postgrespro
diff --git a/‎contrib/file_fdw/file_fdw.c
Lines changed: 9 additions & 7 deletions b/‎contrib/file_fdw/file_fdw.c
Lines changed: 9 additions & 7 deletions
diff --git a/‎contrib/passwordcheck/passwordcheck.c
Lines changed: 16 additions & 3 deletions b/‎contrib/passwordcheck/passwordcheck.c
Lines changed: 16 additions & 3 deletions
diff --git a/‎contrib/pgcrypto/.gitignore
Lines changed: 4 additions & 0 deletions b/‎contrib/pgcrypto/.gitignore
Lines changed: 4 additions & 0 deletions
diff --git a/‎contrib/pgcrypto/Makefile
Lines changed: 7 additions & 3 deletions b/‎contrib/pgcrypto/Makefile
Lines changed: 7 additions & 3 deletions
diff --git a/‎contrib/pgcrypto/fortuna.c
Lines changed: 6 additions & 6 deletions b/‎contrib/pgcrypto/fortuna.c
Lines changed: 6 additions & 6 deletions
@@ -293,7 +293,7 @@ file_fdw_validator(PG_FUNCTION_ARGS)
 	/*
 	 * Now apply the core COPY code's validation logic for more checks.
 	 */
-	ProcessCopyOptions(NULL, true, other_options);
+	ProcessCopyOptions(NULL, NULL, true, other_options);
 
 	/*
 	 * Filename option is required for file_fdw foreign tables.
@@ -455,10 +455,10 @@ get_file_fdw_attribute_options(Oid relid)
 	 * force_null options set
 	 */
 	if (fnncolumns != NIL)
-		options = lappend(options, makeDefElem("force_not_null", (Node *) fnncolumns));
+		options = lappend(options, makeDefElem("force_not_null", (Node *) fnncolumns, -1));
 
 	if (fncolumns != NIL)
-		options = lappend(options, makeDefElem("force_null", (Node *) fncolumns));
+		options = lappend(options, makeDefElem("force_null", (Node *) fncolumns, -1));
 
 	return options;
 }
@@ -511,7 +511,7 @@ fileGetForeignPaths(PlannerInfo *root,
 										  foreigntableid,
 										  &columns))
 		coptions = list_make1(makeDefElem("convert_selectively",
-										  (Node *) columns));
+										  (Node *) columns, -1));
 
 	/* Estimate costs */
 	estimate_costs(root, baserel, fdw_private,
@@ -632,7 +632,8 @@ fileBeginForeignScan(ForeignScanState *node, int eflags)
 	 * Create CopyState from FDW options.  We always acquire all columns, so
 	 * as to match the expected ScanTupleSlot signature.
 	 */
-	cstate = BeginCopyFrom(node->ss.ss_currentRelation,
+	cstate = BeginCopyFrom(NULL,
+						   node->ss.ss_currentRelation,
 						   filename,
 						   false,
 						   NIL,
@@ -705,7 +706,8 @@ fileReScanForeignScan(ForeignScanState *node)
 
 	EndCopyFrom(festate->cstate);
 
-	festate->cstate = BeginCopyFrom(node->ss.ss_currentRelation,
+	festate->cstate = BeginCopyFrom(NULL,
+									node->ss.ss_currentRelation,
 									festate->filename,
 									false,
 									NIL,
@@ -1053,7 +1055,7 @@ file_acquire_sample_rows(Relation onerel, int elevel,
 	/*
 	 * Create CopyState from FDW options.
 	 */
-	cstate = BeginCopyFrom(onerel, filename, false, NIL, options);
+	cstate = BeginCopyFrom(NULL, onerel, filename, false, NIL, options);
 
 	/*
 	 * Use per-tuple memory context to prevent leak of memory used to read
 
@@ -21,6 +21,7 @@
 #endif
 
 #include "commands/user.h"
+#include "libpq/scram.h"
 #include "fmgr.h"
 #include "libpq/md5.h"
 
@@ -57,14 +58,15 @@ check_password(const char *username,
 {
 	int			namelen = strlen(username);
 	int			pwdlen = strlen(password);
-	char		encrypted[MD5_PASSWD_LEN + 1];
+	char	   *encrypted;
 	int			i;
 	bool		pwd_has_letter,
 				pwd_has_nonletter;
 
 	switch (password_type)
 	{
 		case PASSWORD_TYPE_MD5:
+		case PASSWORD_TYPE_SCRAM:
 
 			/*
 			 * Unfortunately we cannot perform exhaustive checks on encrypted
@@ -74,12 +76,23 @@ check_password(const char *username,
 			 *
 			 * We only check for username = password.
 			 */
-			if (!pg_md5_encrypt(username, username, namelen, encrypted))
-				elog(ERROR, "password encryption failed");
+			if (password_type == PASSWORD_TYPE_MD5)
+			{
+				encrypted = palloc(MD5_PASSWD_LEN + 1);
+				if (pg_md5_encrypt(username, username, namelen, encrypted))
+					elog(ERROR, "password encryption failed");
+			}
+			else if (password_type == PASSWORD_TYPE_SCRAM)
+			{
+				encrypted = scram_build_verifier(username, password, 0);
+			}
+			else
+				Assert(0); /* should not happen */
 			if (strcmp(password, encrypted) == 0)
 				ereport(ERROR,
 						(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
 						 errmsg("password must not contain user name")));
+			pfree(encrypted);
 			break;
 
 		case PASSWORD_TYPE_PLAINTEXT:
 
@@ -1,3 +1,7 @@
+# Source file copied from src/common
+/sha.c
+/sha_openssl.c
+
 # Generated subdirectories
 /log/
 /results/
 
@@ -1,10 +1,11 @@
 # contrib/pgcrypto/Makefile
 
-INT_SRCS = md5.c sha1.c sha2.c internal.c internal-sha2.c blf.c rijndael.c \
-		fortuna.c random.c pgp-mpi-internal.c imath.c
+INT_SRCS = md5.c internal.c internal-sha2.c blf.c rijndael.c \
+		fortuna.c random.c pgp-mpi-internal.c imath.c \
+		sha.c
 INT_TESTS = sha2
 
-OSSL_SRCS = openssl.c pgp-mpi-openssl.c
+OSSL_SRCS = openssl.c pgp-mpi-openssl.c sha_openssl.c
 OSSL_TESTS = sha2 des 3des cast5
 
 ZLIB_TST = pgp-compression
@@ -59,6 +60,9 @@ SHLIB_LINK += $(filter -leay32, $(LIBS))
 SHLIB_LINK += -lws2_32
 endif
 
+sha.c sha_openssl.c: % : $(top_srcdir)/src/common/%
+	rm -f $@ && $(LN_S) $< .
+
 rijndael.o: rijndael.tbl
 
 rijndael.tbl:
 
@@ -34,9 +34,9 @@
 #include <sys/time.h>
 #include <time.h>
 
+#include "common/sha.h"
 #include "px.h"
 #include "rijndael.h"
-#include "sha2.h"
 #include "fortuna.h"
 
 
@@ -112,7 +112,7 @@
 #define CIPH_BLOCK		16
 
 /* for internal wrappers */
-#define MD_CTX			SHA256_CTX
+#define MD_CTX			pg_sha256_ctx
 #define CIPH_CTX		rijndael_ctx
 
 struct fortuna_state
@@ -154,22 +154,22 @@ ciph_encrypt(CIPH_CTX * ctx, const uint8 *in, uint8 *out)
 static void
 md_init(MD_CTX * ctx)
 {
-	SHA256_Init(ctx);
+	pg_sha256_init(ctx);
 }
 
 static void
 md_update(MD_CTX * ctx, const uint8 *data, int len)
 {
-	SHA256_Update(ctx, data, len);
+	pg_sha256_update(ctx, data, len);
 }
 
 static void
 md_result(MD_CTX * ctx, uint8 *dst)
 {
-	SHA256_CTX	tmp;
+	pg_sha256_ctx	tmp;
 
 	memcpy(&tmp, ctx, sizeof(*ctx));
-	SHA256_Final(dst, &tmp);
+	pg_sha256_final(&tmp, dst);
 	px_memset(&tmp, 0, sizeof(tmp));
 }