diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index d4ec965934..515ae95fe1 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -401,44 +401,37 @@ ClientAuthentication(Port *port) */ { char hostinfo[NI_MAXHOST]; + const char *encryption_state; pg_getnameinfo_all(&port->raddr.addr, port->raddr.salen, hostinfo, sizeof(hostinfo), NULL, 0, NI_NUMERICHOST); - if (am_walsender) - { + encryption_state = +#ifdef ENABLE_GSS + (port->gss && port->gss->enc) ? _("GSS encryption") : +#endif #ifdef USE_SSL + port->ssl_in_use ? _("SSL encryption") : +#endif + _("no encryption"); + + if (am_walsender) ereport(FATAL, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), + /* translator: last %s describes encryption state */ errmsg("pg_hba.conf rejects replication connection for host \"%s\", user \"%s\", %s", hostinfo, port->user_name, - port->ssl_in_use ? _("SSL on") : _("SSL off")))); -#else - ereport(FATAL, - (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), - errmsg("pg_hba.conf rejects replication connection for host \"%s\", user \"%s\"", - hostinfo, port->user_name))); -#endif - } + encryption_state))); else - { -#ifdef USE_SSL ereport(FATAL, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), + /* translator: last %s describes encryption state */ errmsg("pg_hba.conf rejects connection for host \"%s\", user \"%s\", database \"%s\", %s", hostinfo, port->user_name, port->database_name, - port->ssl_in_use ? _("SSL on") : _("SSL off")))); -#else - ereport(FATAL, - (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), - errmsg("pg_hba.conf rejects connection for host \"%s\", user \"%s\", database \"%s\"", - hostinfo, port->user_name, - port->database_name))); -#endif - } + encryption_state))); break; } @@ -454,12 +447,22 @@ ClientAuthentication(Port *port) */ { char hostinfo[NI_MAXHOST]; + const char *encryption_state; pg_getnameinfo_all(&port->raddr.addr, port->raddr.salen, hostinfo, sizeof(hostinfo), NULL, 0, NI_NUMERICHOST); + encryption_state = +#ifdef ENABLE_GSS + (port->gss && port->gss->enc) ? _("GSS encryption") : +#endif +#ifdef USE_SSL + port->ssl_in_use ? _("SSL encryption") : +#endif + _("no encryption"); + #define HOSTNAME_LOOKUP_DETAIL(port) \ (port->remote_hostname ? \ (port->remote_hostname_resolv == +1 ? \ @@ -482,41 +485,22 @@ ClientAuthentication(Port *port) 0)) if (am_walsender) - { -#ifdef USE_SSL ereport(FATAL, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), + /* translator: last %s describes encryption state */ errmsg("no pg_hba.conf entry for replication connection from host \"%s\", user \"%s\", %s", hostinfo, port->user_name, - port->ssl_in_use ? _("SSL on") : _("SSL off")), + encryption_state), HOSTNAME_LOOKUP_DETAIL(port))); -#else - ereport(FATAL, - (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), - errmsg("no pg_hba.conf entry for replication connection from host \"%s\", user \"%s\"", - hostinfo, port->user_name), - HOSTNAME_LOOKUP_DETAIL(port))); -#endif - } else - { -#ifdef USE_SSL ereport(FATAL, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), + /* translator: last %s describes encryption state */ errmsg("no pg_hba.conf entry for host \"%s\", user \"%s\", database \"%s\", %s", hostinfo, port->user_name, port->database_name, - port->ssl_in_use ? _("SSL on") : _("SSL off")), + encryption_state), HOSTNAME_LOOKUP_DETAIL(port))); -#else - ereport(FATAL, - (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), - errmsg("no pg_hba.conf entry for host \"%s\", user \"%s\", database \"%s\"", - hostinfo, port->user_name, - port->database_name), - HOSTNAME_LOOKUP_DETAIL(port))); -#endif - } break; }