Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commit6d16f9d

Browse files
Make SASL max message length configurable
The proposed OAUTHBEARER SASL mechanism will need to allow largermessages in the exchange, since tokens are sent directly by theclient. Move this limit into the pg_be_sasl_mech struct so thatit can be changed per-mechanism.Author: Jacob Champion <jacob.champion@enterprisedb.com>Reviewed-by: Daniel Gustafsson <daniel@yesql.se>Discussion:https://postgr.es/m/CAOYmi+nqX_5=Se0W0Ynrr55Fha3CMzwv_R9P3rkpHb=1kG7ZTQ@mail.gmail.com
1 parent17b4aa7 commit6d16f9d

File tree

3 files changed

+16
-11
lines changed

3 files changed

+16
-11
lines changed

‎src/backend/libpq/auth-sasl.c

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -20,14 +20,6 @@
2020
#include"libpq/pqformat.h"
2121
#include"libpq/sasl.h"
2222

23-
/*
24-
* Maximum accepted size of SASL messages.
25-
*
26-
* The messages that the server or libpq generate are much smaller than this,
27-
* but have some headroom.
28-
*/
29-
#definePG_MAX_SASL_MESSAGE_LENGTH1024
30-
3123
/*
3224
* Perform a SASL exchange with a libpq client, using a specific mechanism
3325
* implementation.
@@ -103,7 +95,7 @@ CheckSASLAuth(const pg_be_sasl_mech *mech, Port *port, char *shadow_pass,
10395

10496
/* Get the actual SASL message */
10597
initStringInfo(&buf);
106-
if (pq_getmessage(&buf,PG_MAX_SASL_MESSAGE_LENGTH))
98+
if (pq_getmessage(&buf,mech->max_message_length))
10799
{
108100
/* EOF - pq_getmessage already logged error */
109101
pfree(buf.data);

‎src/backend/libpq/auth-scram.c

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -113,7 +113,9 @@ static intscram_exchange(void *opaq, const char *input, int inputlen,
113113
constpg_be_sasl_mechpg_be_scram_mech= {
114114
scram_get_mechanisms,
115115
scram_init,
116-
scram_exchange
116+
scram_exchange,
117+
118+
PG_MAX_SASL_MESSAGE_LENGTH
117119
};
118120

119121
/*

‎src/include/libpq/sasl.h

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,15 @@
2727
#definePG_SASL_EXCHANGE_FAILURE2
2828

2929
/*
30-
* Backend SASL mechanism callbacks.
30+
* Maximum accepted size of SASL messages.
31+
*
32+
* The messages that the server or libpq generate are much smaller than this,
33+
* but have some headroom.
34+
*/
35+
#definePG_MAX_SASL_MESSAGE_LENGTH1024
36+
37+
/*
38+
* Backend SASL mechanism callbacks and metadata.
3139
*
3240
* To implement a backend mechanism, declare a pg_be_sasl_mech struct with
3341
* appropriate callback implementations. Then pass the mechanism to
@@ -127,6 +135,9 @@ typedef struct pg_be_sasl_mech
127135
constchar*input,intinputlen,
128136
char**output,int*outputlen,
129137
constchar**logdetail);
138+
139+
/* The maximum size allowed for client SASLResponses. */
140+
intmax_message_length;
130141
}pg_be_sasl_mech;
131142

132143
/* Common implementation for auth.c */

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp