Lock down regression testing temporary clusters on Windows.
Use SSPI authentication to allow connections exclusively from the OS
user that launched the test suite. This closes on Windows the
vulnerability that commit be76a6d39e2832d4b88c0e1cc381aa44a7f86881
closed on other platforms. Users of "make installcheck" or custom test
harnesses can run "pg_regress --config-auth=DATADIR" to activate the
same authentication configuration that "make check" would use.
Back-patch to 9.0 (all supported versions).
Security: CVE-2014-0067
Branch
------
REL9_0_STABLE
Details
-------
http://git.postgresql.org/pg/commitdiff/6d45ee572d0f698c91495e458b52be35c2b3cae5
Modified Files
--------------
contrib/dblink/Makefile | 3 +-
contrib/dblink/expected/dblink.out | 2 -
contrib/dblink/sql/dblink.sql | 2 -
doc/src/sgml/regress.sgml | 13 ---
src/test/regress/pg_regress.c | 175 ++++++++++++++++++++++++++++++++++++
5 files changed, 177 insertions(+), 18 deletions(-)