@@ -55,8 +55,6 @@ static void AddRoleMems(const char *rolename, Oid roleid,
5555static void DelRoleMems (const char * rolename , Oid roleid ,
5656 List * memberSpecs , List * memberIds ,
5757 bool admin_opt );
58- static char * encrypt_password (char * passwd , char * rolname ,
59- int passwd_type );
6058
6159
6260/* Check if current user has createrole privileges */
@@ -66,48 +64,6 @@ have_createrole_privilege(void)
6664 return has_createrole_privilege (GetUserId ());
6765}
6866
69- /*
70- * Encrypt a password if necessary for insertion in pg_authid.
71- *
72- * If a password is found as already MD5-encrypted, no error is raised
73- * to ease the dump and reload of such data. Returns a palloc'ed string
74- * holding the encrypted password.
75- */
76- static char *
77- encrypt_password (char * password , char * rolname , int passwd_type )
78- {
79- char * res ;
80-
81- Assert (password != NULL );
82-
83- /*
84- * If a password is already identified as MD5-encrypted, it is used
85- * as such. If the password given is not encrypted, adapt it depending
86- * on the type wanted by the caller of this routine.
87- */
88- if (isMD5 (password ))
89- res = pstrdup (password );
90- else
91- {
92- switch (passwd_type )
93- {
94- case PASSWORD_TYPE_PLAINTEXT :
95- res = pstrdup (password );
96- break ;
97- case PASSWORD_TYPE_MD5 :
98- res = (char * ) palloc (MD5_PASSWD_LEN + 1 );
99- if (!pg_md5_encrypt (password , rolname ,
100- strlen (rolname ),
101- res ))
102- elog (ERROR , "password encryption failed" );
103- break ;
104- default :
105- Assert (0 ); /* should not come here */
106- }
107- }
108-
109- return res ;
110- }
11167
11268/*
11369 * CREATE ROLE
@@ -125,7 +81,7 @@ CreateRole(CreateRoleStmt *stmt)
12581 ListCell * option ;
12682 char * password = NULL ; /* user password */
12783 int password_type = Password_encryption ;
128- char * encrypted_passwd ;
84+ char encrypted_password [ MD5_PASSWD_LEN + 1 ] ;
12985 bool issuper = false; /* Make the user a superuser? */
13086 bool inherit = true; /* Auto inherit privileges? */
13187 bool createrole = false; /* Can this user create roles? */
@@ -424,13 +380,17 @@ CreateRole(CreateRoleStmt *stmt)
424380
425381 if (password )
426382 {
427- encrypted_passwd = encrypt_password (password ,
428- stmt -> role ,
429- password_type );
430-
431- new_record [Anum_pg_authid_rolpassword - 1 ] =
432- CStringGetTextDatum (encrypted_passwd );
433- pfree (encrypted_passwd );
383+ if (password_type == PASSWORD_TYPE_PLAINTEXT || isMD5 (password ))
384+ new_record [Anum_pg_authid_rolpassword - 1 ] =
385+ CStringGetTextDatum (password );
386+ else
387+ {
388+ if (!pg_md5_encrypt (password , stmt -> role , strlen (stmt -> role ),
389+ encrypted_password ))
390+ elog (ERROR , "password encryption failed" );
391+ new_record [Anum_pg_authid_rolpassword - 1 ] =
392+ CStringGetTextDatum (encrypted_password );
393+ }
434394 }
435395 else
436396 new_record_nulls [Anum_pg_authid_rolpassword - 1 ] = true;
@@ -533,7 +493,7 @@ AlterRole(AlterRoleStmt *stmt)
533493 char * rolename = NULL ;
534494 char * password = NULL ; /* user password */
535495 int password_type = Password_encryption ;
536- char * encrypted_passwd ;
496+ char encrypted_password [ MD5_PASSWD_LEN + 1 ] ;
537497 int issuper = -1 ; /* Make the user a superuser? */
538498 int inherit = -1 ; /* Auto inherit privileges? */
539499 int createrole = -1 ; /* Can this user create roles? */
@@ -831,14 +791,18 @@ AlterRole(AlterRoleStmt *stmt)
831791 /* password */
832792 if (password )
833793 {
834- encrypted_passwd = encrypt_password (password ,
835- rolename ,
836- password_type );
837-
838- new_record [Anum_pg_authid_rolpassword - 1 ] =
839- CStringGetTextDatum (encrypted_passwd );
794+ if (password_type == PASSWORD_TYPE_PLAINTEXT || isMD5 (password ))
795+ new_record [Anum_pg_authid_rolpassword - 1 ] =
796+ CStringGetTextDatum (password );
797+ else
798+ {
799+ if (!pg_md5_encrypt (password , rolename , strlen (rolename ),
800+ encrypted_password ))
801+ elog (ERROR , "password encryption failed" );
802+ new_record [Anum_pg_authid_rolpassword - 1 ] =
803+ CStringGetTextDatum (encrypted_password );
804+ }
840805 new_record_repl [Anum_pg_authid_rolpassword - 1 ] = true;
841- pfree (encrypted_passwd );
842806 }
843807
844808 /* unset password */
0 commit comments