Put MD5 salt at the end for security.

44f18333 · Bruce Momjian · 90aebf7f · 44f18333
Commit 44f18333 authored Sep 27, 2001 by Bruce Momjian
Hide whitespace changes
Inline Side-by-side

Showing with 22 additions and 10 deletions

src/backend/libpq/md5.c src/backend/libpq/md5.c +22 -10

No files found.
--- a/src/backend/libpq/md5.c
+++ b/src/backend/libpq/md5.c
@@ -10,7 +10,7 @@
 *
 *  Sverre H. Huseby <sverrehu@online.no>
 *
- * $Header: /cvsroot/pgsql/src/backend/libpq/md5.c,v 1.6 2001/09/21 20:31:47 tgl Exp $
+ * $Header: /cvsroot/pgsql/src/backend/libpq/md5.c,v 1.7 2001/09/27 23:16:23 momjian Exp $
 */
 #include "postgres.h"
@@ -19,6 +19,14 @@
 #include "libpq/crypt.h"
+#ifdef FRONTEND
+#undef palloc
+#define palloc malloc
+#undef pfree
+#define pfree free
+#endif
 /*
 *	PRIVATE FUNCTIONS
 */
@@ -289,15 +297,19 @@ md5_hash(const void *buff, size_t len, char *hexsum)
 bool EncryptMD5(const char *passwd, const char *salt, size_t salt_len,
 				char *buf)
 {
-	char crypt_buf[128];
+	char *crypt_buf = palloc(strlen(passwd) + salt_len);
+	bool ret;
-	if (salt_len + strlen(passwd) > 127)
-		return false;
 	strcpy(buf, "md5");
-	memset(crypt_buf, 0, 128);
+	/*
-	memcpy(crypt_buf, salt, salt_len);
+	 *	Place salt at the end because it may be known by users
-	memcpy(crypt_buf+salt_len, passwd, strlen(passwd));
+	 *	trying to crack the MD5 output.
+	 */	
+	strcpy(crypt_buf, passwd);
+	memcpy(crypt_buf+strlen(passwd), salt, salt_len);
+	ret = md5_hash(crypt_buf, strlen(passwd) + salt_len, buf + 3);
+	pfree(crypt_buf);
-	return md5_hash(crypt_buf, salt_len + strlen(passwd), buf + 3);
+	return ret;
 }