Re: [GENERAL] pgpool-II 3.0 + postgres 9rc1 + md5 authentication not working

[Tatsuo Ishii]

Sorry for delay. I had a trip outside Japan.

> Thanks, I should have thought to try that location. :)
> 
> I put the pool_passwd file in the expected location (custom build,
> /opt/postgres/etc/pool_passwd and /etc/pool_passwd) and reran my test.  I'm
> still having the same connection problem.

I found nasty bug with pgpool. Please try attached patches.

> I think it would be good to add an additional command line parameter to
> pgpool to allow overriding the location of that file (the same way the
> location of pcp.conf, pgpool.conf, and pgpool_hba.conf can be overriden).

Thanks for the suggestion. I'm thinking about to include your idea in
the next major pgpool version up.
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese: http://www.sraoss.co.jp

Index: pool_auth.c
===================================================================
RCS file: /cvsroot/pgpool/pgpool-II/pool_auth.c,v
retrieving revision 1.25
diff -c -r1.25 pool_auth.c
*** pool_auth.c 17 Aug 2010 02:22:17 -0000      1.25
--- pool_auth.c 20 Sep 2010 04:27:36 -0000
***************
*** 5,11 ****
   * pgpool: a language independent connection pool server for PostgreSQL
   * written by Tatsuo Ishii
   *
!  * Copyright (c) 2003-2009    PgPool Global Development Group
   *
   * Permission to use, copy, modify, and distribute this software and
   * its documentation for any purpose and without fee is hereby
--- 5,11 ----
   * pgpool: a language independent connection pool server for PostgreSQL
   * written by Tatsuo Ishii
   *
!  * Copyright (c) 2003-2010    PgPool Global Development Group
   *
   * Permission to use, copy, modify, and distribute this software and
   * its documentation for any purpose and without fee is hereby
***************
*** 131,136 ****
--- 131,138 ----
  
        authkind = ntohl(authkind);
  
+       pool_debug("pool_do_auth: auth kind:%d", authkind);
+ 
        /* trust? */
        if (authkind == 0)
        {
***************
*** 833,838 ****
--- 835,848 ----
  
        if (!RAW_MODE && NUM_BACKENDS > 1)
        {
+               /* Read password entry from pool_passwd */
+               pool_passwd = pool_get_passwd(frontend->username);
+               if (!pool_passwd)
+               {
+                       pool_debug("do_md5: %s does not exist in pool_passwd", 
frontend->username);
+                       return -1;
+               }
+ 
                /* master? */
                if (IS_MASTER_NODE_ID(backend->db_node_id))
                {
***************
*** 852,864 ****
                        }
  
                        /* Check the password using my salt + pool_passwd */
-                       pool_passwd = pool_get_passwd(frontend->username);
-                       if (!pool_passwd)
-                       {
-                               pool_debug("do_md5: %s does not exist in 
pool_passwd", frontend->username);
-                               return -1;
-                       }
- 
                        pg_md5_encrypt(pool_passwd+strlen("md5"), salt, 
sizeof(salt), encbuf);
                        if (strcmp(password, encbuf))
                        {
--- 862,867 ----

-- 
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general