database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-13 07:41:39 +03:00
Code Activity

Arrange for client authentication to occur before we select a specific

Browse Source 
database to connect to. This is necessary for the walsender code to work
properly (it was previously using an untenable assumption that template1 would
always be available to connect to).  This also gets rid of a small security
shortcoming that was introduced in the original patch to eliminate the flat
authentication files: before, you could find out whether or not the requested
database existed even if you couldn't pass the authentication checks.

The changes needed to support this are mainly just to treat pg_authid and
pg_auth_members as nailed relations, so that we can read them without having
to be able to locate real pg_class entries for them.  This mechanism was
already debugged for pg_database, but we hadn't recognized the value of
applying it to those catalogs too.

Since the current code doesn't have support for accessing toast tables before
we've brought up all of the relcache, remove pg_authid's toast table to ensure
that no one can store an out-of-line toasted value of rolpassword.  The case
seems quite unlikely to occur in practice, and was effectively unsupported
anyway in the old "flatfiles" implementation.

Update genbki.pl to actually implement the same rules as bootstrap.c does for
not-nullability of catalog columns.  The previous coding was a bit cheesy but
worked all right for the previous set of bootstrap catalogs.  It does not work
for pg_authid, where rolvaliduntil needs to be nullable.

Initdb forced due to minor catalog changes (mainly the toast table removal).
This commit is contained in:
Tom Lane
2010-04-20 23:48:47 +00:00
parent 7de2dfccc5
commit ea46000a40
10 changed files with 177 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/backend/utils/init/miscinit.c
View File

@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/utils/init/miscinit.c,v 1.183 2010/02/26 02:01:13 momjian Exp $
* $PostgreSQL: pgsql/src/backend/utils/init/miscinit.c,v 1.184 2010/04/20 23:48:47 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@ -429,10 +429,8 @@ InitializeSessionUserId(const char *rolename)
* These next checks are not enforced when in standalone mode, so that
* there is a way to recover from sillinesses like "UPDATE pg_authid SET
* rolcanlogin = false;".
*
* We do not enforce them for the autovacuum process either.
*/
if (IsUnderPostmaster && !IsAutoVacuumWorkerProcess())
if (IsUnderPostmaster)
{
/*
* Is role allowed to login at all?
@ -479,7 +477,10 @@ InitializeSessionUserId(const char *rolename)
void
InitializeSessionUserIdStandalone(void)
{
/* This function should only be called in a single-user backend. */
/*
* This function should only be called in single-user mode and in
* autovacuum workers.
*/
AssertState(!IsUnderPostmaster || IsAutoVacuumWorkerProcess());
/* call only once */