Fix broken IDENT support for FreeBSD (appears to have been broken by

ill-considered conditional logic in getpeereid patch of 3-Dec-2002). Per bug #1021.

Fix broken IDENT support for FreeBSD (appears to have been broken by
ill-considered conditional logic in getpeereid patch of 3-Dec-2002). Per bug #1021.
b8f29802 · Tom Lane · d75b2ec4 · b8f29802 · b8f29802
Commit b8f29802 authored Dec 20, 2003 by Tom Lane
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 18 deletions

src/backend/libpq/auth.c src/backend/libpq/auth.c +13 -14

src/interfaces/libpq/fe-auth.c src/interfaces/libpq/fe-auth.c +11 -4

No files found.
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.113 2003/11/29 19:51:49 pgsql Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.114 2003/12/20 18:24:52 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -471,32 +471,31 @@ ClientAuthentication(Port *port)
 			break;
 		case uaIdent:
-#if defined(HAVE_STRUCT_CMSGCRED) || defined(HAVE_STRUCT_FCRED) || \
-	(defined(HAVE_STRUCT_SOCKCRED) && defined(LOCAL_CREDS)) && \
-	!defined(HAVE_GETPEEREID) && !defined(SO_PEERCRED)
 			/*
 			 * If we are doing ident on unix-domain sockets, use SCM_CREDS
 			 * only if it is defined and SO_PEERCRED isn't.
 			 */
-#if defined(HAVE_STRUCT_FCRED) || defined(HAVE_STRUCT_SOCKCRED)
+#if !defined(HAVE_GETPEEREID) && !defined(SO_PEERCRED) && \
+	(defined(HAVE_STRUCT_CMSGCRED) || defined(HAVE_STRUCT_FCRED) || \
-			/*
+	 (defined(HAVE_STRUCT_SOCKCRED) && defined(LOCAL_CREDS)))
-			 * Receive credentials on next message receipt, BSD/OS,
+			if (port->raddr.addr.ss_family == AF_UNIX)
-			 * NetBSD. We need to set this before the client sends the
-			 * next packet.
-			 */
 			{
+#if defined(HAVE_STRUCT_FCRED) || defined(HAVE_STRUCT_SOCKCRED)
+				/*
+				 * Receive credentials on next message receipt, BSD/OS,
+				 * NetBSD. We need to set this before the client sends the
+				 * next packet.
+				 */
 				int			on = 1;
 				if (setsockopt(port->sock, 0, LOCAL_CREDS, &on, sizeof(on)) < 0)
 					ereport(FATAL,
 							(errcode_for_socket_access(),
 					 errmsg("could not enable credential reception: %m")));
-			}
 #endif
-			if (port->raddr.addr.ss_family == AF_UNIX)
 				sendAuthRequest(port, AUTH_REQ_SCM_CREDS);
+			}
 #endif
 			status = authident(port);
 			break;

--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -10,7 +10,7 @@
 * exceed INITIAL_EXPBUFFER_SIZE (currently 256 bytes).
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.86 2003/11/29 19:52:11 pgsql Exp $
+ *	  $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.87 2003/12/20 18:24:52 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -447,12 +447,19 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
 }
 #endif   /* KRB5 */
+/*
+ * Respond to AUTH_REQ_SCM_CREDS challenge.
+ *
+ * Note: the backend will not use this challenge if HAVE_GETPEEREID
+ * or SO_PEERCRED is defined, so we don't bother to compile any code
+ * in that case, even if the facility is available.
+ */
 static int
 pg_local_sendauth(char *PQerrormsg, PGconn *conn)
 {
-#if defined(HAVE_STRUCT_CMSGCRED) || defined(HAVE_STRUCT_FCRED) || \
+#if !defined(HAVE_GETPEEREID) && !defined(SO_PEERCRED) && \
-	(defined(HAVE_STRUCT_SOCKCRED) && defined(LOCAL_CREDS)) && \
+	(defined(HAVE_STRUCT_CMSGCRED) || defined(HAVE_STRUCT_FCRED) || \
-	!defined(HAVE_GETPEEREID) && !defined(SO_PEERCRED)
+	 (defined(HAVE_STRUCT_SOCKCRED) && defined(LOCAL_CREDS)))
 	char		buf;
 	struct iovec iov;
 	struct msghdr msg;