diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/backend/utils/init/miscinit.c | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/src/backend/utils/init/miscinit.c b/src/backend/utils/init/miscinit.c index 603a2565b65..18f5e6fbfe0 100644 --- a/src/backend/utils/init/miscinit.c +++ b/src/backend/utils/init/miscinit.c @@ -474,6 +474,7 @@ InitializeSessionUserId(const char *rolename, Oid roleid) { HeapTuple roleTup; Form_pg_authid rform; + char *rname; /* * Don't do scans if we're bootstrapping, none of the system catalogs @@ -485,16 +486,25 @@ InitializeSessionUserId(const char *rolename, Oid roleid) AssertState(!OidIsValid(AuthenticatedUserId)); if (rolename != NULL) + { roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(rolename)); + if (!HeapTupleIsValid(roleTup)) + ereport(FATAL, + (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), + errmsg("role \"%s\" does not exist", rolename))); + } else + { roleTup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(roleid)); - if (!HeapTupleIsValid(roleTup)) - ereport(FATAL, - (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), - errmsg("role \"%s\" does not exist", rolename))); + if (!HeapTupleIsValid(roleTup)) + ereport(FATAL, + (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), + errmsg("role with OID %u does not exist", roleid))); + } rform = (Form_pg_authid) GETSTRUCT(roleTup); roleid = HeapTupleGetOid(roleTup); + rname = NameStr(rform->rolname); AuthenticatedUserId = roleid; AuthenticatedUserIsSuperuser = rform->rolsuper; @@ -520,7 +530,7 @@ InitializeSessionUserId(const char *rolename, Oid roleid) ereport(FATAL, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), errmsg("role \"%s\" is not permitted to log in", - rolename))); + rname))); /* * Check connection limit for this role. @@ -538,11 +548,11 @@ InitializeSessionUserId(const char *rolename, Oid roleid) ereport(FATAL, (errcode(ERRCODE_TOO_MANY_CONNECTIONS), errmsg("too many connections for role \"%s\"", - rolename))); + rname))); } /* Record username and superuser status as GUC settings too */ - SetConfigOption("session_authorization", rolename, + SetConfigOption("session_authorization", rname, PGC_BACKEND, PGC_S_OVERRIDE); SetConfigOption("is_superuser", AuthenticatedUserIsSuperuser ? "on" : "off", |