Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit7ed616f

Browse files
committed
Improve log messages related to pg_hba.conf not matching a connection.
Include details on whether GSS encryption has been activated;since we added "hostgssenc" type HBA entries, that's relevant info.Kyotaro Horiguchi and Tom Lane. Back-patch to v12 whereGSS encryption was introduced.Discussion:https://postgr.es/m/e5b0b6ed05764324a2f3fe7acfc766d5@smhi.se
1 parent4cfdd8a commit7ed616f

File tree

1 file changed

+28
-44
lines changed

1 file changed

+28
-44
lines changed

‎src/backend/libpq/auth.c

Lines changed: 28 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -400,44 +400,37 @@ ClientAuthentication(Port *port)
400400
*/
401401
{
402402
charhostinfo[NI_MAXHOST];
403+
constchar*encryption_state;
403404

404405
pg_getnameinfo_all(&port->raddr.addr,port->raddr.salen,
405406
hostinfo,sizeof(hostinfo),
406407
NULL,0,
407408
NI_NUMERICHOST);
408409

409-
if (am_walsender)
410-
{
410+
encryption_state=
411+
#ifdefENABLE_GSS
412+
(port->gss&&port->gss->enc) ?_("GSS encryption") :
413+
#endif
411414
#ifdefUSE_SSL
415+
port->ssl_in_use ?_("SSL on") :
416+
#endif
417+
_("SSL off");
418+
419+
if (am_walsender)
412420
ereport(FATAL,
413421
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
422+
/* translator: last %s describes encryption state */
414423
errmsg("pg_hba.conf rejects replication connection for host \"%s\", user \"%s\", %s",
415424
hostinfo,port->user_name,
416-
port->ssl_in_use ?_("SSL on") :_("SSL off"))));
417-
#else
418-
ereport(FATAL,
419-
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
420-
errmsg("pg_hba.conf rejects replication connection for host \"%s\", user \"%s\"",
421-
hostinfo,port->user_name)));
422-
#endif
423-
}
425+
encryption_state)));
424426
else
425-
{
426-
#ifdefUSE_SSL
427427
ereport(FATAL,
428428
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
429+
/* translator: last %s describes encryption state */
429430
errmsg("pg_hba.conf rejects connection for host \"%s\", user \"%s\", database \"%s\", %s",
430431
hostinfo,port->user_name,
431432
port->database_name,
432-
port->ssl_in_use ?_("SSL on") :_("SSL off"))));
433-
#else
434-
ereport(FATAL,
435-
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
436-
errmsg("pg_hba.conf rejects connection for host \"%s\", user \"%s\", database \"%s\"",
437-
hostinfo,port->user_name,
438-
port->database_name)));
439-
#endif
440-
}
433+
encryption_state)));
441434
break;
442435
}
443436

@@ -453,12 +446,22 @@ ClientAuthentication(Port *port)
453446
*/
454447
{
455448
charhostinfo[NI_MAXHOST];
449+
constchar*encryption_state;
456450

457451
pg_getnameinfo_all(&port->raddr.addr,port->raddr.salen,
458452
hostinfo,sizeof(hostinfo),
459453
NULL,0,
460454
NI_NUMERICHOST);
461455

456+
encryption_state=
457+
#ifdefENABLE_GSS
458+
(port->gss&&port->gss->enc) ?_("GSS encryption") :
459+
#endif
460+
#ifdefUSE_SSL
461+
port->ssl_in_use ?_("SSL on") :
462+
#endif
463+
_("SSL off");
464+
462465
#defineHOSTNAME_LOOKUP_DETAIL(port) \
463466
(port->remote_hostname ? \
464467
(port->remote_hostname_resolv == +1 ? \
@@ -481,41 +484,22 @@ ClientAuthentication(Port *port)
481484
0))
482485

483486
if (am_walsender)
484-
{
485-
#ifdefUSE_SSL
486487
ereport(FATAL,
487488
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
489+
/* translator: last %s describes encryption state */
488490
errmsg("no pg_hba.conf entry for replication connection from host \"%s\", user \"%s\", %s",
489491
hostinfo,port->user_name,
490-
port->ssl_in_use ?_("SSL on") :_("SSL off")),
492+
encryption_state),
491493
HOSTNAME_LOOKUP_DETAIL(port)));
492-
#else
493-
ereport(FATAL,
494-
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
495-
errmsg("no pg_hba.conf entry for replication connection from host \"%s\", user \"%s\"",
496-
hostinfo,port->user_name),
497-
HOSTNAME_LOOKUP_DETAIL(port)));
498-
#endif
499-
}
500494
else
501-
{
502-
#ifdefUSE_SSL
503495
ereport(FATAL,
504496
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
497+
/* translator: last %s describes encryption state */
505498
errmsg("no pg_hba.conf entry for host \"%s\", user \"%s\", database \"%s\", %s",
506499
hostinfo,port->user_name,
507500
port->database_name,
508-
port->ssl_in_use ?_("SSL on") :_("SSL off")),
509-
HOSTNAME_LOOKUP_DETAIL(port)));
510-
#else
511-
ereport(FATAL,
512-
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
513-
errmsg("no pg_hba.conf entry for host \"%s\", user \"%s\", database \"%s\"",
514-
hostinfo,port->user_name,
515-
port->database_name),
501+
encryption_state),
516502
HOSTNAME_LOOKUP_DETAIL(port)));
517-
#endif
518-
}
519503
break;
520504
}
521505

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp