agroal · solokyo · Sep 5, 2023 · Nov 5, 2023 · Nov 6, 2023 · Nov 6, 2023
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
@@ -314,3 +314,16 @@ endif()
 target_link_libraries(pgagroal-admin-bin pgagroal)
 
 install(TARGETS pgagroal-admin-bin DESTINATION ${CMAKE_INSTALL_BINDIR})
+
+#
+# Build pgagroal-vault
+#
+add_executable(pgagroal-vault-bin vault.c ${RESOURCE_OBJECT})
+if (CMAKE_C_LINK_PIE_SUPPORTED)
+  set_target_properties(pgagroal-vault-bin PROPERTIES LINKER_LANGUAGE C POSITION_INDEPENDENT_CODE TRUE OUTPUT_NAME pgagroal-vault)
+else()
+  set_target_properties(pgagroal-vault-bin PROPERTIES LINKER_LANGUAGE C POSITION_INDEPENDENT_CODE FALSE OUTPUT_NAME pgagroal-vault)
+endif()
+target_link_libraries(pgagroal-vault-bin pgagroal)
+
+install(TARGETS pgagroal-vault-bin DESTINATION ${CMAKE_INSTALL_BINDIR})
diff --git a/src/admin.c b/src/admin.c
@@ -45,28 +45,18 @@
 #include <sys/stat.h>
 #include <err.h>
 
-#define DEFAULT_PASSWORD_LENGTH 64
-#define MIN_PASSWORD_LENGTH 8
-
 #define ACTION_UNKNOWN     0
 #define ACTION_MASTER_KEY  1
 #define ACTION_ADD_USER    2
 #define ACTION_UPDATE_USER 3
 #define ACTION_REMOVE_USER 4
 #define ACTION_LIST_USERS  5
 
-static char CHARS[] = {'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
-                       'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
-                       '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
-                       '!', '@', '#', '$', '%', '^', '&', '*', '(', ')', '-', '_', '=', '+', '[', '{', ']', '}', '\\', '|', ';', ':',
-                       '\'', '\"', ',', '<', '.', '>', '/', '?'};
-
 static int master_key(char* password, bool generate_pwd, int pwd_length);
 static int add_user(char* users_path, char* username, char* password, bool generate_pwd, int pwd_length);
 static int update_user(char* users_path, char* username, char* password, bool generate_pwd, int pwd_length);
 static int remove_user(char* users_path, char* username);
 static int list_users(char* users_path);
-static char* generate_password(int pwd_length);
 
 static void
 version(void)
@@ -906,30 +896,3 @@ list_users(char* users_path)
 
    return 1;
 }
-
-static char*
-generate_password(int pwd_length)
-{
-   char* pwd;
-   size_t s;
-   time_t t;
-
-   s = pwd_length + 1;
-
-   pwd = calloc(1, s);
-   if (pwd == NULL)
-   {
-      pgagroal_log_fatal("Couldn't allocate memory while generating password");
-      return NULL;
-   }
-
-   srand((unsigned)time(&t));
-
-   for (int i = 0; i < s; i++)
-   {
-      *((char*)(pwd + i)) = CHARS[rand() % sizeof(CHARS)];
-   }
-   *((char*)(pwd + pwd_length)) = '\0';
-
-   return pwd;
-}
diff --git a/src/include/message.h b/src/include/message.h
@@ -368,9 +368,32 @@ pgagroal_create_startup_message(char* username, char* database, struct message**
  * @param msg The resulting message
  * @return 0 upon success, otherwise 1
  */
+
 int
 pgagroal_create_cancel_request_message(int pid, int secret, struct message** msg);
 
+/**
+ * @brief 
+ * 
+ * @param ssl 
+ * @param socket 
+ * @param username 
+ * @return int 
+ */
+int
+pgagroal_write_frontend_password_request(SSL* ssl, int socket, char* username);
+
+/**
+ * @brief 
+ * 
+ * @param ssl 
+ * @param socket 
+ * @param password 
+ * @return int 
+ */
+int
+pgagroal_write_frontend_password_response(SSL* ssl, int socket, char* password);
+
 /**
  * Is the connection valid
  * @param socket The socket descriptor

diff --git a/src/include/pgagroal.h b/src/include/pgagroal.h
@@ -73,6 +73,8 @@ extern "C" {
 #define MAX_DATABASE_LENGTH   256
 #define MAX_TYPE_LENGTH        16
 #define MAX_ADDRESS_LENGTH     64
+#define DEFAULT_PASSWORD_LENGTH 64
+#define MIN_PASSWORD_LENGTH 8
 #define MAX_PASSWORD_LENGTH  1024
 #define MAX_APPLICATION_NAME   64
 
@@ -493,6 +495,8 @@ struct configuration
    struct user admins[NUMBER_OF_ADMINS];           /**< The admins */
    struct user superuser;                          /**< The superuser */
    struct connection connections[];                /**< The connections (FMA) */
+
+
 } __attribute__ ((aligned (64)));
 
 #ifdef __cplusplus

diff --git a/src/include/security.h b/src/include/security.h
@@ -138,6 +138,19 @@ pgagroal_user_known(char* user);
 int
 pgagroal_tls_valid(void);
 
+/**
+ * @brief Generate a random ASCII password have size of pwd_length
+ * @param pwd_length length of the password
+ * @return Generated password
+ */
+char*
+generate_password(int pwd_length);
+
+/**
+ * @brief Initialize RNG
+ * 
+ */
+void initialize_random(void);
 #ifdef __cplusplus
 }
 #endif