gurjeet
diff --git a/‎src/backend/commands/user.c
Lines changed: 14 additions & 7 deletions b/‎src/backend/commands/user.c
Lines changed: 14 additions & 7 deletions
diff --git a/‎src/backend/commands/variable.c
Lines changed: 12 additions & 15 deletions b/‎src/backend/commands/variable.c
Lines changed: 12 additions & 15 deletions
diff --git a/‎src/backend/libpq/auth-sasl.c
Lines changed: 2 additions & 2 deletions b/‎src/backend/libpq/auth-sasl.c
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/backend/libpq/auth-scram.c
Lines changed: 23 additions & 9 deletions b/‎src/backend/libpq/auth-scram.c
Lines changed: 23 additions & 9 deletions
diff --git a/‎src/backend/libpq/auth.c
Lines changed: 15 additions & 14 deletions b/‎src/backend/libpq/auth.c
Lines changed: 15 additions & 14 deletions
diff --git a/‎src/backend/libpq/crypt.c
Lines changed: 7 additions & 3 deletions b/‎src/backend/libpq/crypt.c
Lines changed: 7 additions & 3 deletions
diff --git a/‎src/backend/utils/cache/relcache.c
Lines changed: 4 additions & 4 deletions b/‎src/backend/utils/cache/relcache.c
Lines changed: 4 additions & 4 deletions
@@ -158,11 +158,13 @@ validate_and_get_salt(char *rolename, char **salt, const char **logdetail)
 		*salt = NULL; /* No existing passwords, allow one to be generated */
 		return true;
 	}
-	for (i = 0; i < num; i++) {
+	for (i = 0; i < num; i++)
+	{
 		passtype = get_password_type(current_secrets[i]);
 		if (passtype == PASSWORD_TYPE_MD5 || passtype == PASSWORD_TYPE_PLAINTEXT)
 			continue; /* md5 uses rolename as salt so it is always the same and plaintext has no salt */
-		else if (passtype == PASSWORD_TYPE_SCRAM_SHA_256) {
+		else if (passtype == PASSWORD_TYPE_SCRAM_SHA_256)
+		{
 				int			iterations;
 				int			key_length = 0;
 				pg_cryptohash_type hash_type;
@@ -172,8 +174,10 @@ validate_and_get_salt(char *rolename, char **salt, const char **logdetail)
 				parse_scram_secret(current_secrets[i], &iterations, &hash_type, &key_length,
 									&salt1, stored_key, server_key);
 
-				if (salt2 != NULL) {
-					if (strcmp(salt1, salt2)) {
+				if (salt2 != NULL)
+				{
+					if (strcmp(salt1, salt2))
+					{
 						*logdetail = psprintf(_("inconsistent salts, clearing password"));
 						*salt = NULL;
 						return false;
@@ -1074,7 +1078,8 @@ AlterRole(ParseState *pstate, AlterRoleStmt *stmt)
 	 */
 
 	passExpiresIn_datum = expires_in_datum(dpassExpiresIn);
-	if (passExpiresIn_datum != PointerGetDatum(NULL)) {
+	if (passExpiresIn_datum != PointerGetDatum(NULL))
+	{
 		new_password_record[Anum_pg_auth_password_expiration - 1] = passExpiresIn_datum;
 		new_password_record_repl[Anum_pg_auth_password_expiration - 1] = true;
 	}
@@ -1214,7 +1219,8 @@ AlterRole(ParseState *pstate, AlterRoleStmt *stmt)
 
 		if (new_password_record_nulls[Anum_pg_auth_password_password - 1] == true) /* delete existing password */
 		{
-			if (HeapTupleIsValid(password_tuple)) {
+			if (HeapTupleIsValid(password_tuple))
+			{
 				CatalogTupleDelete(pg_auth_password_rel, &password_tuple->t_self);
 				ReleaseSysCache(password_tuple);
 			}
@@ -1779,7 +1785,8 @@ RenameRole(const char *oldname, const char *newname)
 
 			/* MD5 uses the username as salt, so just clear it on a rename */
 
-			if (HeapTupleIsValid(passtuple)) {
+			if (HeapTupleIsValid(passtuple))
+			{
 				CatalogTupleDelete(pg_auth_password_rel, &passtuple->t_self);
 				ereport(NOTICE,
 					(errmsg("MD5 password cleared because of role rename")));
 
@@ -1249,17 +1249,17 @@ check_password_duration(char **newval, void **extra, GucSource source)
 	char	   *val;
 	Interval   *interval;
 
-	if (newval == NULL || *newval == NULL) {
-		extra = NULL;
+	if (*newval == NULL)
 		return true;
-	}
 
