mirrors/postgres
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Patch that makes quoting "sameuser", "samegroup", and "all" remove

Browse Source 
special meaning of these terms in pg_hba.conf.

Also changes ugly pg_hba.conf IPv6 netmask of
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff to ::1/128.

Andrew Dunstan
This commit is contained in:
Bruce Momjian 2003-12-25 03:44:05 +00:00
parent 1c757c49fa
commit 3e32e9476f
2 changed files with 35 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/backend/libpq/hba.c
View File

@ -10,7 +10,7 @@
*
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.118 2003/12/05 15:50:31 tgl Exp $
* $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.119 2003/12/25 03:44:04 momjian Exp $
*
*-------------------------------------------------------------------------
*/
@ -87,16 +87,19 @@ pg_isblank(const char c)
* token or EOF, whichever comes first. If no more tokens on line,
* return null string as *buf and position file to beginning of
* next line or EOF, whichever comes first. Allow spaces in quoted
* strings. Terminate on unquoted commas. Handle comments.
* strings. Terminate on unquoted commas. Handle comments. Treat
* unquoted keywords that might be user names or database names
* specially, by appending a newline to them.
*/
void
next_token(FILE *fp, char *buf, const int bufsz)
{
int c;
char *start_buf = buf;
char *end_buf = buf + (bufsz - 1);
char *end_buf = buf + (bufsz - 2);
bool in_quote = false;
bool was_quote = false;
bool saw_quote = false;
/* Move over initial whitespace and commas */
while ((c = getc(fp)) != EOF && (pg_isblank(c) || c == ','))
@ -149,7 +152,10 @@ next_token(FILE *fp, char *buf, const int bufsz)
was_quote = false;
if (c == '"')
{
in_quote = !in_quote;
saw_quote = true;
}
c = getc(fp);
}
@ -161,7 +167,22 @@ next_token(FILE *fp, char *buf, const int bufsz)
if (c != EOF)
ungetc(c, fp);
}
if ( !saw_quote &&
(
strncmp(start_buf,"all",3) == 0 ||
strncmp(start_buf,"sameuser",8) == 0 ||
strncmp(start_buf,"samegroup",9) == 0
)
)
{
/* append newline to a magical keyword */
*buf++ = '\n';
}
*buf = '\0';
}
/*
@ -446,7 +467,7 @@ check_user(char *user, char *param_str)
return true;
}
else if (strcmp(tok, user) == 0 ||
strcmp(tok, "all") == 0)
strcmp(tok, "all\n") == 0)
return true;
}
@ -463,14 +484,14 @@ check_db(char *dbname, char *user, char *param_str)
for (tok = strtok(param_str, MULTI_VALUE_SEP); tok != NULL; tok = strtok(NULL, MULTI_VALUE_SEP))
{
if (strcmp(tok, "all") == 0)
if (strcmp(tok, "all\n") == 0)
return true;
else if (strcmp(tok, "sameuser") == 0)
else if (strcmp(tok, "sameuser\n") == 0)
{
if (strcmp(dbname, user) == 0)
return true;
}
else if (strcmp(tok, "samegroup") == 0)
else if (strcmp(tok, "samegroup\n") == 0)
{
if (check_group(dbname, user))
return true;
@ -1068,7 +1089,7 @@ check_ident_usermap(const char *usermap_name,
errmsg("cannot use Ident authentication without usermap field")));
found_entry = false;
}
else if (strcmp(usermap_name, "sameuser") == 0)
else if (strcmp(usermap_name, "sameuser\n") == 0)
{
if (strcmp(pg_user, ident_user) == 0)
found_entry = true;

7
src/backend/libpq/pg_hba.conf.sample
View File

@ -35,6 +35,11 @@
# encrypted passwords. OPTION is the ident map or the name of the PAM
# service.
#
# Database and user names containing spaces, commas, quotes and other special
# characters can be quoted. Quoting one of the keywords "all", "sameuser" or
# "samegroup" makes the name lose its special character, and just match a
# database or username with that name.
#
# This file is read on server startup and when the postmaster receives
# a SIGHUP signal. If you edit the file on a running system, you have
# to SIGHUP the postmaster for the changes to take effect, or use
@ -59,4 +64,4 @@ local all all trust
# IPv4-style local connections:
host all all 127.0.0.1 255.255.255.255 trust
# IPv6-style local connections:
host all all ::1 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust
host all all ::1/128 trust