Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitaaf09c5

Browse files
committed
Avoid masking EOF (no-password-supplied) conditions in auth.c.
CheckPWChallengeAuth() would return STATUS_ERROR if the user does notexist or has no password assigned, even if the client disconnectedwithout responding to the password challenge (as libpq often will,for example). We should return STATUS_EOF in that case, and thelower-level functions do, but this code level got it wrong since therefactoring done in7ac955b. This breaks the intent of not logginganything for EOF cases (cf. comments in auth_failed()) and mightalso confuse users of ClientAuthentication_hook.Per report from Liu Lang. Back-patch to all supported versions.Discussion:https://postgr.es/m/b725238c-539d-cb09-2bff-b5e6cb2c069c@esgyn.cn
1 parent59fd390 commitaaf09c5

File tree

1 file changed

+5
-7
lines changed

1 file changed

+5
-7
lines changed

‎src/backend/libpq/auth.c

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -865,15 +865,13 @@ CheckPWChallengeAuth(Port *port, const char **logdetail)
865865

866866
if (shadow_pass)
867867
pfree(shadow_pass);
868-
869-
/*
870-
* If get_role_password() returned error, return error, even if the
871-
* authentication succeeded.
872-
*/
873-
if (!shadow_pass)
868+
else
874869
{
870+
/*
871+
* If get_role_password() returned error, authentication better not
872+
* have succeeded.
873+
*/
875874
Assert(auth_result!=STATUS_OK);
876-
returnSTATUS_ERROR;
877875
}
878876

879877
if (auth_result==STATUS_OK)

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp