The following bug has been logged on the website:
Bug reference: 16106
Logged by: Marcos David
Email address: mdavid@palantir.com
PostgreSQL version: 12.0
Operating system: Centos 7
Description:
I'm using radius authentication in pg_hba.conf and I've run into the
following issue.
The radiussecrets is always getting lowercased even if I start it with
double quotes. Seems the double quotes are removed by the tokenization
process and then the secret gets lowercased by
https://github.com/postgres/postgres/blob/REL_12_STABLE/src/backend/utils/adt/varlena.c#L3652
I'm attaching a patch for this since I don't think the secrets should ever
be lowercased.
--- src/backend/libpq/hba.c.old 2019-11-08 16:42:27.934508368 +0000
+++ src/backend/libpq/hba.c 2019-11-08 16:43:12.069173627 +0000
@@ -2011,7 +2011,7 @@
REQUIRE_AUTH_OPTION(uaRADIUS, "radiussecrets", "radius");
- if (!SplitIdentifierString(dupval, ',', &parsed_secrets))
+ if (!SplitGUCList(dupval, ',', &parsed_secrets))
{
/* syntax error in list */
ereport(elevel,
@@ -2033,7 +2033,7 @@
REQUIRE_AUTH_OPTION(uaRADIUS, "radiusidentifiers", "radius");
- if (!SplitIdentifierString(dupval, ',', &parsed_identifiers))
+ if (!SplitGUCList(dupval, ',', &parsed_identifiers))
{
/* syntax error in list */
ereport(elevel,