git.postgresql.org Git - postgresql.git/commitdiff

git projects / postgresql.git / commitdiff

Add CHECK_FOR_INTERRUPTS() in scram_SaltedPassword() for the backend

author Michael Paquier <michael@paquier.xyz>

2023年11月27日 23:35:50 +0000 (08:35 +0900)

committer Michael Paquier <michael@paquier.xyz>

2023年11月27日 23:35:50 +0000 (08:35 +0900)

scram_SaltedPassword() could take a long time to compute when the number
of iterations used is large enough, and this code uses a tight loop to
compute a salted password.

Note that the same issue exists in libpq when using \password and a
large iteration number, but this cannot be interrupted. A CFI in the
backend is useful for server-side computations, at least.

Backpatch down to 16, where the user-settable GUC scram_iterations has
been added.

Author: Bowen Shi
Reviewed-by: Aleksander Alekseev, Daniel Gustafsson
Discussion: https://postgr.es/m/CAM_vCueV6xfr08KczfaCEk5J_qeTZtgqN7+orkNLx=g+phE82Q@mail.gmail.com
Backpatch-through: 16

src/common/scram-common.c patch | blob | blame | history

diff --git a/src/common/scram-common.c b/src/common/scram-common.c

index ef997ef6849206f20c9eeb3ec028a17e731e0335..6448564a08c4138fd5c2add2fb27ff09c820ebbb 100644 (file)

--- a/src/common/scram-common.c

+++ b/src/common/scram-common.c

@@ -22,6 +22,9 @@

#include "common/base64.h"

#include "common/hmac.h"

#include "common/scram-common.h"

+#ifndef FRONTEND

+#include "miscadmin.h"

+#endif