From 64580224f90683b3cf7a46ee84a31bf01e54a0dc Mon Sep 17 00:00:00 2001 From: Magnus Hagander Date: Tue, 13 Jan 2009 10:43:21 +0000 Subject: [PATCH] Remove special-handling of usernames with Kerberos authentication. We will now always use the system username as the default, and not try to pick it up from the kerberos ticket. This fixes the spurious error messages that show up on kerberos-enabled builds when not actually using kerberos, and puts it in line with how other authentication methods work. --- src/interfaces/libpq/fe-auth.c | 47 ++-------------------------------- 1 file changed, 2 insertions(+), 45 deletions(-) diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c index d9da383e72..85e3ff79cf 100644 --- a/src/interfaces/libpq/fe-auth.c +++ b/src/interfaces/libpq/fe-auth.c @@ -7,7 +7,7 @@ * Portions Copyright (c) 1994, Regents of the University of California * * IDENTIFICATION - * $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.139 2009/01/01 17:24:03 momjian Exp $ + * $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.140 2009/01/13 10:43:21 mha Exp $ * *------------------------------------------------------------------------- */ @@ -190,28 +190,6 @@ pg_krb5_destroy(struct krb5_info * info) } - -/* - * pg_krb5_authname -- returns a copy of whatever name the user - * has authenticated to the system, or NULL - */ -static char * -pg_krb5_authname(PQExpBuffer errorMessage) -{ - char *tmp_name; - struct krb5_info info; - - info.pg_krb5_initialised = 0; - - if (pg_krb5_init(errorMessage, &info) != STATUS_OK) - return NULL; - tmp_name = strdup(info.pg_krb5_name); - pg_krb5_destroy(&info); - - return tmp_name; -} - - /* * pg_krb5_sendauth -- client routine to send authentication information to * the server @@ -972,9 +950,6 @@ pg_fe_sendauth(AuthRequest areq, PGconn *conn) char * pg_fe_getauthname(PQExpBuffer errorMessage) { -#ifdef KRB5 - char *krb5_name = NULL; -#endif const char *name = NULL; char *authn; @@ -988,8 +963,7 @@ pg_fe_getauthname(PQExpBuffer errorMessage) #endif /* - * pglock_thread() really only needs to be called around - * pg_krb5_authname(), but some users are using configure + * Some users are using configure * --enable-thread-safety-force, so we might as well do the locking within * our library to protect pqGetpwuid(). In fact, application developers * can use getpwuid() in their application if they use the locking call we @@ -998,17 +972,6 @@ pg_fe_getauthname(PQExpBuffer errorMessage) */ pglock_thread(); -#ifdef KRB5 - - /* - * pg_krb5_authname gives us a strdup'd value that we need to free later, - * however, we don't want to free 'name' directly in case it's *not* a - * Kerberos login and we fall through to name = pw->pw_name; - */ - krb5_name = pg_krb5_authname(errorMessage); - name = krb5_name; -#endif - if (!name) { #ifdef WIN32 @@ -1022,12 +985,6 @@ pg_fe_getauthname(PQExpBuffer errorMessage) authn = name ? strdup(name) : NULL; -#ifdef KRB5 - /* Free the strdup'd string from pg_krb5_authname, if we got one */ - if (krb5_name) - free(krb5_name); -#endif - pgunlock_thread(); return authn;