Revert "Apply 0005-Refactor-decision-making-of-password-encryption-into.patch + cherry-pick babe05b"

afiskon · afiskon · commit 215cb4fb38fd · 2016-12-01T18:56:41.000+03:00
This reverts commit 2cc896b.
diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
@@ -1166,22 +1166,21 @@ include_dir 'conf.d'
      </varlistentry>
 
      <varlistentry id="guc-password-encryption" xreflabel="password_encryption">
-      <term><varname>password_encryption</varname> (<type>enum</type>)
+      <term><varname>password_encryption</varname> (<type>boolean</type>)
       <indexterm>
        <primary><varname>password_encryption</> configuration parameter</primary>
       </indexterm>
       </term>
       <listitem>
        <para>
-        When a password is specified in <xref linkend="sql-createuser"> or
-        <xref linkend="sql-alterrole"> without writing either <literal>ENCRYPTED</>
-        or <literal>UNENCRYPTED</>, this parameter determines whether the
-        password is to be encrypted. The default value is <literal>md5</>, which
-        stores the password as an MD5 hash. Setting this to <literal>plain</> stores
-        it in plaintext. <literal>on</> and <literal>off</> are also accepted, as
-        aliases for <literal>md5</> and <literal>plain</>, respectively.
+        When a password is specified in <xref
+        linkend="sql-createuser"> or
+        <xref linkend="sql-alterrole">
+        without writing either <literal>ENCRYPTED</> or
+        <literal>UNENCRYPTED</>, this parameter determines whether the
+        password is to be encrypted. The default is <literal>on</>
+        (encrypt the password).
        </para>
-       
       </listitem>
      </varlistentry>
 
diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c
@@ -44,7 +44,7 @@ Oid			binary_upgrade_next_pg_authid_oid = InvalidOid;
 
 
 /* GUC parameter */
-int			Password_encryption = PASSWORD_TYPE_MD5;
+extern bool Password_encryption;
 
 /* Hook to check passwords in CreateRole() and AlterRole() */
 check_password_hook_type check_password_hook = NULL;
@@ -55,8 +55,6 @@ static void AddRoleMems(const char *rolename, Oid roleid,
 static void DelRoleMems(const char *rolename, Oid roleid,
 			List *memberSpecs, List *memberIds,
 			bool admin_opt);
-static char *encrypt_password(char *passwd, char *rolname,
-			int passwd_type);
 
 
 /* Check if current user has createrole privileges */
@@ -66,48 +64,6 @@ have_createrole_privilege(void)
 	return has_createrole_privilege(GetUserId());
 }
 
-/*
- * Encrypt a password if necessary for insertion in pg_authid.
- *
- * If a password is found as already MD5-encrypted, no error is raised
- * to ease the dump and reload of such data. Returns a palloc'ed string
- * holding the encrypted password.
- */
-static char *
-encrypt_password(char *password, char *rolname, int passwd_type)
-{
-	char *res;
-
-	Assert(password != NULL);
-
-	/*
-	 * If a password is already identified as MD5-encrypted, it is used
-	 * as such.  If the password given is not encrypted, adapt it depending
-	 * on the type wanted by the caller of this routine.
-	 */
-	if (isMD5(password))
-		res = pstrdup(password);
-	else
-	{
-		switch (passwd_type)
-		{
-			case PASSWORD_TYPE_PLAINTEXT:
-				res = pstrdup(password);
-				break;
-			case PASSWORD_TYPE_MD5:
-				res = (char *) palloc(MD5_PASSWD_LEN + 1);
-				if (!pg_md5_encrypt(password, rolname,
-									strlen(rolname),
-									res))
-					elog(ERROR, "password encryption failed");
-				break;
-			default:
-				Assert(0);	/* should not come here */
-		}
-	}
-
-	return res;
-}
 
 /*
  * CREATE ROLE
@@ -124,8 +80,8 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
 	ListCell   *item;
 	ListCell   *option;
 	char	   *password = NULL;	/* user password */
-	int			password_type = Password_encryption; /* encrypt password? */
-	char	   *encrypted_passwd;
+	bool		encrypt_password = Password_encryption; /* encrypt password? */
+	char		encrypted_password[MD5_PASSWD_LEN + 1];
 	bool		issuper = false;	/* Make the user a superuser? */
 	bool		inherit = true; /* Auto inherit privileges? */
 	bool		createrole = false;		/* Can this user create roles? */
@@ -184,9 +140,9 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
 						 parser_errposition(pstate, defel->location)));
 			dpassword = defel;
 			if (strcmp(defel->defname, "encryptedPassword") == 0)
-				password_type = PASSWORD_TYPE_MD5;
+				encrypt_password = true;
 			else if (strcmp(defel->defname, "unencryptedPassword") == 0)
-				password_type = PASSWORD_TYPE_PLAINTEXT;
+				encrypt_password = false;
 		}
 		else if (strcmp(defel->defname, "sysid") == 0)
 		{
@@ -437,13 +393,17 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
 
 	if (password)
 	{
-		encrypted_passwd = encrypt_password(password,
-											stmt->role,
-											password_type);
-
-		new_record[Anum_pg_authid_rolpassword - 1] =
-			CStringGetTextDatum(encrypted_passwd);
-		pfree(encrypted_passwd);
+		if (!encrypt_password || isMD5(password))
+			new_record[Anum_pg_authid_rolpassword - 1] =
+				CStringGetTextDatum(password);
+		else
+		{
+			if (!pg_md5_encrypt(password, stmt->role, strlen(stmt->role),
+								encrypted_password))
+				elog(ERROR, "password encryption failed");
+			new_record[Anum_pg_authid_rolpassword - 1] =
+				CStringGetTextDatum(encrypted_password);
+		}
 	}
 	else
 		new_record_nulls[Anum_pg_authid_rolpassword - 1] = true;
@@ -545,8 +505,8 @@ AlterRole(AlterRoleStmt *stmt)
 	ListCell   *option;
 	char	   *rolename = NULL;
 	char	   *password = NULL;	/* user password */
-	int			password_type = Password_encryption; /* encrypt password? */
-	char	   *encrypted_passwd;
+	bool		encrypt_password = Password_encryption; /* encrypt password? */
+	char		encrypted_password[MD5_PASSWD_LEN + 1];
 	int			issuper = -1;	/* Make the user a superuser? */
 	int			inherit = -1;	/* Auto inherit privileges? */
 	int			createrole = -1;	/* Can this user create roles? */
@@ -590,9 +550,9 @@ AlterRole(AlterRoleStmt *stmt)
 						 errmsg("conflicting or redundant options")));
 			dpassword = defel;
 			if (strcmp(defel->defname, "encryptedPassword") == 0)
-				password_type = PASSWORD_TYPE_MD5;
+				encrypt_password = true;
 			else if (strcmp(defel->defname, "unencryptedPassword") == 0)
-				password_type = PASSWORD_TYPE_PLAINTEXT;
+				encrypt_password = false;
 		}
 		else if (strcmp(defel->defname, "superuser") == 0)
 		{
@@ -844,14 +804,18 @@ AlterRole(AlterRoleStmt *stmt)
 	/* password */
 	if (password)
 	{
-		encrypted_passwd = encrypt_password(password,
-											rolename,
-											password_type);
-
-		new_record[Anum_pg_authid_rolpassword - 1] =
-			CStringGetTextDatum(encrypted_passwd);
+		if (!encrypt_password || isMD5(password))
+			new_record[Anum_pg_authid_rolpassword - 1] =
+				CStringGetTextDatum(password);
+		else
+		{
+			if (!pg_md5_encrypt(password, rolename, strlen(rolename),
+								encrypted_password))
+				elog(ERROR, "password encryption failed");
+			new_record[Anum_pg_authid_rolpassword - 1] =
+				CStringGetTextDatum(encrypted_password);
+		}
 		new_record_repl[Anum_pg_authid_rolpassword - 1] = true;
-		pfree(encrypted_passwd);
 	}
 
 	/* unset password */
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
@@ -35,7 +35,6 @@
 #include "catalog/namespace.h"
 #include "commands/async.h"
 #include "commands/prepare.h"
-#include "commands/user.h"
 #include "commands/vacuum.h"
 #include "commands/variable.h"
 #include "commands/trigger.h"
@@ -396,24 +395,6 @@ static const struct config_enum_entry force_parallel_mode_options[] = {
 	{NULL, 0, false}
 };
 
