mirror/postgresql
2
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-12-27 08:39:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Disallow empty passwords in LDAP authentication, the same way

Browse Source 
we already do it for PAM.
This commit is contained in:
Magnus Hagander 2009-06-25 11:30:10 +00:00
parent 20b037100e
commit e19c960df5
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/backend/libpq/auth.c
View File

@ -8,7 +8,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.146.2.1 2008/07/24 17:52:09 tgl Exp $ * $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.146.2.2 2009/06/25 11:30:10 mha Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -788,6 +788,13 @@ CheckLDAPAuth(Port *port)
if (passwd == NULL) if (passwd == NULL)
return STATUS_EOF; /* client wouldn't send password */ return STATUS_EOF; /* client wouldn't send password */
if (strlen(passwd) == 0)
{
ereport(LOG,
(errmsg("empty password returned by client")));
return STATUS_ERROR;
}
ldap = ldap_init(server, ldapport); ldap = ldap_init(server, ldapport);
if (!ldap) if (!ldap)
{ {