-	elog(NOTICE,"Setting password duration to \"%s\"",
-					*newval);
+	/* TODO: Change to DEBUG2 */
+	elog(NOTICE,"Setting password duration to \"%s\"", *newval);
 
 	while (isspace((unsigned char) *valueptr))
 		valueptr++;
-	if (*valueptr != '\'') {
+
+	if (*valueptr != '\'')
+	{
 		val = pstrdup(valueptr);
 	}
 	else
@@ -1289,24 +1289,20 @@ check_password_duration(char **newval, void **extra, GucSource source)
 
 	pfree(val);
 
-	if (!interval) {
+	if (!interval)
 		return false;
-	}
 
 	new_interval = guc_malloc(LOG, sizeof(Interval));
 	memcpy(new_interval, interval, sizeof(Interval));
 	pfree(interval);
 
-	/*
-	 * Pass back data for assign_password_validity to use
-	 */
 	*extra = (void*) new_interval;
 
 	return true;
 }
 
 /*
- * assign_password_validity: GUC assign_hook for timezone
+ * assign_password_validity: GUC assign_hook for password_duration
  */
 void
 assign_password_duration(const char *newval, void *extra)
@@ -1318,15 +1314,16 @@ assign_password_duration(const char *newval, void *extra)
 }
 
 /*
- * show_password_validity: GUC show_hook for timezone
+ * show_password_validity: GUC show_hook for password_duration
  */
 const char *
 show_password_duration(void)
 {
 	const char *intervalout;
-	if (default_password_duration == NULL) {
+
+	if (default_password_duration == NULL)
 		return "";
-	}
+
 	intervalout = DatumGetCString(DirectFunctionCall1(interval_out,
 										PointerGetDatum(default_password_duration)));
 
 
@@ -49,7 +49,7 @@
  * should just pass NULL.
  */
 int
-CheckSASLAuth(const pg_be_sasl_mech *mech, Port *port, const char **passwords, int num,
+CheckSASLAuth(const pg_be_sasl_mech *mech, Port *port, const char **passwords, int num_passwords,
 			  const char **logdetail)
 {
 	StringInfoData sasl_mechs;
@@ -136,7 +136,7 @@ CheckSASLAuth(const pg_be_sasl_mech *mech, Port *port, const char **passwords, i
 			 * This is because we don't want to reveal to an attacker what
 			 * usernames are valid, nor which users have a valid password.
 			 */
-			opaq = mech->init(port, selected_mech, passwords, num);
+			opaq = mech->init(port, selected_mech, passwords, num_passwords);
 
 			inputlen = pq_getmsgint(&buf, 4);
 			if (inputlen == -1)
 
@@ -138,7 +138,6 @@ typedef struct
 	uint8		ServerKey[SCRAM_MAX_KEY_LEN];
 } scram_secret;
 
-
 typedef struct
 {
 	scram_state_enum state;
@@ -302,12 +301,16 @@ scram_init(Port *port, const char *selected_mech, const char **secrets, const in
 									   state->secrets[i].StoredKey,
 									   state->secrets[i].ServerKey))
 				{
-					if (salt) {
+					if (salt)
+					{
 						/* The stored iterations and salt must match or we cannot proceed, allow failure via mock */
-						if (strcmp(salt, state->salt) || iterations != state->iterations) {
+						if (strcmp(salt, state->salt) || iterations != state->iterations)
+						{
 							ereport(WARNING, (errmsg("inconsistent salt or iterations for user \"%s\"",
-									state->port->user_name)));
+														state->port->user_name)));
 							got_secret = false; /* fail and allow mock creditials to be created */
+							pfree(state->secrets);
+							state->num_secrets = 0;
 							break;
 						}
 					}
@@ -341,6 +344,7 @@ scram_init(Port *port, const char *selected_mech, const char **secrets, const in
 	if (!got_secret)
 	{
 		state->secrets = palloc0(sizeof(scram_secret));
+		state->num_secrets = 1;
 
 		mock_scram_secret(state->port->user_name, &state->hash_type,
 						  &state->iterations, &state->key_length,
@@ -510,13 +514,20 @@ pg_be_scram_build_secret(const char *password, const char *salt)
 	if (rc == SASLPREP_SUCCESS)
 		password = (const char *) prep_password;
 
-	/* Use passed in salt or generate random salt */
+	/* Use passed-in salt, or generate random salt */
 	if (!salt && !pg_strong_random(saltbuf, SCRAM_DEFAULT_SALT_LEN))
+	{
 		ereport(ERROR,
 				(errcode(ERRCODE_INTERNAL_ERROR),
 				 errmsg("could not generate random salt")));
+	}
 	else if (salt)
-		pg_b64_decode(salt, strlen(salt), saltbuf, SCRAM_DEFAULT_SALT_LEN);
+	{
+		if (pg_b64_decode(salt, strlen(salt), saltbuf, SCRAM_DEFAULT_SALT_LEN) == -1)
+			ereport(ERROR,
+					(errcode(ERRCODE_INTERNAL_ERROR),
+					errmsg("could not decode SCRAM salt")));
+	}
 
 	result = scram_build_secret(PG_SHA256, SCRAM_SHA_256_KEY_LEN,
 								saltbuf, SCRAM_DEFAULT_SALT_LEN,
@@ -1174,7 +1185,7 @@ verify_client_proof(scram_state *state)
 	for (j = 0; j < state->num_secrets; j++)
 	{
 		ctx = pg_hmac_create(state->hash_type);
-		elog(LOG, "Trying to verify password %d", j);
+		elog(LOG, "Trying to verify password %d", j); // TODO: Convert to DEBUG2
 
 		if (pg_hmac_init(ctx, state->secrets[j].StoredKey, state->key_length) < 0 ||
 			pg_hmac_update(ctx,
@@ -1190,12 +1201,14 @@ verify_client_proof(scram_state *state)
 						strlen(state->client_final_message_without_proof)) < 0 ||
 			pg_hmac_final(ctx, ClientSignature, state->key_length) < 0)
 		{
-			elog(LOG, "could not calculate client signature");
+			// TODO: Convert to DEBUG2
+			elog(LOG, "could not calculate client signature for secret %d", j);
 			pg_hmac_free(ctx);
 			continue;
 		}
 
-		elog(LOG, "success on %d", j);
+		// TODO: Convert to DEBUG2
+		elog(LOG, "succeeded on %d password", j);
 
 		pg_hmac_free(ctx);
 
@@ -1209,6 +1222,7 @@ verify_client_proof(scram_state *state)
 			elog(ERROR, "could not hash stored key: %s", errstr);
 
 		if (memcmp(client_StoredKey, state->secrets[j].StoredKey, state->key_length) == 0) {
+			// TODO: Convert to DEBUG2
 			elog(LOG, "Moving forward with Password %d", j);
 			state->chosen_secret = j;
 			return true;
 
@@ -57,7 +57,7 @@ static void set_authn_id(Port *port, const char *id);
 static int	CheckPasswordAuth(Port *port, const char **logdetail);
 static int	CheckPWChallengeAuth(Port *port, const char **logdetail);
 
-static int	CheckMD5Auth(Port *port, const char **passwords, int num, const char **logdetail);
+static int	CheckMD5Auth(Port *port, const char **passwords, int num_passwords, const char **logdetail);
 
 
 /*----------------------------------------------------------------
@@ -789,7 +789,7 @@ CheckPasswordAuth(Port *port, const char **logdetail)
 {
 	char	   *passwd;
 	int			result = STATUS_ERROR;
-	int			i, num;
+	int			i, num_passwords;
 	char	   **passwords;
 
 	sendAuthRequest(port, AUTH_REQ_PASSWORD, NULL, 0);
@@ -798,16 +798,16 @@ CheckPasswordAuth(Port *port, const char **logdetail)
 	if (passwd == NULL)
 		return STATUS_EOF;		/* client wouldn't send password */
 
-	passwords = get_role_passwords(port->user_name, logdetail, &num);
+	passwords = get_role_passwords(port->user_name, logdetail, &num_passwords);
 	if (passwords != NULL) {
-		for (i = 0; i < num; i++)
+		for (i = 0; i < num_passwords; i++)
 		{
 			result = plain_crypt_verify(port->user_name, passwords[i], passwd,
 										logdetail);
 			if (result == STATUS_OK)
 				break; /* Found a matching password, no need to try any others */
 		}
-		for (i = 0; i < num; i++)
+		for (i = 0; i < num_passwords; i++)
 			pfree(passwords[i]);
 
 		pfree(passwords);
@@ -829,14 +829,14 @@ CheckPWChallengeAuth(Port *port, const char **logdetail)
 {
 	bool		scram_pw_avail = false;
 	int			auth_result = STATUS_ERROR;
-	int			i, num;
+	int			i, num_passwords;
 	char	  **passwords;
 
 	Assert(port->hba->auth_method == uaSCRAM ||
 		   port->hba->auth_method == uaMD5);
 
 	/* First look up the user's passwords. */
-	passwords = get_role_passwords(port->user_name, logdetail, &num);
+	passwords = get_role_passwords(port->user_name, logdetail, &num_passwords);
 