-/*
- * password_encryption used to be a boolean, so accept all the likely
- * variants of "on" and "off", too.
- */
-static const struct config_enum_entry password_encryption_options[] = {
-	{"plain", PASSWORD_TYPE_PLAINTEXT, false},
-	{"md5", PASSWORD_TYPE_MD5, false},
-	{"off", PASSWORD_TYPE_PLAINTEXT, false},
-	{"on", PASSWORD_TYPE_MD5, false},
-	{"true", PASSWORD_TYPE_MD5, true},
-	{"false", PASSWORD_TYPE_PLAINTEXT, true},
-	{"yes", PASSWORD_TYPE_MD5, true},
-	{"no", PASSWORD_TYPE_PLAINTEXT, true},
-	{"1", PASSWORD_TYPE_MD5, true},
-	{"0", PASSWORD_TYPE_PLAINTEXT, true},
-	{NULL, 0, false}
-};
-
 /*
  * Options for enum values stored in other modules
  */
@@ -444,6 +425,8 @@ bool		check_function_bodies = true;
 bool		default_with_oids = false;
 bool		SQL_inheritance = true;
 
+bool		Password_encryption = true;
+
 int			log_min_error_statement = ERROR;
 int			log_min_messages = WARNING;
 int			client_min_messages = NOTICE;
@@ -1342,6 +1325,17 @@ static struct config_bool ConfigureNamesBool[] =
 		true,
 		NULL, NULL, NULL
 	},
+	{
+		{"password_encryption", PGC_USERSET, CONN_AUTH_SECURITY,
+			gettext_noop("Encrypt passwords."),
+			gettext_noop("When a password is specified in CREATE USER or "
+			   "ALTER USER without writing either ENCRYPTED or UNENCRYPTED, "
+						 "this parameter determines whether the password is to be encrypted.")
+		},
+		&Password_encryption,
+		true,
+		NULL, NULL, NULL
+	},
 	{
 		{"transform_null_equals", PGC_USERSET, COMPAT_OPTIONS_CLIENT,
 			gettext_noop("Treats \"expr=NULL\" as \"expr IS NULL\"."),
@@ -3913,18 +3907,6 @@ static struct config_enum ConfigureNamesEnum[] =
 		NULL, NULL, NULL
 	},
 
-	{
-		{"password_encryption", PGC_USERSET, CONN_AUTH_SECURITY,
-			gettext_noop("Encrypt passwords."),
-			gettext_noop("When a password is specified in CREATE USER or "
-			   "ALTER USER without writing either ENCRYPTED or UNENCRYPTED, "
-						 "this parameter determines whether the password is to be encrypted.")
-		},
-		&Password_encryption,
-		PASSWORD_TYPE_MD5, password_encryption_options,
-		NULL, NULL, NULL
-	},
-
 	/* End-of-list marker */
 	{
 		{NULL, 0, 0, NULL, NULL}, NULL, 0, NULL, NULL, NULL, NULL
diff --git a/src/backend/utils/misc/postgresql.conf.sample b/src/backend/utils/misc/postgresql.conf.sample
@@ -85,7 +85,7 @@ listen_addresses = '*'		# what IP address(es) to listen on;
 #ssl_key_file = 'server.key'		# (change requires restart)
 #ssl_ca_file = ''			# (change requires restart)
 #ssl_crl_file = ''			# (change requires restart)
-#password_encryption = md5		# md5 or plain
+#password_encryption = on
 #db_user_namespace = off
 #row_security = on
 
diff --git a/src/include/commands/user.h b/src/include/commands/user.h
@@ -16,19 +16,10 @@
 #include "parser/parse_node.h"
 
 
-/*
- * Types of password, for Password_encryption GUC and the password_type
- * argument of the check-password hook.
- */
-typedef enum PasswordType
-{
-	PASSWORD_TYPE_PLAINTEXT = 0,
-	PASSWORD_TYPE_MD5
-} PasswordType;
- 
-extern int	Password_encryption;	/* GUC */
-
 /* Hook to check passwords in CreateRole() and AlterRole() */
+#define PASSWORD_TYPE_PLAINTEXT		0
+#define PASSWORD_TYPE_MD5			1
+
 typedef void (*check_password_hook_type) (const char *username, const char *password, int password_type, Datum validuntil_time, bool validuntil_null);
 
 extern PGDLLIMPORT check_password_hook_type check_password_hook;
