From aca990eba76fa74b102c7d7305a94e2aa83bf233 Mon Sep 17 00:00:00 2001
From: Marko Kreen <markokr@gmail.com>
Date: Sat, 22 Nov 2008 09:41:32 +0000
Subject: [PATCH] Make crypt authentication optional.

It was removed from PostgreSQL 8.4 sources.
---
 configure.ac     | 3 ++-
 include/system.h | 3 +++
 src/client.c     | 2 +-
 src/main.c       | 2 ++
 src/proto.c      | 4 ++++
 5 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 901bd88..5152372 100644
--- a/configure.ac
+++ b/configure.ac
@@ -108,11 +108,12 @@ m4_ifdef([AC_TYPE_UINT8_T], [
 
 dnl Checks for library functions.
 AC_CHECK_FUNCS(strlcpy strlcat getpeereid getpeerucred basename)
-AC_SEARCH_LIBS(crypt, crypt, [], AC_MSG_ERROR([crypt not found]))
+AC_SEARCH_LIBS(crypt, crypt)
 AC_SEARCH_LIBS(clock_gettime, rt)
 AC_SEARCH_LIBS(getsockname, socket)
 AC_SEARCH_LIBS(gethostbyname, nsl)
 AC_SEARCH_LIBS(hstrerror, resolv)
+AC_CHECK_FUNCS(crypt)
 
 dnl Find libevent
 AC_MSG_CHECKING([for libevent])
diff --git a/include/system.h b/include/system.h
index a106f17..24c75a9 100644
--- a/include/system.h
+++ b/include/system.h
@@ -164,6 +164,9 @@ int getpeereid(int fd, uid_t *uid_p, gid_t *gid_p) _MUSTCHECK;
 #ifndef HAVE_BASENAME
 const char *basename(const char *path);
 #endif
+#ifndef HAVE_CRYPT
+#define crypt(p,s) (NULL)
+#endif
 
 void change_user(const char *user);
 
diff --git a/src/client.c b/src/client.c
index 583bdee..809d963 100644
--- a/src/client.c
+++ b/src/client.c
@@ -37,7 +37,7 @@ static bool check_client_passwd(PgSocket *client, const char *passwd)
 		return strcmp(user->passwd, passwd) == 0;
 	case AUTH_CRYPT:
 		correct = crypt(user->passwd, (char *)client->tmp_login_salt);
-		return strcmp(correct, passwd) == 0;
+		return correct && strcmp(correct, passwd) == 0;
 	case AUTH_MD5:
 		if (strlen(passwd) != MD5_PASSWD_LEN)
 			return false;
diff --git a/src/main.c b/src/main.c
index 152f071..7e31b3b 100644
--- a/src/main.c
+++ b/src/main.c
@@ -232,8 +232,10 @@ static bool set_auth(ConfElem *elem, const char *val, PgSocket *console)
 		cf_auth_type = AUTH_TRUST;
 	else if (strcasecmp(val, "plain") == 0)
 		cf_auth_type = AUTH_PLAIN;
+#ifdef HAVE_CRYPT
 	else if (strcasecmp(val, "crypt") == 0)
 		cf_auth_type = AUTH_CRYPT;
+#endif
 	else if (strcasecmp(val, "md5") == 0)
 		cf_auth_type = AUTH_MD5;
 	else {
diff --git a/src/proto.c b/src/proto.c
index cb3f646..2fbca8f 100644
--- a/src/proto.c
+++ b/src/proto.c
@@ -243,6 +243,10 @@ static bool login_crypt_psw(PgSocket *server, const uint8_t *salt)
 	memcpy(saltbuf, salt, 2);
 	saltbuf[2] = 0;
 	enc = crypt(user->passwd, saltbuf);
+	if (!enc) {
+		slog_warning(server, "crypt failed");
+		return false;
+	}
 	return send_password(server, enc);
 }
 
-- 
2.40.0