pgsql: Avoid masking EOF (no-password-supplied) conditions in auth.c. - Mailing list pgsql-committers

From Tom Lane
Subject pgsql: Avoid masking EOF (no-password-supplied) conditions in auth.c.
Date
Msg-id E1rL9v5-00DLLL-LG@gemulon.postgresql.org
Whole thread Raw
List pgsql-committers
Avoid masking EOF (no-password-supplied) conditions in auth.c.

CheckPWChallengeAuth() would return STATUS_ERROR if the user does not
exist or has no password assigned, even if the client disconnected
without responding to the password challenge (as libpq often will,
for example).  We should return STATUS_EOF in that case, and the
lower-level functions do, but this code level got it wrong since the
refactoring done in 7ac955b34.  This breaks the intent of not logging
anything for EOF cases (cf. comments in auth_failed()) and might
also confuse users of ClientAuthentication_hook.

Per report from Liu Lang.  Back-patch to all supported versions.

Discussion: https://postgr.es/m/b725238c-539d-cb09-2bff-b5e6cb2c069c@esgyn.cn

Branch
------
REL_13_STABLE

Details
-------
https://git.postgresql.org/pg/commitdiff/5810888c56d013d0627783e6404bd81027a6341d

Modified Files
--------------
src/backend/libpq/auth.c | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)


pgsql-committers by date:

Previous
From: Peter Eisentraut
Date:
Subject: Re: pgsql: Reorganise jsonpath operators and methods
Next
From: Michael Paquier
Date:
Subject: pgsql: doc: fix typo "vertexes" -> "vertices"