Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitc20f2aa

Browse files
committed
Avoid masking EOF (no-password-supplied) conditions in auth.c.
CheckPWChallengeAuth() would return STATUS_ERROR if the user does notexist or has no password assigned, even if the client disconnectedwithout responding to the password challenge (as libpq often will,for example). We should return STATUS_EOF in that case, and thelower-level functions do, but this code level got it wrong since therefactoring done in7ac955b. This breaks the intent of not logginganything for EOF cases (cf. comments in auth_failed()) and mightalso confuse users of ClientAuthentication_hook.Per report from Liu Lang. Back-patch to all supported versions.Discussion:https://postgr.es/m/b725238c-539d-cb09-2bff-b5e6cb2c069c@esgyn.cn
1 parent54790f4 commitc20f2aa

File tree

1 file changed

+6
-7
lines changed

1 file changed

+6
-7
lines changed

‎src/backend/libpq/auth.c

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -818,16 +818,15 @@ CheckPWChallengeAuth(Port *port, char **logdetail)
818818

819819
if (shadow_pass)
820820
pfree(shadow_pass);
821-
822-
/*
823-
* If get_role_password() returned error, return error, even if the
824-
* authentication succeeded.
825-
*/
826-
if (!shadow_pass)
821+
else
827822
{
823+
/*
824+
* If get_role_password() returned error, authentication better not
825+
* have succeeded.
826+
*/
828827
Assert(auth_result!=STATUS_OK);
829-
returnSTATUS_ERROR;
830828
}
829+
831830
returnauth_result;
832831
}
833832

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp