Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit84e103e

Browse files
hlinnakaafiskon
authored andcommitted
cherry-pick8d3b9cc
1 parent821a5df commit84e103e

File tree

1 file changed

+16
-33
lines changed

1 file changed

+16
-33
lines changed

‎src/backend/libpq/auth.c

Lines changed: 16 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,8 @@
3939
* Global authentication functions
4040
*----------------------------------------------------------------
4141
*/
42-
staticvoidsendAuthRequest(Port*port,AuthRequestareq);
42+
staticvoidsendAuthRequest(Port*port,AuthRequestareq,char*extradata,
43+
intextralen);
4344
staticvoidauth_failed(Port*port,intstatus,char*logdetail);
4445
staticchar*recv_password_packet(Port*port);
4546
staticintrecv_and_check_password_packet(Port*port,char**logdetail);
@@ -507,7 +508,7 @@ ClientAuthentication(Port *port)
507508

508509
caseuaGSS:
509510
#ifdefENABLE_GSS
510-
sendAuthRequest(port,AUTH_REQ_GSS);
511+
sendAuthRequest(port,AUTH_REQ_GSS,NULL,0);
511512
status=pg_GSS_recvauth(port);
512513
#else
513514
Assert(false);
@@ -516,7 +517,7 @@ ClientAuthentication(Port *port)
516517

517518
caseuaSSPI:
518519
#ifdefENABLE_SSPI
519-
sendAuthRequest(port,AUTH_REQ_SSPI);
520+
sendAuthRequest(port,AUTH_REQ_SSPI,NULL,0);
520521
status=pg_SSPI_recvauth(port);
521522
#else
522523
Assert(false);
@@ -544,7 +545,7 @@ ClientAuthentication(Port *port)
544545
break;
545546

546547
caseuaPassword:
547-
sendAuthRequest(port,AUTH_REQ_PASSWORD);
548+
sendAuthRequest(port,AUTH_REQ_PASSWORD,NULL,0);
548549
status=recv_and_check_password_packet(port,&logdetail);
549550
break;
550551

@@ -591,7 +592,7 @@ ClientAuthentication(Port *port)
591592
(*ClientAuthentication_hook) (port,status);
592593

593594
if (status==STATUS_OK)
594-
sendAuthRequest(port,AUTH_REQ_OK);
595+
sendAuthRequest(port,AUTH_REQ_OK,NULL,0);
595596
else
596597
auth_failed(port,status,logdetail);
597598
}
@@ -601,36 +602,16 @@ ClientAuthentication(Port *port)
601602
* Send an authentication request packet to the frontend.
602603
*/
603604
staticvoid
604-
sendAuthRequest(Port*port,AuthRequestareq)
605+
sendAuthRequest(Port*port,AuthRequestareq,char*extradata,intextralen)
605606
{
606607
StringInfoDatabuf;
607608

608609
CHECK_FOR_INTERRUPTS();
609610

610611
pq_beginmessage(&buf,'R');
611612
pq_sendint(&buf, (int32)areq,sizeof(int32));
612-
613-
/* Add the salt for encrypted passwords. */
614-
if (areq==AUTH_REQ_MD5)
615-
pq_sendbytes(&buf,port->md5Salt,4);
616-
617-
#if defined(ENABLE_GSS)|| defined(ENABLE_SSPI)
618-
619-
/*
620-
* Add the authentication data for the next step of the GSSAPI or SSPI
621-
* negotiation.
622-
*/
623-
elseif (areq==AUTH_REQ_GSS_CONT)
624-
{
625-
if (port->gss->outbuf.length>0)
626-
{
627-
elog(DEBUG4,"sending GSS token of length %u",
628-
(unsignedint)port->gss->outbuf.length);
629-
630-
pq_sendbytes(&buf,port->gss->outbuf.value,port->gss->outbuf.length);
631-
}
632-
}
633-
#endif
613+
if (extralen>0)
614+
pq_sendbytes(&buf,extradata,extralen);
634615

635616
pq_endmessage(&buf);
636617

@@ -957,7 +938,8 @@ pg_GSS_recvauth(Port *port)
957938
elog(DEBUG4,"sending GSS response token of length %u",
958939
(unsignedint)port->gss->outbuf.length);
959940

960-
sendAuthRequest(port,AUTH_REQ_GSS_CONT);
941+
sendAuthRequest(port,AUTH_REQ_GSS_CONT,
942+
port->gss->outbuf.value,port->gss->outbuf.length);
961943

962944
gss_release_buffer(&lmin_s,&port->gss->outbuf);
963945
}
@@ -1202,7 +1184,8 @@ pg_SSPI_recvauth(Port *port)
12021184
port->gss->outbuf.length=outbuf.pBuffers[0].cbBuffer;
12031185
port->gss->outbuf.value=outbuf.pBuffers[0].pvBuffer;
12041186

1205-
sendAuthRequest(port,AUTH_REQ_GSS_CONT);
1187+
sendAuthRequest(port,AUTH_REQ_GSS_CONT,
1188+
port->gss->outbuf.value,port->gss->outbuf.length);
12061189

12071190
FreeContextBuffer(outbuf.pBuffers[0].pvBuffer);
12081191
}
@@ -1830,7 +1813,7 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg,
18301813
* let's go ask the client to send a password, which we
18311814
* then stuff into PAM.
18321815
*/
1833-
sendAuthRequest(pam_port_cludge,AUTH_REQ_PASSWORD);
1816+
sendAuthRequest(pam_port_cludge,AUTH_REQ_PASSWORD,NULL,0);
18341817
passwd=recv_password_packet(pam_port_cludge);
18351818
if (passwd==NULL)
18361819
{
@@ -2160,7 +2143,7 @@ CheckLDAPAuth(Port *port)
21602143
if (port->hba->ldapport==0)
21612144
port->hba->ldapport=LDAP_PORT;
21622145

2163-
sendAuthRequest(port,AUTH_REQ_PASSWORD);
2146+
sendAuthRequest(port,AUTH_REQ_PASSWORD,NULL,0);
21642147

21652148
passwd=recv_password_packet(port);
21662149
if (passwd==NULL)
@@ -2520,7 +2503,7 @@ CheckRADIUSAuth(Port *port)
25202503
identifier=port->hba->radiusidentifier;
25212504

25222505
/* Send regular password request to client, and get the response */
2523-
sendAuthRequest(port,AUTH_REQ_PASSWORD);
2506+
sendAuthRequest(port,AUTH_REQ_PASSWORD,NULL,0);
25242507

25252508
passwd=recv_password_packet(port);
25262509
if (passwd==NULL)

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp