From: Dan McGuirk <mcguirk@indirect.com>

[postgresql] / src / backend / libpq / auth.c

diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index 3a42c236e03b1a3bb378ef067359a864dd1fdb8f..333fb6ce7d1d6a65118f46e3c9171d4b2c4162fc 100644 (file)
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -7,7 +7,7 @@
  *
  *
  * IDENTIFICATION
- *    $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.4 1996/10/13 04:49:32 momjian Exp $
+ *    $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.9 1997/03/12 21:17:48 scrappy Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -59,12 +59,18 @@
 #include <pwd.h>
 #include <ctype.h>                     /* isspace() declaration */
 
+#include <sys/types.h>    /* needed by in.h on Ultrix */
 #include <netinet/in.h>
 #include <arpa/inet.h>
+
+#include <postgres.h>
+#include <miscadmin.h>
+
 #include <libpq/auth.h>
 #include <libpq/libpq.h>
 #include <libpq/libpq-be.h>
 #include <libpq/hba.h>
+#include <libpq/password.h>
 
 /*----------------------------------------------------------------
  * common definitions for generic fe/be routines
@@ -108,10 +114,11 @@ static struct authsvc authsvcs[] = {
     { "krb4",     STARTUP_KRB4_MSG, 1 },
     { "krb5",     STARTUP_KRB5_MSG, 1 },
 #if defined(KRB5) 
-    { "kerberos", STARTUP_KRB5_MSG, 1 }
+    { "kerberos", STARTUP_KRB5_MSG, 1 },
 #else
-    { "kerberos", STARTUP_KRB4_MSG, 1 }
+    { "kerberos", STARTUP_KRB4_MSG, 1 },
 #endif
+    { "password", STARTUP_PASSWORD_MSG, 1 }
 };
 
 static n_authsvcs = sizeof(authsvcs) / sizeof(struct authsvc);
@@ -125,7 +132,7 @@ static n_authsvcs = sizeof(authsvcs) / sizeof(struct authsvc);
  *----------------------------------------------------------------
  */
 
-#include "krb.h"
+#include <krb.h>
 
 #ifdef FRONTEND
 /* moves to src/libpq/fe-auth.c  */
@@ -224,7 +231,7 @@ return(STATUS_ERROR);
  *----------------------------------------------------------------
  */
 
-#include "krb5/krb5.h"
+#include <krb5/krb5.h>
 
 /*
  * pg_an_to_ln -- return the local name corresponding to an authentication
@@ -398,6 +405,26 @@ return(STATUS_ERROR);
 }
 #endif /* KRB5 */
 
+static int
+pg_password_recvauth(Port *port, char *database, char *DataDir)
+{
+    PacketBuf buf;
+    char *user, *password;
+
+    if(PacketReceive(port, &buf, BLOCKING) != STATUS_OK) {
+       sprintf(PQerrormsg,
+               "pg_password_recvauth: failed to receive authentication packet.\n");
+       fputs(PQerrormsg, stderr);
+       pqdebug("%s", PQerrormsg);
+       return STATUS_ERROR;
+    }
+
+    user = buf.data;
+    password = buf.data + strlen(user) + 1;
+
+    return verify_password(user, password, port, database, DataDir);
+}
+
 /*
  * be_recvauth -- server demux routine for incoming authentication information
  */
@@ -413,8 +440,8 @@ be_recvauth(MsgType msgtype_arg, Port *port, char *username, StartupInfo* sp)
        */
     if (msgtype_arg == STARTUP_MSG && useHostBasedAuth)
         msgtype = STARTUP_HBA_MSG;
-    else 
-        msgtype = STARTUP_UNAUTH_MSG;
+    else
+        msgtype = msgtype_arg;
 
     if (!username) {
         (void) sprintf(PQerrormsg,
@@ -485,6 +512,21 @@ be_recvauth(MsgType msgtype_arg, Port *port, char *username, StartupInfo* sp)
             return(STATUS_ERROR);
           }
         break;
+    case STARTUP_PASSWORD_MSG:
+        if(!be_getauthsvc(msgtype)) {
+           sprintf(PQerrormsg, 
+                   "be_recvauth: "
+                   "plaintext password authentication disallowed\n");
+            fputs(PQerrormsg, stderr);
+            pqdebug("%s", PQerrormsg);
+            return(STATUS_ERROR);
+       }
+       if(pg_password_recvauth(port, sp->database, DataDir) != STATUS_OK) {
+           /* pg_password_recvauth or lower-level routines have already set */
+           /* the error message                                             */
+            return(STATUS_ERROR);
+       }
+       break;
     default:
         (void) sprintf(PQerrormsg,
                        "be_recvauth: unrecognized message type: %d\n",