NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commitc5e1df9

committed

Remove one use of IDENT_USERNAME_MAX

IDENT_USERNAME_MAX is the maximum length of the information returnedby an ident server, per RFC 1413. Using it as the buffer size in peerauthentication is inappropriate. It was done here because of thehistorical relationship between peer and ident authentication. Toreduce confusion between the two authenticaton methods and disentangletheir code, use a dynamically allocated buffer instead.Discussion:https://www.postgresql.org/message-id/flat/c798fba5-8b71-4f27-c78e-37714037ea31%402ndquadrant.com

1 parent5cc1e64 commitc5e1df9Copy full SHA for c5e1df9

File tree

1 file changed

+10

-4

lines changed

src/backend/libpq
- auth.c

1 file changed

+10

-4

lines changed

`‎src/backend/libpq/auth.c`

Lines changed: 10 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -65,7 +65,7 @@ static intCheckSCRAMAuth(Port port, char shadow_pass, char **logdetail);`
`65`	`65`	`* Ident authentication`
`66`	`66`	`*----------------------------------------------------------------`
`67`	`67`	`*/`
`68`		`-/* Max size of username ident server can return */`
	`68`	`+/* Max size of username ident server can return(per RFC 1413)*/`
`69`	`69`	`#defineIDENT_USERNAME_MAX 512`
`70`	`70`
`71`	`71`	`/* Standard TCP port number for Ident service. Assigned by IANA */`
`@@ -1990,10 +1990,11 @@ ident_inet(hbaPort *port)`
`1990`	`1990`	`staticint`
`1991`	`1991`	`auth_peer(hbaPort*port)`
`1992`	`1992`	`{`
`1993`		`-charident_user[IDENT_USERNAME_MAX+1];`
`1994`	`1993`	`uid_tuid;`
`1995`	`1994`	`gid_tgid;`
`1996`	`1995`	`structpasswd*pw;`
	`1996`	`+char*peer_user;`
	`1997`	`+intret;`
`1997`	`1998`
`1998`	`1999`	`if (getpeereid(port->sock,&uid,&gid)!=0)`
`1999`	`2000`	`{`
`@@ -2022,9 +2023,14 @@ auth_peer(hbaPort *port)`
`2022`	`2023`	`returnSTATUS_ERROR;`
`2023`	`2024`	`}`
`2024`	`2025`
`2025`		`-strlcpy(ident_user,pw->pw_name,IDENT_USERNAME_MAX+1);`
	`2026`	`+/* Make a copy of static getpw() result area. /`
	`2027`	`+peer_user=pstrdup(pw->pw_name);`
	`2028`	`+`
	`2029`	`+ret=check_usermap(port->hba->usermap,port->user_name,peer_user, false);`
`2026`	`2030`
`2027`		`-returncheck_usermap(port->hba->usermap,port->user_name,ident_user, false);`
	`2031`	`+pfree(peer_user);`
	`2032`	`+`
	`2033`	`+returnret;`
`2028`	`2034`	`}`
`2029`	`2035`	`#endif/* HAVE_UNIX_SOCKETS */`
`2030`	`2036`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitc5e1df9

File tree

1 file changed

1 file changed

`‎src/backend/libpq/auth.c`

0 commit comments