diff options
Diffstat (limited to 'src/interfaces')
| -rw-r--r-- | src/interfaces/libpq/fe-auth.c | 54 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-auth.h | 1 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-connect.c | 40 |
3 files changed, 40 insertions, 55 deletions
diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c index 82fc7cdb986..2edc3f48e2e 100644 --- a/src/interfaces/libpq/fe-auth.c +++ b/src/interfaces/libpq/fe-auth.c @@ -35,7 +35,6 @@ #ifndef MAXHOSTNAMELEN #include <netdb.h> /* for MAXHOSTNAMELEN on some */ #endif -#include <pwd.h> #endif #include "common/md5.h" @@ -1099,14 +1098,17 @@ pg_fe_sendauth(AuthRequest areq, int payloadlen, PGconn *conn) /* - * pg_fe_getauthname + * pg_fe_getusername * - * Returns a pointer to malloc'd space containing whatever name the user - * has authenticated to the system. If there is an error, return NULL, - * and append a suitable error message to *errorMessage if that's not NULL. + * Returns a pointer to malloc'd space containing the name of the + * specified user_id. If there is an error, return NULL, and append + * a suitable error message to *errorMessage if that's not NULL. + * + * Caution: on Windows, the user_id argument is ignored, and we always + * fetch the current user's name. */ char * -pg_fe_getauthname(PQExpBuffer errorMessage) +pg_fe_getusername(uid_t user_id, PQExpBuffer errorMessage) { char *result = NULL; const char *name = NULL; @@ -1116,17 +1118,13 @@ pg_fe_getauthname(PQExpBuffer errorMessage) char username[256 + 1]; DWORD namesize = sizeof(username); #else - uid_t user_id = geteuid(); char pwdbuf[BUFSIZ]; - struct passwd pwdstr; - struct passwd *pw = NULL; - int pwerr; #endif /* * Some users are using configure --enable-thread-safety-force, so we * might as well do the locking within our library to protect - * pqGetpwuid(). In fact, application developers can use getpwuid() in + * getpwuid(). In fact, application developers can use getpwuid() in * their application if they use the locking call we provide, or install * their own locking function using PQregisterThreadLock(). */ @@ -1140,21 +1138,10 @@ pg_fe_getauthname(PQExpBuffer errorMessage) libpq_gettext("user name lookup failure: error code %lu\n"), GetLastError()); #else - pwerr = pqGetpwuid(user_id, &pwdstr, pwdbuf, sizeof(pwdbuf), &pw); - if (pw != NULL) - name = pw->pw_name; + if (pg_get_user_name(user_id, pwdbuf, sizeof(pwdbuf))) + name = pwdbuf; else if (errorMessage) - { - if (pwerr != 0) - appendPQExpBuffer(errorMessage, - libpq_gettext("could not look up local user ID %d: %s\n"), - (int) user_id, - strerror_r(pwerr, pwdbuf, sizeof(pwdbuf))); - else - appendPQExpBuffer(errorMessage, - libpq_gettext("local user with ID %d does not exist\n"), - (int) user_id); - } + appendPQExpBuffer(errorMessage, "%s\n", pwdbuf); #endif if (name) @@ -1170,6 +1157,23 @@ pg_fe_getauthname(PQExpBuffer errorMessage) return result; } +/* + * pg_fe_getauthname + * + * Returns a pointer to malloc'd space containing whatever name the user + * has authenticated to the system. If there is an error, return NULL, + * and append a suitable error message to *errorMessage if that's not NULL. + */ +char * +pg_fe_getauthname(PQExpBuffer errorMessage) +{ +#ifdef WIN32 + return pg_fe_getusername(0, errorMessage); +#else + return pg_fe_getusername(geteuid(), errorMessage); +#endif +} + /* * PQencryptPassword -- exported routine to encrypt a password with MD5 diff --git a/src/interfaces/libpq/fe-auth.h b/src/interfaces/libpq/fe-auth.h index 16d5e1da0f0..f22b3fe6488 100644 --- a/src/interfaces/libpq/fe-auth.h +++ b/src/interfaces/libpq/fe-auth.h @@ -20,6 +20,7 @@ /* Prototypes for functions in fe-auth.c */ extern int pg_fe_sendauth(AuthRequest areq, int payloadlen, PGconn *conn); +extern char *pg_fe_getusername(uid_t user_id, PQExpBuffer errorMessage); extern char *pg_fe_getauthname(PQExpBuffer errorMessage); /* Mechanisms in fe-auth-scram.c */ diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index a12e0180fdb..5fc16be849f 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -2813,10 +2813,7 @@ keep_going: /* We will come back to here until there is IS_AF_UNIX(conn->raddr.addr.ss_family)) { #ifndef WIN32 - char pwdbuf[BUFSIZ]; - struct passwd pass_buf; - struct passwd *pass; - int passerr; + char *remote_username; #endif uid_t uid; gid_t gid; @@ -2839,28 +2836,20 @@ keep_going: /* We will come back to here until there is } #ifndef WIN32 - passerr = pqGetpwuid(uid, &pass_buf, pwdbuf, sizeof(pwdbuf), &pass); - if (pass == NULL) - { - if (passerr != 0) - appendPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not look up local user ID %d: %s\n"), - (int) uid, - strerror_r(passerr, sebuf, sizeof(sebuf))); - else - appendPQExpBuffer(&conn->errorMessage, - libpq_gettext("local user with ID %d does not exist\n"), - (int) uid); - goto error_return; - } + remote_username = pg_fe_getusername(uid, + &conn->errorMessage); + if (remote_username == NULL) + goto error_return; /* message already logged */ - if (strcmp(pass->pw_name, conn->requirepeer) != 0) + if (strcmp(remote_username, conn->requirepeer) != 0) { appendPQExpBuffer(&conn->errorMessage, libpq_gettext("requirepeer specifies \"%s\", but actual peer user name is \"%s\"\n"), - conn->requirepeer, pass->pw_name); + conn->requirepeer, remote_username); + free(remote_username); goto error_return; } + free(remote_username); #else /* WIN32 */ /* should have failed with ENOSYS above */ Assert(false); @@ -7271,16 +7260,7 @@ pqGetHomeDirectory(char *buf, int bufsize) home = getenv("HOME"); if (home == NULL || home[0] == '\0') - { - char pwdbuf[BUFSIZ]; - struct passwd pwdstr; - struct passwd *pwd = NULL; - - (void) pqGetpwuid(geteuid(), &pwdstr, pwdbuf, sizeof(pwdbuf), &pwd); - if (pwd == NULL) - return false; - home = pwd->pw_dir; - } + return pg_get_user_home_dir(geteuid(), buf, bufsize); strlcpy(buf, home, bufsize); return true; #else |