You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tom Lane
4b09299e47
Apply upstream fix for blowfish signed-character bug (CVE-2011-2483). ...
A password containing a character with the high bit set was misprocessed
on machines where char is signed (which is most). This could cause the
preceding one to three characters to fail to affect the hashed result,
thus weakening the password. The result was also unportable, and failed
to match some other blowfish implementations such as OpenBSD's.
Since the fix changes the output for such passwords, upstream chose
to provide a compatibility hack: password salts beginning with $2x$
(instead of the usual $2a$ for blowfish) are intentionally processed
"wrong" to give the same hash as before. Stored password hashes can
thus be modified if necessary to still match, though it'd be better
to change any affected passwords.
In passing, sync a couple other upstream changes that marginally improve
performance and/or tighten error checking.
Back-patch to all supported branches. Since this issue is already
public, no reason not to commit the fix ASAP.
15 years ago
..
expected
Fix a few contrib regression test scripts that hadn't gotten the word
18 years ago
sql
Fix a few contrib regression test scripts that hadn't gotten the word
18 years ago
.gitignore
Some more gitignore cleanups: cover contrib and PL regression test outputs.
15 years ago
Makefile
Remove references to READMEs from /contrib Makefiles.
18 years ago
blf.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
blf.h
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
crypt-blowfish.c
Apply upstream fix for blowfish signed-character bug (CVE-2011-2483).
15 years ago
crypt-des.c
"Annual" pgcrypto update from Marko Kreen:
20 years ago
crypt-gensalt.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
crypt-md5.c
Remove beer-ware license from crypt-md5.c, per
17 years ago
fortuna.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
fortuna.h
Standard pgindent run for 8.1.
20 years ago
imath.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
imath.h
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
internal-sha2.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
internal.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
mbuf.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
mbuf.h
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
md5.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
md5.h
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
openssl.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgcrypto.c
Simplify and standardize conversions between TEXT datums and ordinary C
18 years ago
pgcrypto.h
Remove pgcrypto functions that were deprecated and slated for removal.
20 years ago
pgcrypto.sql.in
Add CVS version labels to all install/uninstall scripts.
18 years ago
pgp-armor.c
Standard pgindent run for 8.1.
20 years ago
pgp-cfb.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp-compress.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp-decrypt.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp-encrypt.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp-info.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp-mpi-internal.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp-mpi-openssl.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp-mpi.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp-pgsql.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp-pubdec.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp-pubenc.c
If pk is NULL, the backend would segfault when accessing ->algo and the
15 years ago
pgp-pubkey.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp-s2k.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
pgp.h
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
px-crypt.c
Apply upstream fix for blowfish signed-character bug (CVE-2011-2483).
15 years ago
px-crypt.h
"Annual" pgcrypto update from Marko Kreen:
20 years ago
px-hmac.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
px.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
px.h
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
random.c
Add missing 3rd argument to open().
20 years ago
rijndael.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
rijndael.h
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
rijndael.tbl
…
sha1.c
Now that core functionality is depending on autoconf's AC_C_BIGENDIAN to be
19 years ago
sha1.h
make sure the $Id tags are converted to $PostgreSQL as well ...
22 years ago
sha2.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
sha2.h
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
17 years ago
uninstall_pgcrypto.sql
Add CVS version labels to all install/uninstall scripts.
18 years ago
Tom Lane
4b09299e47