Check if the role exists before doing more complex ident and Kerberos
authentication checks in the backend. Gavin Sherry
This commit is contained in:
parent
b227448d0b
commit
fe03a5f4ae
|
@ -8,7 +8,7 @@
|
||||||
*
|
*
|
||||||
*
|
*
|
||||||
* IDENTIFICATION
|
* IDENTIFICATION
|
||||||
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.147 2007/01/05 22:19:29 momjian Exp $
|
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.148 2007/02/08 04:52:18 momjian Exp $
|
||||||
*
|
*
|
||||||
*-------------------------------------------------------------------------
|
*-------------------------------------------------------------------------
|
||||||
*/
|
*/
|
||||||
|
@ -216,6 +216,9 @@ pg_krb5_recvauth(Port *port)
|
||||||
krb5_ticket *ticket;
|
krb5_ticket *ticket;
|
||||||
char *kusername;
|
char *kusername;
|
||||||
|
|
||||||
|
if (get_role_line(port->user_name) == NULL)
|
||||||
|
return STATUS_ERROR;
|
||||||
|
|
||||||
ret = pg_krb5_init();
|
ret = pg_krb5_init();
|
||||||
if (ret != STATUS_OK)
|
if (ret != STATUS_OK)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
|
@ -10,7 +10,7 @@
|
||||||
*
|
*
|
||||||
*
|
*
|
||||||
* IDENTIFICATION
|
* IDENTIFICATION
|
||||||
* $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.158 2007/01/05 22:19:29 momjian Exp $
|
* $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.159 2007/02/08 04:52:18 momjian Exp $
|
||||||
*
|
*
|
||||||
*-------------------------------------------------------------------------
|
*-------------------------------------------------------------------------
|
||||||
*/
|
*/
|
||||||
|
@ -1589,6 +1589,9 @@ authident(hbaPort *port)
|
||||||
{
|
{
|
||||||
char ident_user[IDENT_USERNAME_MAX + 1];
|
char ident_user[IDENT_USERNAME_MAX + 1];
|
||||||
|
|
||||||
|
if (get_role_line(port->user_name) == NULL)
|
||||||
|
return STATUS_ERROR;
|
||||||
|
|
||||||
switch (port->raddr.addr.ss_family)
|
switch (port->raddr.addr.ss_family)
|
||||||
{
|
{
|
||||||
case AF_INET:
|
case AF_INET:
|
||||||
|
|
Loading…
Reference in New Issue