database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-12 21:01:52 +03:00
Code Activity

Code review for commit 274bb2b385.

Browse Source 
Avoid memory leak in conninfo_uri_parse_options.  Use the current host
rather than the comma-separated list of host names when the host name
is needed for GSS, SSPI, or SSL authentication.  Document the way
connect_timeout interacts with multiple host specifications.

Takayuki Tsunakawa
This commit is contained in:
Robert Haas
2016-11-22 15:32:13 -05:00
parent 906bfcad7b
commit 9a1d0af4ad
4 changed files with 23 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/interfaces/libpq/fe-auth.c
View File

@ -170,8 +170,9 @@ pg_GSS_startup(PGconn *conn)
min_stat;
int maxlen;
gss_buffer_desc temp_gbuf;
char *host = PQhost(conn);
if (!(conn->pghost && conn->pghost[0] != '\0'))
if (!(host && host[0] != '\0'))
{
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("host name must be specified\n"));
@ -198,7 +199,7 @@ pg_GSS_startup(PGconn *conn)
return STATUS_ERROR;
}
snprintf(temp_gbuf.value, maxlen, "%s@%s",
conn->krbsrvname, conn->pghost);
conn->krbsrvname, host);
temp_gbuf.length = strlen(temp_gbuf.value);
maj_stat = gss_import_name(&min_stat, &temp_gbuf,
@ -371,6 +372,7 @@ pg_SSPI_startup(PGconn *conn, int use_negotiate)
{
SECURITY_STATUS r;
TimeStamp expire;
char *host = PQhost(conn);
conn->sspictx = NULL;
@ -406,19 +408,19 @@ pg_SSPI_startup(PGconn *conn, int use_negotiate)
* but not more complex. We can skip the @REALM part, because Windows will
* fill that in for us automatically.
*/
if (!(conn->pghost && conn->pghost[0] != '\0'))
if (!(host && host[0] != '\0'))
{
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("host name must be specified\n"));
return STATUS_ERROR;
}
conn->sspitarget = malloc(strlen(conn->krbsrvname) + strlen(conn->pghost) + 2);
conn->sspitarget = malloc(strlen(conn->krbsrvname) + strlen(host) + 2);
if (!conn->sspitarget)
{
printfPQExpBuffer(&conn->errorMessage, libpq_gettext("out of memory\n"));
return STATUS_ERROR;
}
sprintf(conn->sspitarget, "%s/%s", conn->krbsrvname, conn->pghost);
sprintf(conn->sspitarget, "%s/%s", conn->krbsrvname, host);
/*
* Indicate that we're in SSPI authentication mode to make sure that