This commit caused my compile to fail on CVS HEAD:
revision 1.399
date: 2010/07/18 11:37:26; author: petere; state: Exp; lines: +88 -1
Add server authentication over Unix-domain sockets
This adds a libpq connection parameter requirepeer that specifies the
user
name that the server process is expected to run under.
reviewed by KaiGai Kohei
The problem is that the code was not checking for SO_PEERCRED.
I have applied the attached check, but without SO_PEERCRED I can't
report the username which failed. Please adjust this if necessary.
Thanks.
--
Bruce Momjian <br...@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ None of us is going to be here forever. +
Index: fe-connect.c
===================================================================
RCS file: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v
retrieving revision 1.399
diff -c -r1.399 fe-connect.c
*** fe-connect.c 18 Jul 2010 11:37:26 -0000 1.399
--- fe-connect.c 18 Jul 2010 15:47:32 -0000
***************
*** 1816,1823 ****
--- 1816,1827 ----
if (pass == NULL)
{
appendPQExpBuffer(&conn->errorMessage,
+ # if defined(SO_PEERCRED)
libpq_gettext("local user with ID %d does not exist\n"),
(int) peercred.uid);
+ #else
+ libpq_gettext("matching local user does not exist\n"));
+ #endif
goto error_return;
}
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
