Skip site navigation (1) Skip section navigation (2)

Re: BUG #4572: Incorrect error message when using wrong password with hostssl

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: Tommy Gildseth <tommy(dot)gildseth(at)usit(dot)uio(dot)no>
Cc: pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #4572: Incorrect error message when using wrong password with hostssl
Date: 2008-12-09 08:53:57
Message-ID: 493E3225.20305@hagander.net (view raw or flat)
Thread:
Lists: pgsql-bugs
Tommy Gildseth wrote:
> The following bug has been logged online:
> 
> Bug reference:      4572
> Logged by:          Tommy Gildseth
> Email address:      tommy(dot)gildseth(at)usit(dot)uio(dot)no
> PostgreSQL version: 8.3.x,8.2.x
> Operating system:   Linux
> Description:        Incorrect error message when using wrong password with
> hostssl
> Details: 
> 
> When logging into postgresql requiring SSL, providing the wrong password
> will produce an incorrect and confusing error message.

Hi!

This has been fixed for 8.4. It will now show:
psql: FATAL:  password authentication failed for user "foo"
FATAL:  no pg_hba.conf entry for host "127.0.0.1", user "foo", database
"postgres", SSL off

This indicates that you had a password failure, and then retried with
SSL off.

For now, and if you later want to get rid of the second message, connect
with PGSSLMODE=require (or put sslmode=require in the connection string)
- that way you will prevent the attempt to reconnect without SSL.

We can't easily backpatch this since it may break existing applications
that aren't equipped to deal with multiline errors.

//Magnus


> ========== pg_hba.conf ===============
> hostssl all postgres 192.168.123.234 255.255.255.255 md5
> ======================================
> 
> ========== Logging in: ===============
> [postgres(at)anothermachine ~]$ psql -W -h pgtest02
> Password: <type in bogus password>
> psql: FATAL:  no pg_hba.conf entry for host "192.168.123.234", user
> "postgres", database "postgres", SSL off
> ======================================
> 
> The error message returned here is clearly bogus. It's correct in that there
> is no pg_hba.conf entry for that user/host, with SSL off, but imo. it should
> have returned the more usefull error message:
> ======================================
> psql -W -h pgtest02
> Password: <type in bogus password>
> psql: FATAL:  password authentication failed for user "postgres"
> ======================================
> 


In response to

pgsql-bugs by date

Next:From: Adam PewnyDate: 2008-12-09 11:24:20
Subject: BUG #4573: download problem
Previous:From: Tommy GildsethDate: 2008-12-09 07:04:52
Subject: BUG #4572: Incorrect error message when using wrong password with hostssl

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group