Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit9b042e2

Browse files
committed
Avoid masking EOF (no-password-supplied) conditions in auth.c.
CheckPWChallengeAuth() would return STATUS_ERROR if the user does notexist or has no password assigned, even if the client disconnectedwithout responding to the password challenge (as libpq often will,for example). We should return STATUS_EOF in that case, and thelower-level functions do, but this code level got it wrong since therefactoring done in7ac955b. This breaks the intent of not logginganything for EOF cases (cf. comments in auth_failed()) and mightalso confuse users of ClientAuthentication_hook.Per report from Liu Lang. Back-patch to all supported versions.Discussion:https://postgr.es/m/b725238c-539d-cb09-2bff-b5e6cb2c069c@esgyn.cn
1 parentb83941b commit9b042e2

File tree

1 file changed

+5
-7
lines changed

1 file changed

+5
-7
lines changed

‎src/backend/libpq/auth.c

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -857,15 +857,13 @@ CheckPWChallengeAuth(Port *port, char **logdetail)
857857

858858
if (shadow_pass)
859859
pfree(shadow_pass);
860-
861-
/*
862-
* If get_role_password() returned error, return error, even if the
863-
* authentication succeeded.
864-
*/
865-
if (!shadow_pass)
860+
else
866861
{
862+
/*
863+
* If get_role_password() returned error, authentication better not
864+
* have succeeded.
865+
*/
867866
Assert(auth_result!=STATUS_OK);
868-
returnSTATUS_ERROR;
869867
}
870868

871869
if (auth_result==STATUS_OK)

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp