Thread: Case sensitivity

Case sensitivity

From
Brian Piatkus
Date:
There seems to be a general issue here with usernames.

PG creates only lower case usernames. I am happy that if  usEr can't type, it's
his problem but I have a definite problem with Identd authentication from an NT
client (or ident server whichever you choose )  which insists on pretty-printing
the identd response.

I have therefore hacked my  code in auth.c. This seems to be of no other
consequence but I am not a C programmer nor did I have time to check it out
elsewhere.

I may be masking another, more general, issue but this does for me ! Can we get
it or equivalent in future releases please ?

Regards.

BTW The actaul code works - this is a cut&paste.

*--------------------------------------------------------------------------- Talk to the ident server on the remote
hostand find out who owns the connection described by "port".  Then look in the usermap file under the usermap
*auth_argand see if that user is equivalent to Postgres user *user.
 
 Return STATUS_OK if yes.
---------------------------------------------------------------------------*/bool        checks_out;bool
ident_failed;
/* We were unable to get ident to give us a username */char        ident_username[IDENT_USERNAME_MAX + 1];
!!!!!!!!!    char*        c = ident username;                          

/* The username returned by ident */
ident(raddr->sin_addr, laddr->sin_addr,      raddr->sin_port, laddr->sin_port,      &ident_failed, ident_username);
if (ident_failed)    return STATUS_ERROR;

|||||||    while (*c) { *c++ |= 0x20;}
verify_against_usermap(postgres_username, ident_username, auth_arg,                       &checks_out);
return checks_out ? STATUS_OK : STATUS_ERROR;
}


Re: Case sensitivity

From
Tom Lane
Date:
Brian Piatkus <brian@brianp.demon.co.uk> writes:
> PG creates only lower case usernames.

Not at all.  However, if we hacked the ident code as you suggest,
it's true that the ident code would support only lower-case names.

Use double quotes if you need to create mixed-case names.
        regards, tom lane


Re: Case sensitivity

From
"Stephan Szabo"
Date:
You haven't given the hba.conf entry you are using, so I'm assuming
you're using ident with the sameuser usermap.

You can create mixed case names by double quoting the name
(as mentioned by Tom Lane)

Or, if you're using both unix and NT machines so the names come
out differently for the same users, you might be able to get away
with just using a usermap file.  If you really didn't feel like making
and keep the usermap up to date, you might want to look at how
the sameuser usermap is defined and make an equivalent
that did what you wanted (or do case insensitive matches),
probably something like [not at all tested or even tried to compile]:

else if (strcmp(usermap_name, "caseless_sameuser")) == 0)
{   if (strcasecmp(ident_username, pguser) == 0)       *checks_out_p = true;   else       *check_out_p = false;
}


I think the changes below are a bit drastic and make sure that
noone will ever be able to use mixed case names with it and
also are assuming that the usernames can't contain any characters
that might get translated by the |= that aren't A-Z.

----- Original Message -----
From: "Brian Piatkus" <brian@brianp.demon.co.uk>
To: <pgsql-hackers@postgresql.org>
Sent: Tuesday, July 04, 2000 1:37 PM
Subject: [HACKERS] Case sensitivity


> There seems to be a general issue here with usernames.
>
> PG creates only lower case usernames. I am happy that if  usEr can't type,
it's
> his problem but I have a definite problem with Identd authentication from
an NT
> client (or ident server whichever you choose )  which insists on
pretty-printing
> the identd response.
>
> I have therefore hacked my  code in auth.c. This seems to be of no other
> consequence but I am not a C programmer nor did I have time to check it
out
> elsewhere.
>
> I may be masking another, more general, issue but this does for me ! Can
we get
> it or equivalent in future releases please ?
>
> Regards.
>
> BTW The actaul code works - this is a cut&paste.
>
>
*---------------------------------------------------------------------------
>   Talk to the ident server on the remote host and find out who owns the
>   connection described by "port".  Then look in the usermap file under
>   the usermap *auth_arg and see if that user is equivalent to
>   Postgres user *user.
>
>   Return STATUS_OK if yes.
> --------------------------------------------------------------------------
-*/
> bool checks_out;
> bool ident_failed;
>
> /* We were unable to get ident to give us a username */
> char ident_username[IDENT_USERNAME_MAX + 1];
> !!!!!!!!! char* c = ident username;
>
>
>
> /* The username returned by ident */
>
> ident(raddr->sin_addr, laddr->sin_addr,
>   raddr->sin_port, laddr->sin_port,
>   &ident_failed, ident_username);
>
> if (ident_failed)
> return STATUS_ERROR;
>
> ||||||| while (*c) { *c++ |= 0x20;}
>
> verify_against_usermap(postgres_username, ident_username, auth_arg,
>    &checks_out);
>
> return checks_out ? STATUS_OK : STATUS_ERROR;
> }
>