Re: passwords in pg_shadow (duplicate).

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: passwords in pg_shadow (duplicate).
Дата
Msg-id 204.1039117822@sss.pgh.pa.us
обсуждение исходный текст
Ответ на Re: passwords in pg_shadow (duplicate).  (Bruce Momjian <pgman@candle.pha.pa.us>)
Ответы Re: passwords in pg_shadow (duplicate).  (Bruce Momjian <pgman@candle.pha.pa.us>)
Список pgsql-general
Дерево обсуждения 
Bruce Momjian <pgman@candle.pha.pa.us> writes:
> Good catch.  Seems like a bug.  I assumed we still want to support
> 'password' even though pg_shadow contains MD5 encrypted passwords.  Is
> that correct?  (We can't support crypt in those cases.)

I think we should fix this for 7.3.1.

>       if (port->auth_method == uaMD5)
>           pfree(crypt_pwd);
> +     if (port->auth_method != uaMD5 && port->auth_method != uaCrypt &&
> +         isMD5(passwd))
> +         pfree((char *)pgpass);

This part of your patch seems awfully fragile though.  Better style
would be to add a boolean:

    bool    free_pgpass = false;

    ...
    {
        palloc pgpass here;
        free_pgpass = true;
    }

    if (free_pgpass)
        free(pg_pass);

This is less fragile and easily extends to more cases that palloc
pg_pass in future.

            regards, tom lane

В списке pgsql-general по дате отправления:

Предыдущее
От: Jean-Luc Lachance
Дата:
Сообщение: Order of execution of Constraints, Triggers and Rules
Следующее
От: Lamar Owen
Дата:
Сообщение: 7.3-2 RPMset released.