NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commit0b71743

committed

Track behavior of \1 in pg_ident.conf when quoted

Entries of pg-user in pg_ident.conf that are quoted and include '\1'allow a replacement from a subexpression in a system user regexp. Thiscommit adds a test to track this behavior and a note in thedocumentation, as it could be affected by the use of an AuthToken forthe pg-user in the IdentLines parsed.This subject has come up in the discussion aimed at extending thesupport of pg-user in ident entries for more patterns.Author: Jelte FennemaDiscussion:https://postgr.es/m/CAGECzQRNow4MwkBjgPxywXdJU_K3a9+Pm78JB7De3yQwwkTDew@mail.gmail.com

1 parentda5800d commit0b71743Copy full SHA for 0b71743

File tree

2 files changed

+16

-0

lines changed

doc/src/sgml
- client-auth.sgml
src/test/authentication/t
- 003_peer.pl

2 files changed

+16

-0

lines changed

`‎doc/src/sgml/client-auth.sgml`

Lines changed: 3 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -960,6 +960,9 @@ mymap /^(.*)@otherdomain\.com$ guest`
`960`	`960`	`will remove the domain part for users with system user names that end with`
`961`	`961`	`<literal>@mydomain.com</literal>, and allow any user whose system name ends with`
`962`	`962`	`<literal>@otherdomain.com</literal> to log in as <literal>guest</literal>.`
	`963`	`+ Quoting a <replaceable>database-username</replaceable> containing`
	`964`	`+ <literal>\1</literal> <emphasis>does not</emphasis> make`
	`965`	`+ <literal>\1</literal> lose its special meaning.`
`963`	`966`	`</para>`
`964`	`967`
`965`	`968`	`<tip>`

`‎src/test/authentication/t/003_peer.pl`

Lines changed: 13 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -153,6 +153,19 @@ sub find_in_log`
`153`	`153`	`log_like=>`
`154`	`154`	`[qr/connection authenticated: identity="$system_user" method=peer/]);`
`155`	`155`
	`156`	`+# Success as the regular expression matches and \1 is replaced in the given`
	`157`	`+# subexpression, even if quoted.`
	`158`	`+reset_pg_ident($node,'mypeermap',qq{/^$system_user(.*)\$},`
	`159`	`+'"test\1mapuser"');`
	`160`	`+test_role(`
	`161`	`+$node,`
	`162`	`+qq{testmapuser},`
	`163`	`+'peer',`
	`164`	`+0,`
	`165`	`+'with regular expression in user name map with quoted \1 replaced',`
	`166`	`+log_like=>`
	`167`	`+ [qr/connection authenticated: identity="$system_user" method=peer/]);`
	`168`	`+`
`156`	`169`	`# Failure as the regular expression does not include a subexpression, but`
`157`	`170`	`# the database user contains \1, requesting a replacement.`
`158`	`171`	`reset_pg_ident($node,'mypeermap',qq{/^$system_user\$},'\1testmapuser');`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit0b71743

File tree

2 files changed

2 files changed

`‎doc/src/sgml/client-auth.sgml`

`‎src/test/authentication/t/003_peer.pl`

0 commit comments