Disallow empty passwords in LDAP authentication, the same way

we already do it for PAM.

Disallow empty passwords in LDAP authentication, the same way
we already do it for PAM.
6c4637a3 · Magnus Hagander · 4183b106 · 6c4637a3
Commit 6c4637a3 authored Jun 25, 2009 by Magnus Hagander
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 1 deletion

src/backend/libpq/auth.c src/backend/libpq/auth.c +8 -1

No files found.
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.182 2009/06/11 14:48:57 momjian Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.183 2009/06/25 11:30:08 mha Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -2066,6 +2066,13 @@ CheckLDAPAuth(Port *port)
 	if (passwd == NULL)
 		return STATUS_EOF;		/* client wouldn't send password */

+	if (strlen(passwd) == 0)
+	{
+		ereport(LOG,
+				(errmsg("empty password returned by client")));
+		return STATUS_ERROR;
+	}
+
 	ldap = ldap_init(port->hba->ldapserver, port->hba->ldapport);
 	if (!ldap)
 	{