Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit24986c9

Browse files
committed
Change libpq's internal uses of PQhost() to inspect host field directly.
Commit1944cdc changed PQhost() to return the hostaddr value when thatis specified and host isn't. This is a good idea in general, butfe-auth.c and related files contain PQhost() calls for which it isn't.Specifically, when we compare SSL certificates or other server identityinformation to the host field, we do not want to use hostaddr instead;that's not what's documented, that's not what happened pre-v10, andit doesn't seem like a good idea.Instead, we can just look at connhost[].host directly. This does whatwe want in v10 and up; in particular, if neither host nor hostaddrwere given, the host field will be replaced with the default host name.That seems useful, and it's likely the reason that these places werecoded to call PQhost() originally (since pre-v10, the stored field wasnot replaced with the default).Back-patch to v10, as1944cdc (just) was.Discussion:https://postgr.es/m/23287.1533227021@sss.pgh.pa.us
1 parent85c9d34 commit24986c9

File tree

2 files changed

+11
-4
lines changed

2 files changed

+11
-4
lines changed

‎src/interfaces/libpq/fe-auth.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -199,7 +199,7 @@ pg_GSS_startup(PGconn *conn, int payloadlen)
199199
min_stat;
200200
intmaxlen;
201201
gss_buffer_desctemp_gbuf;
202-
char*host=PQhost(conn);
202+
char*host=conn->connhost[conn->whichhost].host;
203203

204204
if (!(host&&host[0]!='\0'))
205205
{
@@ -414,7 +414,7 @@ pg_SSPI_startup(PGconn *conn, int use_negotiate, int payloadlen)
414414
{
415415
SECURITY_STATUSr;
416416
TimeStampexpire;
417-
char*host=PQhost(conn);
417+
char*host=conn->connhost[conn->whichhost].host;
418418

419419
if (conn->sspictx)
420420
{

‎src/interfaces/libpq/fe-secure-common.c

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -88,10 +88,17 @@ pq_verify_peer_name_matches_certificate_name(PGconn *conn,
8888
{
8989
char*name;
9090
intresult;
91-
char*host=PQhost(conn);
91+
char*host=conn->connhost[conn->whichhost].host;
9292

9393
*store_name=NULL;
9494

95+
if (!(host&&host[0]!='\0'))
96+
{
97+
printfPQExpBuffer(&conn->errorMessage,
98+
libpq_gettext("host name must be specified\n"));
99+
return-1;
100+
}
101+
95102
/*
96103
* There is no guarantee the string returned from the certificate is
97104
* NULL-terminated, so make a copy that is.
@@ -145,7 +152,7 @@ pq_verify_peer_name_matches_certificate_name(PGconn *conn,
145152
bool
146153
pq_verify_peer_name_matches_certificate(PGconn*conn)
147154
{
148-
char*host=PQhost(conn);
155+
char*host=conn->connhost[conn->whichhost].host;
149156
intrc;
150157
intnames_examined=0;
151158
char*first_name=NULL;

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp