X-Git-Url: https://git.8kb.co.uk/?p=pgpool-ii%2Fpgpool-ii_2.2.5;a=blobdiff_plain;f=pool_auth.c;h=def2ebcba81695b1d27b66cf1970091223fafc3a;hp=cd5bf4233e59a54e85229ec10b4a51da79b1f2c3;hb=HEAD;hpb=09857a9aad7bb32b7bde8e21c705ddde4464a042 diff --git a/pool_auth.c b/pool_auth.c index cd5bf42..def2ebc 100644 --- a/pool_auth.c +++ b/pool_auth.c @@ -35,14 +35,17 @@ #endif #include #include +#include #define AUTHFAIL_ERRORCODE "28000" static POOL_STATUS pool_send_auth_ok(POOL_CONNECTION *frontend, int pid, int key, int protoMajor); static int do_clear_text_password(POOL_CONNECTION *backend, POOL_CONNECTION *frontend, int reauth, int protoMajor); +static void pool_send_auth_fail(POOL_CONNECTION *frontend, POOL_CONNECTION_POOL *cp); static int do_crypt(POOL_CONNECTION *backend, POOL_CONNECTION *frontend, int reauth, int protoMajor); static int do_md5(POOL_CONNECTION *backend, POOL_CONNECTION *frontend, int reauth, int protoMajor); + /* * do authentication against backend. if success return 0 otherwise non 0. */ @@ -136,6 +139,7 @@ from pool_read_message_length and recheck the pg_hba.conf settings."); msglen = htonl(0); if (pool_write_and_flush(frontend, &msglen, sizeof(msglen)) < 0) { + pool_send_auth_fail(frontend, cp); return -1; } MASTER(cp)->auth_kind = 0; @@ -156,6 +160,7 @@ from pool_read_message_length and recheck the pg_hba.conf settings."); if (authkind < 0) { pool_error("do_clear_text_password failed in slot %d", i); + pool_send_auth_fail(frontend, cp); return -1; } } @@ -176,6 +181,7 @@ from pool_read_message_length and recheck the pg_hba.conf settings."); if (authkind < 0) { pool_error("do_crypt_text_password failed in slot %d", i); + pool_send_auth_fail(frontend, cp); return -1; } } @@ -206,6 +212,7 @@ from pool_read_message_length and recheck the pg_hba.conf settings."); if (authkind < 0) { pool_error("do_md5failed in slot %d", i); + pool_send_auth_fail(frontend, cp); return -1; } } @@ -410,12 +417,41 @@ int pool_do_reauth(POOL_CONNECTION *frontend, POOL_CONNECTION_POOL *cp) else { pool_debug("pool_do_reauth: authentication failed"); + pool_send_auth_fail(frontend, cp); return -1; } return (pool_send_auth_ok(frontend, MASTER_CONNECTION(cp)->pid, MASTER_CONNECTION(cp)->key, protoMajor) != POOL_CONTINUE); } +/* +* send authentication failure message text to frontend +*/ +static void pool_send_auth_fail(POOL_CONNECTION *frontend, POOL_CONNECTION_POOL *cp) +{ + int messagelen; + char *errmessage; + int protoMajor; + + bool send_error_to_frontend = true; + + protoMajor = MAJOR(cp); + + messagelen = strlen(MASTER_CONNECTION(cp)->sp->user) + 100; + if ((errmessage = (char *)malloc(messagelen+1)) == NULL) + { + pool_error("pool_send_auth_fail_failed: malloc failed: %s", strerror(errno)); + child_exit(1); + } + + snprintf(errmessage, messagelen, "password authentication failed for user \"%s\"", + MASTER_CONNECTION(cp)->sp->user); + if (send_error_to_frontend) + pool_send_fatal_message(frontend, protoMajor, "XX000", errmessage, + "", "", __FILE__, __LINE__); + free(errmessage); +} + /* * send authentication ok to frontend. if success return 0 otherwise non 0. */