diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2010-04-21 03:32:53 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2010-04-21 03:32:53 +0000 |
| commit | a2c3931a244b67115a0eac1ee5fde9eb7cb4e42c (patch) | |
| tree | 29ce8f4c20563cde96048a4e562b2456a159aa28 /src/backend/libpq/hba.c | |
| parent | a3c6d105752c28dbd19d0558733a2157e6ab55e0 (diff) | |
| download | postgresql-a2c3931a244b67115a0eac1ee5fde9eb7cb4e42c.tar.gz postgresql-a2c3931a244b67115a0eac1ee5fde9eb7cb4e42c.zip | |
Fix pg_hba.conf matching so that replication connections only match records
with database = replication. The previous coding would allow them to match
ordinary records too, but that seems like a recipe for security breaches.
Improve the messages associated with no-such-pg_hba.conf entry to report
replication connections as such, since that's now a critical aspect of
whether the connection matches. Make some cursory improvements in the related
documentation, too.
Diffstat (limited to 'src/backend/libpq/hba.c')
| -rw-r--r-- | src/backend/libpq/hba.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c index 11443f76e2d..e5fb65f75d3 100644 --- a/src/backend/libpq/hba.c +++ b/src/backend/libpq/hba.c @@ -10,7 +10,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.205 2010/04/19 19:02:18 sriggs Exp $ + * $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.206 2010/04/21 03:32:53 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -513,7 +513,13 @@ check_db(const char *dbname, const char *role, Oid roleid, char *param_str) tok != NULL; tok = strtok(NULL, MULTI_VALUE_SEP)) { - if (strcmp(tok, "all\n") == 0) + if (am_walsender) + { + /* walsender connections can only match replication keyword */ + if (strcmp(tok, "replication\n") == 0) + return true; + } + else if (strcmp(tok, "all\n") == 0) return true; else if (strcmp(tok, "sameuser\n") == 0) { @@ -526,9 +532,8 @@ check_db(const char *dbname, const char *role, Oid roleid, char *param_str) if (is_member(roleid, dbname)) return true; } - else if (strcmp(tok, "replication\n") == 0 && - am_walsender) - return true; + else if (strcmp(tok, "replication\n") == 0) + continue; /* never match this if not walsender */ else if (strcmp(tok, dbname) == 0) return true; } @@ -1812,7 +1817,7 @@ load_ident(void) * * Note that STATUS_ERROR indicates a problem with the hba config file. * If the file is OK but does not contain any entry matching the request, - * we return STATUS_OK and method = uaReject. + * we return STATUS_OK and method = uaImplicitReject. */ int hba_getauthmethod(hbaPort *port) |