Disallow empty passwords in LDAP authentication, the same way

author Magnus Hagander <magnus@hagander.net>

Thu, 25 Jun 2009 11:30:12 +0000 (11:30 +0000)

committer Magnus Hagander <magnus@hagander.net>

Thu, 25 Jun 2009 11:30:12 +0000 (11:30 +0000)
author Magnus Hagander <magnus@hagander.net>
Thu, 25 Jun 2009 11:30:12 +0000 (11:30 +0000)
committer Magnus Hagander <magnus@hagander.net>
Thu, 25 Jun 2009 11:30:12 +0000 (11:30 +0000)
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c

index 031a9d4f54cef70b872585697cee822262960a74..0c9fc850db0716aca7a39b0ac2a00a80f24d0ec9 100644 (file)
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
   *
   *
   * IDENTIFICATION
- *       $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.164.2.1 2008/07/24 17:52:02 tgl Exp $
+ *       $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.164.2.2 2009/06/25 11:30:12 mha Exp $
   *
   *-------------------------------------------------------------------------
   */
@@ -1457,6 +1457,13 @@ CheckLDAPAuth(Port *port)
         if (passwd == NULL)
                 return STATUS_EOF;              /* client wouldn't send password */
  
+       if (strlen(passwd) == 0)
+       {
+               ereport(LOG,
+                               (errmsg("empty password returned by client")));
+               return STATUS_ERROR;
+       }
+
         ldap = ldap_init(server, ldapport);
         if (!ldap)
         {
author	Magnus Hagander <magnus@hagander.net>
	Thu, 25 Jun 2009 11:30:12 +0000 (11:30 +0000)
committer	Magnus Hagander <magnus@hagander.net>
	Thu, 25 Jun 2009 11:30:12 +0000 (11:30 +0000)