* The password looked like a SCRAM verifier, but could not be
* parsed.
*/
- elog(LOG, "invalid SCRAM verifier for user \"%s\"", username);
+ ereport(LOG,
+ (errmsg("invalid SCRAM verifier for user \"%s\"", username)));
got_verifier = false;
}
}
if (inputlen == 0)
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- (errmsg("malformed SCRAM message (empty message)"))));
+ errmsg("malformed SCRAM message"),
+ errdetail("The message is empty.")));
if (inputlen != strlen(input))
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- (errmsg("malformed SCRAM message (length mismatch)"))));
+ errmsg("malformed SCRAM message"),
+ errdetail("Message length does not match input length.")));
switch (state->state)
{
if (!verify_final_nonce(state))
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- (errmsg("invalid SCRAM response (nonce mismatch)"))));
+ errmsg("invalid SCRAM response"),
+ errdetail("Nonce does not match.")));
/*
* Now check the final nonce and the client proof.
/* Generate random salt */
if (!pg_backend_random(saltbuf, SCRAM_DEFAULT_SALT_LEN))
- {
- ereport(LOG,
+ ereport(ERROR,
(errcode(ERRCODE_INTERNAL_ERROR),
errmsg("could not generate random salt")));
- if (prep_password)
- pfree(prep_password);
- return NULL;
- }
result = scram_build_verifier(saltbuf, SCRAM_DEFAULT_SALT_LEN,
SCRAM_DEFAULT_ITERATIONS, password);
/*
* The password looked like a SCRAM verifier, but could not be parsed.
*/
- elog(LOG, "invalid SCRAM verifier for user \"%s\"", username);
+ ereport(LOG,
+ (errmsg("invalid SCRAM verifier for user \"%s\"", username)));
return false;
}
saltlen = pg_b64_decode(encoded_salt, strlen(encoded_salt), salt);
if (saltlen == -1)
{
- elog(LOG, "invalid SCRAM verifier for user \"%s\"", username);
+ ereport(LOG,
+ (errmsg("invalid SCRAM verifier for user \"%s\"", username)));
return false;
}
if (*begin != attr)
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- (errmsg("malformed SCRAM message (attribute '%c' expected, %s found)",
- attr, sanitize_char(*begin)))));
+ errmsg("malformed SCRAM message"),
+ errdetail("Expected attribute '%c' but found %s.",
+ attr, sanitize_char(*begin))));
begin++;
if (*begin != '=')
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- (errmsg("malformed SCRAM message (expected = in attr %c)", attr))));
+ errmsg("malformed SCRAM message"),
+ errdetail("Expected character = for attribute %c.", attr)));
begin++;
end = begin;
(attr >= 'a' && attr <= 'z')))
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- (errmsg("malformed SCRAM message (attribute expected, invalid char %s found)",
- sanitize_char(attr)))));
+ errmsg("malformed SCRAM message"),
+ errdetail("Attribute expected, but found invalid character %s.",
+ sanitize_char(attr))));
if (attr_p)
*attr_p = attr;
begin++;
if (*begin != '=')
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- (errmsg("malformed SCRAM message (expected = in attr %c)", attr))));
+ errmsg("malformed SCRAM message"),
+ errdetail("Expected character = for attribute %c.", attr)));
begin++;
end = begin;
default:
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- (errmsg("malformed SCRAM message (unexpected channel-binding flag %s)",
- sanitize_char(*input)))));
+ errmsg("malformed SCRAM message"),
+ errdetail("Unexpected channel-binding flag %s.",
+ sanitize_char(*input))));
}
if (*input != ',')
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- errmsg("malformed SCRAM message (comma expected, got %s)",
- sanitize_char(*input))));
+ errmsg("malformed SCRAM message"),
+ errdetail("Comma expected, but found character %s.",
+ sanitize_char(*input))));
input++;
/*
if (*input != ',')
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- errmsg("malformed SCRAM message (unexpected attribute %s in client-first-message)",
- sanitize_char(*input))));
+ errmsg("malformed SCRAM message"),
+ errdetail("Unexpected attribute %s in client-first-message.",
+ sanitize_char(*input))));
input++;
state->client_first_message_bare = pstrdup(input);
if (*input == 'm')
ereport(ERROR,
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
- errmsg("client requires mandatory SCRAM extension")));
+ errmsg("client requires an unsupported SCRAM extension")));
/*
* Read username. Note: this is ignored. We use the username from the
int encoded_len;
if (!pg_backend_random(raw_nonce, SCRAM_RAW_NONCE_LEN))
- ereport(COMMERROR,
+ ereport(ERROR,
(errcode(ERRCODE_INTERNAL_ERROR),
errmsg("could not generate random nonce")));
if (pg_b64_decode(value, strlen(value), client_proof) != SCRAM_KEY_LEN)
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- (errmsg("malformed SCRAM message (malformed proof in client-final-message"))));
+ errmsg("malformed SCRAM message"),
+ errdetail("Malformed proof in client-final-message.")));
memcpy(state->ClientProof, client_proof, SCRAM_KEY_LEN);
pfree(client_proof);
if (*p != '\0')
ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
- (errmsg("malformed SCRAM message (garbage at end of client-final-message)"))));
+ errmsg("malformed SCRAM message"),
+ errdetail("Garbage found at the end of client-final-message.")));
state->client_final_message_without_proof = palloc(proof - begin + 1);
memcpy(state->client_final_message_without_proof, input, proof - begin);
* log.
*/
if (mtype != EOF)
- ereport(COMMERROR,
+ ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
errmsg("expected password response, got message type %d",
mtype)));
* StringInfo is guaranteed to have an appended '\0'.
*/
if (strlen(buf.data) + 1 != buf.len)
- ereport(COMMERROR,
+ ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
errmsg("invalid password packet size")));
/* Only log error if client didn't disconnect. */
if (mtype != EOF)
{
- ereport(COMMERROR,
+ ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
errmsg("expected SASL response, got message type %d",
mtype)));
- return STATUS_ERROR;
}
else
return STATUS_EOF;
selected_mech = pq_getmsgrawstring(&buf);
if (strcmp(selected_mech, SCRAM_SHA256_NAME) != 0)
{
- ereport(COMMERROR,
+ ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
errmsg("client selected an invalid SASL authentication mechanism")));
- pfree(buf.data);
- return STATUS_ERROR;
}
inputlen = pq_getmsgint(&buf, 4);
{
/* Only log error if client didn't disconnect. */
if (mtype != EOF)
- ereport(COMMERROR,
+ ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
errmsg("expected GSS response, got message type %d",
mtype)));
{
/* Only log error if client didn't disconnect. */
if (mtype != EOF)
- ereport(COMMERROR,
+ ereport(ERROR,
(errcode(ERRCODE_PROTOCOL_VIOLATION),
errmsg("expected SSPI response, got message type %d",
mtype)));
projects / postgresql / commitdiff