| From: | PG Bug reporting form <noreply(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Cc: | mdavid(at)palantir(dot)com |
| Subject: | BUG #16106: Patch - Radius secrets always gets lowercased |
| Date: | 2019-11-11 18:01:35 |
| Message-ID: | 16106-7d319e4295d08e70@postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 16106
Logged by: Marcos David
Email address: mdavid(at)palantir(dot)com
PostgreSQL version: 12.0
Operating system: Centos 7
Description:
I'm using radius authentication in pg_hba.conf and I've run into the
following issue.
The radiussecrets is always getting lowercased even if I start it with
double quotes. Seems the double quotes are removed by the tokenization
process and then the secret gets lowercased by
https://github.com/postgres/postgres/blob/REL_12_STABLE/src/backend/utils/adt/varlena.c#L3652
I'm attaching a patch for this since I don't think the secrets should ever
be lowercased.
--- src/backend/libpq/hba.c.old 2019-11-08 16:42:27.934508368 +0000
+++ src/backend/libpq/hba.c 2019-11-08 16:43:12.069173627 +0000
@@ -2011,7 +2011,7 @@
REQUIRE_AUTH_OPTION(uaRADIUS, "radiussecrets", "radius");
- if (!SplitIdentifierString(dupval, ',', &parsed_secrets))
+ if (!SplitGUCList(dupval, ',', &parsed_secrets))
{
/* syntax error in list */
ereport(elevel,
@@ -2033,7 +2033,7 @@
REQUIRE_AUTH_OPTION(uaRADIUS, "radiusidentifiers", "radius");
- if (!SplitIdentifierString(dupval, ',', &parsed_identifiers))
+ if (!SplitGUCList(dupval, ',', &parsed_identifiers))
{
/* syntax error in list */
ereport(elevel,
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2019-11-11 20:23:07 | Re: BUG #16106: Patch - Radius secrets always gets lowercased |
| Previous Message | Tom Lane | 2019-11-11 17:32:38 | Re: [BUG FIX] Uninitialized var fargtypes used. |