Track behavior of \1 in pg_ident.conf when quoted

Entries of pg-user in pg_ident.conf that are quoted and include '\1' allow a replacement from a subexpression in a system user regexp. This commit adds a test to track this behavior and a note in the documentation, as it could be affected by the use of an AuthToken for the pg-user in the IdentLines parsed. This subject has come up in the discussion aimed at extending the support of pg-user in ident entries for more patterns. Author: Jelte Fennema Discussion: https://postgr.es/m/CAGECzQRNow4MwkBjgPxywXdJU_K3a9+Pm78JB7De3yQwwkTDew@mail.gmail.com
2025-07-31 22:04:40 +03:00 · 2023-01-17 13:41:09 +09:00
parent da5800d5fa
commit 0b717432ff
2 changed files with 16 additions and 0 deletions
--- a/src/test/authentication/t/003_peer.pl
+++ b/src/test/authentication/t/003_peer.pl
@ -153,6 +153,19 @@ test_role(
 	log_like =>
 	  [qr/connection authenticated: identity="$system_user" method=peer/]);

+# Success as the regular expression matches and \1 is replaced in the given
+# subexpression, even if quoted.
+reset_pg_ident($node, 'mypeermap', qq{/^$system_user(.*)\$},
+	'"test\1mapuser"');
+test_role(
+	$node,
+	qq{testmapuser},
+	'peer',
+	0,
+	'with regular expression in user name map with quoted \1 replaced',
+	log_like =>
+	  [qr/connection authenticated: identity="$system_user" method=peer/]);
+
 # Failure as the regular expression does not include a subexpression, but
 # the database user contains \1, requesting a replacement.
 reset_pg_ident($node, 'mypeermap', qq{/^$system_user\$}, '\1testmapuser');