diff options
| author | Robert Haas | 2016-11-22 20:32:13 +0000 |
|---|---|---|
| committer | Robert Haas | 2016-11-22 20:50:39 +0000 |
| commit | 9a1d0af4ad2cbd419115b453d811c141b80d872b (patch) | |
| tree | ea1e9dd3554984a54a21ee541435f9b239bbe351 /src/interfaces/libpq/fe-auth.c | |
| parent | 906bfcad7ba7cb3863fe0e2a7810be8e3cd84fbd (diff) | |
Code review for commit 274bb2b3857cc987cfa21d14775cae9b0dababa5.
Avoid memory leak in conninfo_uri_parse_options. Use the current host
rather than the comma-separated list of host names when the host name
is needed for GSS, SSPI, or SSL authentication. Document the way
connect_timeout interacts with multiple host specifications.
Takayuki Tsunakawa
Diffstat (limited to 'src/interfaces/libpq/fe-auth.c')
| -rw-r--r-- | src/interfaces/libpq/fe-auth.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c index 19171fb676a..d861dc487b4 100644 --- a/src/interfaces/libpq/fe-auth.c +++ b/src/interfaces/libpq/fe-auth.c @@ -170,8 +170,9 @@ pg_GSS_startup(PGconn *conn) min_stat; int maxlen; gss_buffer_desc temp_gbuf; + char *host = PQhost(conn); - if (!(conn->pghost && conn->pghost[0] != '\0')) + if (!(host && host[0] != '\0')) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("host name must be specified\n")); @@ -198,7 +199,7 @@ pg_GSS_startup(PGconn *conn) return STATUS_ERROR; } snprintf(temp_gbuf.value, maxlen, "%s@%s", - conn->krbsrvname, conn->pghost); + conn->krbsrvname, host); temp_gbuf.length = strlen(temp_gbuf.value); maj_stat = gss_import_name(&min_stat, &temp_gbuf, @@ -371,6 +372,7 @@ pg_SSPI_startup(PGconn *conn, int use_negotiate) { SECURITY_STATUS r; TimeStamp expire; + char *host = PQhost(conn); conn->sspictx = NULL; @@ -406,19 +408,19 @@ pg_SSPI_startup(PGconn *conn, int use_negotiate) * but not more complex. We can skip the @REALM part, because Windows will * fill that in for us automatically. */ - if (!(conn->pghost && conn->pghost[0] != '\0')) + if (!(host && host[0] != '\0')) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("host name must be specified\n")); return STATUS_ERROR; } - conn->sspitarget = malloc(strlen(conn->krbsrvname) + strlen(conn->pghost) + 2); + conn->sspitarget = malloc(strlen(conn->krbsrvname) + strlen(host) + 2); if (!conn->sspitarget) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("out of memory\n")); return STATUS_ERROR; } - sprintf(conn->sspitarget, "%s/%s", conn->krbsrvname, conn->pghost); + sprintf(conn->sspitarget, "%s/%s", conn->krbsrvname, host); /* * Indicate that we're in SSPI authentication mode to make sure that |