summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6203881)
raw | patch | inline | side by side (parent: 6203881)
| author | Tom Lane <tgl@sss.pgh.pa.us> | |
| Fri, 3 Aug 2018 16:12:10 +0000 (12:12 -0400) | ||
| committer | Tom Lane <tgl@sss.pgh.pa.us> | |
| Fri, 3 Aug 2018 16:12:10 +0000 (12:12 -0400) |
Commit 1944cdc98 changed PQhost() to return the hostaddr value when that
is specified and host isn't. This is a good idea in general, but
fe-auth.c and related files contain PQhost() calls for which it isn't.
Specifically, when we compare SSL certificates or other server identity
information to the host field, we do not want to use hostaddr instead;
that's not what's documented, that's not what happened pre-v10, and
it doesn't seem like a good idea.
Instead, we can just look at connhost[].host directly. This does what
we want in v10 and up; in particular, if neither host nor hostaddr
were given, the host field will be replaced with the default host name.
That seems useful, and it's likely the reason that these places were
coded to call PQhost() originally (since pre-v10, the stored field was
not replaced with the default).
Back-patch to v10, as 1944cdc98 (just) was.
Discussion: https://postgr.es/m/23287.1533227021@sss.pgh.pa.us
is specified and host isn't. This is a good idea in general, but
fe-auth.c and related files contain PQhost() calls for which it isn't.
Specifically, when we compare SSL certificates or other server identity
information to the host field, we do not want to use hostaddr instead;
that's not what's documented, that's not what happened pre-v10, and
it doesn't seem like a good idea.
Instead, we can just look at connhost[].host directly. This does what
we want in v10 and up; in particular, if neither host nor hostaddr
were given, the host field will be replaced with the default host name.
That seems useful, and it's likely the reason that these places were
coded to call PQhost() originally (since pre-v10, the stored field was
not replaced with the default).
Back-patch to v10, as 1944cdc98 (just) was.
Discussion: https://postgr.es/m/23287.1533227021@sss.pgh.pa.us
| src/interfaces/libpq/fe-auth.c | patch | blob | blame | history | |
| src/interfaces/libpq/fe-secure-openssl.c | patch | blob | blame | history |
index c4ef4f0bbb01efdc0a6e2b0fe6d173bee5f64184..1767f0fb9b3f2dff0d474784736e33aa439a409d 100644 (file)
min_stat;
int maxlen;
gss_buffer_desc temp_gbuf;
- char *host = PQhost(conn);
+ char *host = conn->connhost[conn->whichhost].host;
if (!(host && host[0] != '\0'))
{
{
SECURITY_STATUS r;
TimeStamp expire;
- char *host = PQhost(conn);
+ char *host = conn->connhost[conn->whichhost].host;
if (conn->sspictx)
{
index 2f29820e8205c620f0f66538f1b37f8e0ab08845..f6636d1607afd24f3e7c1d5fc9b14e02417ecc38 100644 (file)
@@ -483,10 +483,17 @@ verify_peer_name_matches_certificate_name(PGconn *conn, ASN1_STRING *name_entry,
char *name;
const unsigned char *namedata;
int result;
- char *host = PQhost(conn);
+ char *host = conn->connhost[conn->whichhost].host;
*store_name = NULL;
+ if (!(host && host[0] != '\0'))
+ {
+ printfPQExpBuffer(&conn->errorMessage,
+ libpq_gettext("host name must be specified\n"));
+ return -1;
+ }
+
/* Should not happen... */
if (name_entry == NULL)
{
STACK_OF(GENERAL_NAME) *peer_san;
int i;
int rc;
- char *host = PQhost(conn);
+ char *host = conn->connhost[conn->whichhost].host;
/*
* If told not to verify the peer name, don't do it. Return true