summaryrefslogtreecommitdiff
path: root/src/backend/libpq/auth.c
Commit message (Collapse)AuthorAgeFilesLines
* Guard against send-lots-and-lots-of-data DoS attack from unauthenticatedTom Lane2002-09-041-5/+4
| | | | | users, by limiting the length of string we will accept for a password. Patch by Serguei Mokhov, some editorializing by Tom Lane.
* pgindent run.Bruce Momjian2002-09-041-12/+11
|
* Remove sys/types.h in files that include postgres.h, and hence c.h,Bruce Momjian2002-09-021-2/+1
| | | | because c.h has sys/types.h.
* Back out password packet length check.Bruce Momjian2002-08-301-15/+1
| | | | Improve wording of pre-7.3 syntax mention.
* Prevent problem with extra-long password packets from allocating lots ofBruce Momjian2002-08-291-1/+15
| | | | | | memory. Neil Conway
* Remove support for version-0 FE/BE protocol, per pghackers discussion.Tom Lane2002-08-291-181/+1
| | | | This breaks support for 6.2 or older client libraries.
* The attached patch implements the password packet length sanity checkBruce Momjian2002-08-271-1/+12
| | | | | | (using an elog(LOG) ), as well as includes a few more comment fixes. Neil Conway
* Add most of Neil Conway's cleanups.Bruce Momjian2002-08-271-2/+2
|
* Add db-local user names, per discussion on hackers.Bruce Momjian2002-08-181-3/+3
|
* Update copyright to 2002.Bruce Momjian2002-06-201-2/+2
|
* Create an internal semaphore API that is not tied to SysV semaphores.Tom Lane2002-05-051-1/+4
| | | | | | As proof of concept, provide an alternate implementation based on POSIX semaphores. Also push the SysV shared-memory implementation into a separate file so that it can be replaced conveniently.
* Authentication improvements:Bruce Momjian2002-04-041-19/+5
| | | | | | | | | | | | | | A new pg_hba.conf column, USER Allow specifiction of lists of users separated by commas Allow group names specified by + Allow include files containing lists of users specified by @ Allow lists of databases, and database files Allow samegroup in database column to match group name matching dbname Removal of secondary password files Remove pg_passwd utility Lots of code cleanup in user.c and hba.c New data/global/pg_pwd format New data/global/pg_group file
* Prevent failed passwords from being echoed to server logs, for security.Bruce Momjian2002-03-051-2/+4
|
* Prevent failed passwords from being echoed to server logs, for security.Bruce Momjian2002-03-051-3/+3
|
* Further work on elog cleanup: fix some bogosities in elog's logic aboutTom Lane2002-03-041-101/+52
| | | | | | | when to send what to which, prevent recursion by introducing new COMMERROR elog level for client-communication problems, get rid of direct writes to stderr in backend/libpq files, prevent non-error elogs from going to client during the authentication cycle.
* Commit to match discussed elog() changes. Only update is that LOG isBruce Momjian2002-03-021-7/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | now just below FATAL in server_min_messages. Added more text to highlight ordering difference between it and client_min_messages. --------------------------------------------------------------------------- REALLYFATAL => PANIC STOP => PANIC New INFO level the prints to client by default New LOG level the prints to server log by default Cause VACUUM information to print only to the client NOTICE => INFO where purely information messages are sent DEBUG => LOG for purely server status messages DEBUG removed, kept as backward compatible DEBUG5, DEBUG4, DEBUG3, DEBUG2, DEBUG1 added DebugLvl removed in favor of new DEBUG[1-5] symbols New server_min_messages GUC parameter with values: DEBUG[5-1], INFO, NOTICE, ERROR, LOG, FATAL, PANIC New client_min_messages GUC parameter with values: DEBUG[5-1], LOG, INFO, NOTICE, ERROR, FATAL, PANIC Server startup now logged with LOG instead of DEBUG Remove debug_level GUC parameter elog() numbers now start at 10 Add test to print error message if older elog() values are passed to elog() Bootstrap mode now has a -d that requires an argument, like postmaster
* Fix for PAM error message display:Bruce Momjian2002-02-251-28/+28
| | | | | | | > and that the right fix is to make each of the subsequent calls be in > this same pattern, not to try to emulate their nonsensical style. Dominic J. Eidson
* Heimdal support (Kerberos V implementation from KTH)Peter Eisentraut2002-02-231-2/+9
|
* Avoid calling pq_flush just after sending AUTH_REQ_OK; this saves oneTom Lane2002-02-191-2/+9
| | | | send() and probable process context swap during backend startup.
* New pgindent run with fixes suggested by Tom. Patch manually reviewed,Bruce Momjian2001-11-051-8/+8
| | | | initdb/regression tests pass.
* Another pgindent run. Fixes enum indenting, and improves #endifBruce Momjian2001-10-281-2/+2
| | | | spacing. Also adds space for one-line comments.
* pgindent run on all C files. Java run to follow. initdb/regressionBruce Momjian2001-10-251-126/+143
| | | | tests pass.
* Fix authentication so that it doesn't record an extra 'PasswordTom Lane2001-10-181-38/+57
| | | | | | | | | | authentication failed' and a 'send() failed: Broken pipe' message on every connection from psql in password auth mode. Problem is that psql doesn't ask user for a password until it sees a password challenge failure, and libpq just closes the connection unceremoniously if it's challenged for a password when it hasn't got one to send. Accordingly, EOF from the client after asking for a password is normal behavior and should not result in postmaster log entries.
* Disable local creds on OpenBSD because it doesn't support it. DocumentBruce Momjian2001-09-261-2/+2
| | | | supported platforms in pg_hba.conf.
* Code review for MD5 authorization patch. Clean up some breakageTom Lane2001-09-211-8/+4
| | | | (salts were always zero!?), add much missing documentation.
* Update SCM_CREDS for Net/Free/BSD-OS. Add configure checks.Bruce Momjian2001-09-071-7/+10
|
* PAM authentication:Bruce Momjian2001-09-061-9/+224
| | | | | | | | | | | | | | | | > pam_strerror() should be used a few more times, rather than just saying > "Error!". Also, the configure.in snippet seems wrong. You add > -I$pam_prefix/include/security to $INCLUDES and then you #include > <security/pam_appl.h>. This whole thing is probably unnecessary, since > PAM is a system library on the systems where it exists, so the headers > and libraries are found automatically, unlike OpenSSL and > Kerberos. See attached revised patch. (I'm sure the configure.in stuff can be done right/better, I'm just not enough of a autoconf guru to know what to change it to.) Dominic J. Eidson
* Add missing include for SCM_CREDS.Bruce Momjian2001-08-211-1/+2
|
* Add SCM_CREDS to get owner of unix-domain socket on BSD-like systems.Bruce Momjian2001-08-211-5/+29
|
* A little more code reorg for MD5/crypt.Bruce Momjian2001-08-171-7/+7
|
* Reorder MD5/crypt so MD5 comes first in the code.Bruce Momjian2001-08-171-7/+7
|
* Add 4-byte MD5 salt.Bruce Momjian2001-08-171-4/+11
|
* Add new MD5 pg_hba.conf keyword. Prevent fallback to crypt.Bruce Momjian2001-08-161-9/+6
|
* Remove protocol version change. Try MD5 first, then crypt() on all clients.Bruce Momjian2001-08-161-6/+9
|
* Use MD5 for wire protocol encryption for >= 7.2 client/server.Bruce Momjian2001-08-151-7/+11
| | | | | | | Allow pg_shadow to be MD5 encrypted. Add ENCRYPTED/UNENCRYPTED option to CREATE/ALTER user. Add password_encryption postgresql.conf option. Update wire protocol version to 2.1.
* Add a check for end of client connection before expecting a passwordPeter Eisentraut2001-08-071-2/+2
| | | | response, to avoid noise in the server log.
* Support ident authentication on local (Unix) socket connections, if theTom Lane2001-08-011-5/+3
| | | | | | system supports SO_PEERCRED requests for Unix sockets. This is an amalgamation of patches submitted by Helge Bahmann and Oliver Elphick, with some editorializing by yours truly.
* Source formatting cleanup.Bruce Momjian2001-07-211-21/+11
|
* Handle reading of startup packet and authentication exchange after forkingPeter Eisentraut2001-06-201-228/+112
| | | | | | | | | | a new postmaster child process. This should eliminate problems with authentication blocking (e.g., ident, SSL init) and also reduce problems with the accept queue filling up under heavy load. The option to send elog output to a different file per backend (postgres -o) has been disabled for now because the initialization would have to happen in a different order and it's not clear we want to keep this anyway.
* pgindent run. Make it all clean.Bruce Momjian2001-03-221-20/+25
|
* Change Copyright from PostgreSQL, Inc to PostgreSQL Global Development Group.Bruce Momjian2001-01-241-2/+2
|
* Ensure that all uses of <ctype.h> functions are applied to unsigned-charTom Lane2000-12-031-2/+2
| | | | | values, whether the local char type is signed or not. This is necessary for portability. Per discussion on pghackers around 9/16/00.
* Make the location of the Kerberos server key file run time configurablePeter Eisentraut2000-08-251-5/+8
| | | | | | | | | (rather than compile time). For libpq, even when Kerberos support is compiled in, the default user name should still fall back to geteuid() if it can't be determined via the Kerberos system. A couple of fixes for string type configuration parameters, now that there is one.
* Expand secondary password file feature, so that you can use thesePeter Eisentraut2000-07-041-13/+5
| | | | | | files to restrict the set of users that can connect to a database but can still use the pg_shadow password. (You just leave off the password field in the secondary file.)
* Update kerberos patchBruce Momjian2000-05-271-99/+104
|
* Back out kerberos changes. Causes compile problems.Bruce Momjian2000-05-271-104/+99
|
* Patch for Kerberos V.Bruce Momjian2000-05-271-99/+104
| | | | | | | | | | | | Most (nearly all) of the work was done by David Wragg <dpw@doc.ic.ac.uk> He patched 6.5.3. I've updated it for 7.0RC5. It works for MIT kerberos 1.1.1 (and previously for 1.0.6 as well). I've got the patch against 6.5.3, plus kerberized RPMS. Mike Wyer <mw@doc.ic.ac.uk> || "Woof?"
* Ye-old pgindent run. Same 4-space tabs.Bruce Momjian2000-04-121-4/+5
|
* Add:Bruce Momjian2000-01-261-2/+3
| | | | | | * Portions Copyright (c) 1996-2000, PostgreSQL, Inc to all files copyright Regents of Berkeley. Man, that's a lot of files.
* Look Ma, no MAX_PARSE_BUFFER! (At least not in the backend.Tom Lane1999-10-231-15/+17
| | | | pg_dump and interfaces/odbc still need some work.)
View Lorry Controller Status