@ mock_scram_verifier(const char *username, int *iterations, char **salt,
 	int			encoded_len;
 
 	/* Generate deterministic salt */
-	raw_salt = scram_MockSalt(username);
+	raw_salt = scram_mock_salt(username);
 
 	encoded_salt = (char *) palloc(pg_b64_enc_len(SCRAM_DEFAULT_SALT_LEN) + 1);
 	encoded_len = pg_b64_encode(raw_salt, SCRAM_DEFAULT_SALT_LEN, encoded_salt);
@@ -679,7 +657,7 @@ sanitize_char(char c)
 	if (c >= 0x21 && c <= 0x7E)
 		snprintf(buf, sizeof(buf), "'%c'", c);
 	else
-		snprintf(buf, sizeof(buf), "0x%02x", c);
+		snprintf(buf, sizeof(buf), "0x%02x", (unsigned char) c);
 	return buf;
 }
 
@@ -1146,7 +1124,7 @@ build_server_final_message(scram_state *state)
  * pointer to a static buffer of size SCRAM_DEFAULT_SALT_LEN.
  */
 static char *
-scram_MockSalt(const char *username)
+scram_mock_salt(const char *username)
 {
 	pg_sha256_ctx ctx;
 	static uint8 sha_digest[PG_SHA256_DIGEST_LENGTH];
diff --git a/src/include/libpq/scram.h b/src/include/libpq/scram.h
@@ -28,7 +28,6 @@ extern int pg_be_scram_exchange(void *opaq, char *input, int inputlen,
 
 /* Routines to handle and check SCRAM-SHA-256 verifier */
 extern char *pg_be_scram_build_verifier(const char *password);
-extern bool is_scram_verifier(const char *verifier);
 extern bool scram_verify_plain_password(const char *username,
 							const char *password, const char *verifier);
 
diff --git a/src/interfaces/libpq/fe-auth-scram.c b/src/interfaces/libpq/fe-auth-scram.c
@@ -212,7 +212,7 @@ pg_fe_scram_exchange(void *opaq, char *input, int inputlen,
 			break;
 
 		case FE_SCRAM_PROOF_SENT:
-			/* Receive server proof */
+			/* Receive server signature */
 			if (!read_server_final_message(state, input, errorMessage))
 				goto error;
 
@@ -228,7 +228,7 @@ pg_fe_scram_exchange(void *opaq, char *input, int inputlen,
 			{
 				*success = false;
 				printfPQExpBuffer(errorMessage,
-								  libpq_gettext("invalid server proof\n"));
+								  libpq_gettext("invalid server signature\n"));
 			}
 			*done = true;
 			state->state = FE_SCRAM_FINISHED;
