Skip to content

P
Postgres FD Implementation
Commit 6c4637a3 authored by Magnus Hagander's avatar Magnus Hagander
Browse files
Options

Disallow empty passwords in LDAP authentication, the same way 

we already do it for PAM.
parent 4183b106
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 1 deletion
src/backend/libpq/auth.c
View file @ 6c4637a3
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.182 2009/06/11 14:48:57 momjian Exp $ * $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.183 2009/06/25 11:30:08 mha Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
...@@ -2066,6 +2066,13 @@ CheckLDAPAuth(Port *port) ...@@ -2066,6 +2066,13 @@ CheckLDAPAuth(Port *port)
if (passwd == NULL) if (passwd == NULL)
return STATUS_EOF; /* client wouldn't send password */ return STATUS_EOF; /* client wouldn't send password */
if (strlen(passwd) == 0)
{
ereport(LOG,
(errmsg("empty password returned by client")));
return STATUS_ERROR;
}
ldap = ldap_init(port->hba->ldapserver, port->hba->ldapport); ldap = ldap_init(port->hba->ldapserver, port->hba->ldapport);
if (!ldap) if (!ldap)
{ {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment