Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commita0d0163

Browse files
committed
Avoid masking EOF (no-password-supplied) conditions in auth.c.
CheckPWChallengeAuth() would return STATUS_ERROR if the user does notexist or has no password assigned, even if the client disconnectedwithout responding to the password challenge (as libpq often will,for example). We should return STATUS_EOF in that case, and thelower-level functions do, but this code level got it wrong since therefactoring done in7ac955b. This breaks the intent of not logginganything for EOF cases (cf. comments in auth_failed()) and mightalso confuse users of ClientAuthentication_hook.Per report from Liu Lang. Back-patch to all supported versions.Discussion:https://postgr.es/m/b725238c-539d-cb09-2bff-b5e6cb2c069c@esgyn.cn
1 parent272f857 commita0d0163

File tree

1 file changed

+5
-7
lines changed

1 file changed

+5
-7
lines changed

‎src/backend/libpq/auth.c

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -850,15 +850,13 @@ CheckPWChallengeAuth(Port *port, const char **logdetail)
850850

851851
if (shadow_pass)
852852
pfree(shadow_pass);
853-
854-
/*
855-
* If get_role_password() returned error, return error, even if the
856-
* authentication succeeded.
857-
*/
858-
if (!shadow_pass)
853+
else
859854
{
855+
/*
856+
* If get_role_password() returned error, authentication better not
857+
* have succeeded.
858+
*/
860859
Assert(auth_result!=STATUS_OK);
861-
returnSTATUS_ERROR;
862860
}
863861

864862
if (auth_result==STATUS_OK)

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp