mirrors/postgres
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Disallow empty passwords in LDAP authentication, the same way

Browse Source 
we already do it for PAM.
This commit is contained in:
Magnus Hagander 2009-06-25 11:30:08 +00:00
parent 4183b10661
commit 6c4637a3b3
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/backend/libpq/auth.c
View File

@ -8,7 +8,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.182 2009/06/11 14:48:57 momjian Exp $ * $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.183 2009/06/25 11:30:08 mha Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -2066,6 +2066,13 @@ CheckLDAPAuth(Port *port)
if (passwd == NULL) if (passwd == NULL)
return STATUS_EOF; /* client wouldn't send password */ return STATUS_EOF; /* client wouldn't send password */
if (strlen(passwd) == 0)
{
ereport(LOG,
(errmsg("empty password returned by client")));
return STATUS_ERROR;
}
ldap = ldap_init(port->hba->ldapserver, port->hba->ldapport); ldap = ldap_init(port->hba->ldapserver, port->hba->ldapport);
if (!ldap) if (!ldap)
{ {