 	/*
 	 * If 'md5' authentication is allowed, decide whether to perform 'md5' or
@@ -848,18 +848,19 @@ CheckPWChallengeAuth(Port *port, const char **logdetail)
 	 * had an MD5 password, CheckSASLAuth() with the SCRAM mechanism will
 	 * fail.
 	 */
-	if (passwords != NULL) {
-		for (i = 0; i < num; i++)
+	if (passwords != NULL)
+	{
+		for (i = 0; i < num_passwords; i++)
 			if (get_password_type(passwords[i]) == PASSWORD_TYPE_SCRAM_SHA_256)
 				scram_pw_avail = true;
 
 		if (port->hba->auth_method == uaMD5 && !scram_pw_avail)
-			auth_result = CheckMD5Auth(port, (const char **) passwords, num, logdetail);
+			auth_result = CheckMD5Auth(port, (const char **) passwords, num_passwords, logdetail);
 		else
-			auth_result = CheckSASLAuth(&pg_be_scram_mech, port, (const char **) passwords, num,
+			auth_result = CheckSASLAuth(&pg_be_scram_mech, port, (const char **) passwords, num_passwords,
 											logdetail);
 
-		for (i = 0; i < num; i++) {
+		for (i = 0; i < num_passwords; i++) {
 
 			if (passwords[i] != NULL)
 				pfree(passwords[i]);
@@ -877,7 +878,7 @@ CheckPWChallengeAuth(Port *port, const char **logdetail)
 }
 
 static int
-CheckMD5Auth(Port *port, const char **passwords, int num, const char **logdetail)
+CheckMD5Auth(Port *port, const char **passwords, int num_passwords, const char **logdetail)
 {
 	char		md5Salt[4];		/* Password salt */
 	char	   *passwd;
@@ -898,7 +899,7 @@ CheckMD5Auth(Port *port, const char **passwords, int num, const char **logdetail
 	if (passwd == NULL)
 		return STATUS_EOF;		/* client wouldn't send password */
 
-	for (i = 0; i < num; i++)
+	for (i = 0; i < num_passwords; i++)
 	{
 		result = md5_crypt_verify(port->user_name, passwords[i], passwd,
 								  md5Salt, 4, logdetail);
 
@@ -53,8 +53,7 @@ get_role_passwords(const char *role, const char **logdetail, int *num)
 	roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(role));
 	if (!HeapTupleIsValid(roleTup))
 	{
-		*logdetail = psprintf(_("Role \"%s\" does not exist."),
-							  role);
+		*logdetail = psprintf(_("Role \"%s\" does not exist."), role);
 		return NULL;			/* no such user */
 	}
 
@@ -95,6 +94,11 @@ get_role_passwords(const char *role, const char **logdetail, int *num)
 		return NULL;			/* user has no password */
 	}
 
+	/*
+	 * TODO: Merge this and the following loop into one; allocate
+	 * valid_passwords array as long as n_members, then use repalloc() to shrink
+	 * the valid_passwords array.
+	 */
 	for (i = 0; i < passlist->n_members; i++)
 	{
 		HeapTuple	tup = &passlist->members[i]->tuple;
@@ -189,7 +193,7 @@ encrypt_password(PasswordType target_type, const char *salt,
 
 			if (!pg_md5_encrypt(password, salt, strlen(salt),
 								encrypted_password, &errstr))
-				elog(ERROR, "password encryption failed %s", errstr);
+				elog(ERROR, "password encryption failed: %s", errstr);
 			return encrypted_password;
 
 		case PASSWORD_TYPE_SCRAM_SHA_256:
 
@@ -4014,12 +4014,12 @@ RelationCacheInitializePhase2(void)
 				  Natts_pg_authid, Desc_pg_authid);
 		formrdesc("pg_auth_members", AuthMemRelation_Rowtype_Id, true,
 				  Natts_pg_auth_members, Desc_pg_auth_members);
+		formrdesc("pg_auth_password", AuthPasswordRelation_Rowtype_Id, true,
+				  Natts_pg_auth_password, Desc_pg_auth_password);
 		formrdesc("pg_shseclabel", SharedSecLabelRelation_Rowtype_Id, true,
 				  Natts_pg_shseclabel, Desc_pg_shseclabel);
 		formrdesc("pg_subscription", SubscriptionRelation_Rowtype_Id, true,
 				  Natts_pg_subscription, Desc_pg_subscription);
-		formrdesc("pg_auth_password", AuthPasswordRelation_Rowtype_Id, true,
-				  Natts_pg_auth_password, Desc_pg_auth_password);
 
 #define NUM_CRITICAL_SHARED_RELS	6	/* fix if you change list above */
 	}
@@ -4158,10 +4158,10 @@ RelationCacheInitializePhase3(void)
 							AuthIdRelationId);
 		load_critical_index(AuthMemMemRoleIndexId,
 							AuthMemRelationId);
-		load_critical_index(SharedSecLabelObjectIndexId,
-							SharedSecLabelRelationId);
 		load_critical_index(AuthPasswordRoleOidIndexId,
 							AuthPasswordRelationId);
+		load_critical_index(SharedSecLabelObjectIndexId,
+							SharedSecLabelRelationId);
 
 #define NUM_CRITICAL_SHARED_INDEXES 7	/* fix if you change list above */