• Tom Lane's avatar
    Arrange for client authentication to occur before we select a specific · ea46000a
    Tom Lane authored
    database to connect to. This is necessary for the walsender code to work
    properly (it was previously using an untenable assumption that template1 would
    always be available to connect to).  This also gets rid of a small security
    shortcoming that was introduced in the original patch to eliminate the flat
    authentication files: before, you could find out whether or not the requested
    database existed even if you couldn't pass the authentication checks.
    
    The changes needed to support this are mainly just to treat pg_authid and
    pg_auth_members as nailed relations, so that we can read them without having
    to be able to locate real pg_class entries for them.  This mechanism was
    already debugged for pg_database, but we hadn't recognized the value of
    applying it to those catalogs too.
    
    Since the current code doesn't have support for accessing toast tables before
    we've brought up all of the relcache, remove pg_authid's toast table to ensure
    that no one can store an out-of-line toasted value of rolpassword.  The case
    seems quite unlikely to occur in practice, and was effectively unsupported
    anyway in the old "flatfiles" implementation.
    
    Update genbki.pl to actually implement the same rules as bootstrap.c does for
    not-nullability of catalog columns.  The previous coding was a bit cheesy but
    worked all right for the previous set of bootstrap catalogs.  It does not work
    for pg_authid, where rolvaliduntil needs to be nullable.
    
    Initdb forced due to minor catalog changes (mainly the toast table removal).
    ea46000a
miscinit.c 34.3 KB