Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitfb464a1

Browse files
committed
Avoid masking EOF (no-password-supplied) conditions in auth.c.
CheckPWChallengeAuth() would return STATUS_ERROR if the user does notexist or has no password assigned, even if the client disconnectedwithout responding to the password challenge (as libpq often will,for example). We should return STATUS_EOF in that case, and thelower-level functions do, but this code level got it wrong since therefactoring done in7ac955b. This breaks the intent of not logginganything for EOF cases (cf. comments in auth_failed()) and mightalso confuse users of ClientAuthentication_hook.Per report from Liu Lang. Back-patch to all supported versions.Discussion:https://postgr.es/m/b725238c-539d-cb09-2bff-b5e6cb2c069c@esgyn.cn
1 parent6521869 commitfb464a1

File tree

1 file changed

+5
-7
lines changed

1 file changed

+5
-7
lines changed

‎src/backend/libpq/auth.c

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -849,15 +849,13 @@ CheckPWChallengeAuth(Port *port, const char **logdetail)
849849

850850
if (shadow_pass)
851851
pfree(shadow_pass);
852-
853-
/*
854-
* If get_role_password() returned error, return error, even if the
855-
* authentication succeeded.
856-
*/
857-
if (!shadow_pass)
852+
else
858853
{
854+
/*
855+
* If get_role_password() returned error, authentication better not
856+
* have succeeded.
857+
*/
859858
Assert(auth_result!=STATUS_OK);
860-
returnSTATUS_ERROR;
861859
}
862860

863861
if (auth_result==STATUS_OK)

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp