Attempt to send a proper failure message to frontend when authentication

[pgpool-ii/pgpool-ii_2.2.5] / pool_auth.c

diff --git a/pool_auth.c b/pool_auth.c
index cd5bf4233e59a54e85229ec10b4a51da79b1f2c3..def2ebcba81695b1d27b66cf1970091223fafc3a 100644 (file)
--- a/pool_auth.c
+++ b/pool_auth.c
@@ -35,14 +35,17 @@
 #endif
 #include <errno.h>
 #include <string.h>
+#include <stdlib.h>
 
 #define AUTHFAIL_ERRORCODE "28000"
 
 static POOL_STATUS pool_send_auth_ok(POOL_CONNECTION *frontend, int pid, int key, int protoMajor);
 static int do_clear_text_password(POOL_CONNECTION *backend, POOL_CONNECTION *frontend, int reauth, int protoMajor);
+static void pool_send_auth_fail(POOL_CONNECTION *frontend, POOL_CONNECTION_POOL *cp);
 static int do_crypt(POOL_CONNECTION *backend, POOL_CONNECTION *frontend, int reauth, int protoMajor);
 static int do_md5(POOL_CONNECTION *backend, POOL_CONNECTION *frontend, int reauth, int protoMajor);
 
+
 /*
 * do authentication against backend. if success return 0 otherwise non 0.
 */
@@ -136,6 +139,7 @@ from pool_read_message_length and recheck the pg_hba.conf settings.");
                msglen = htonl(0);
                if (pool_write_and_flush(frontend, &msglen, sizeof(msglen)) < 0)
                {
+                       pool_send_auth_fail(frontend, cp);
                        return -1;
                }
                MASTER(cp)->auth_kind = 0;
@@ -156,6 +160,7 @@ from pool_read_message_length and recheck the pg_hba.conf settings.");
                        if (authkind < 0)
                        {
                                pool_error("do_clear_text_password failed in slot %d", i);
+                               pool_send_auth_fail(frontend, cp);
                                return -1;
                        }
                }
@@ -176,6 +181,7 @@ from pool_read_message_length and recheck the pg_hba.conf settings.");
                        if (authkind < 0)
                        {
                                pool_error("do_crypt_text_password failed in slot %d", i);
+                               pool_send_auth_fail(frontend, cp);
                                return -1;
                        }
                }
@@ -206,6 +212,7 @@ from pool_read_message_length and recheck the pg_hba.conf settings.");
                        if (authkind < 0)
                        {
                                pool_error("do_md5failed in slot %d", i);
+                               pool_send_auth_fail(frontend, cp);
                                return -1;
                        }
                }
@@ -410,12 +417,41 @@ int pool_do_reauth(POOL_CONNECTION *frontend, POOL_CONNECTION_POOL *cp)
        else
        {
                pool_debug("pool_do_reauth: authentication failed");
+               pool_send_auth_fail(frontend, cp);               
                return -1;
        }
 
        return (pool_send_auth_ok(frontend, MASTER_CONNECTION(cp)->pid, MASTER_CONNECTION(cp)->key, protoMajor) != POOL_CONTINUE);
 }
 
+/*
+* send authentication failure message text to frontend
+*/
+static void pool_send_auth_fail(POOL_CONNECTION *frontend, POOL_CONNECTION_POOL *cp)
+{
+       int messagelen;
+       char *errmessage;
+       int protoMajor;
+
+       bool send_error_to_frontend = true;
+
+       protoMajor = MAJOR(cp);
+
+       messagelen = strlen(MASTER_CONNECTION(cp)->sp->user) + 100;
+       if ((errmessage = (char *)malloc(messagelen+1)) == NULL)
+       {
+               pool_error("pool_send_auth_fail_failed: malloc failed: %s", strerror(errno));
+               child_exit(1);
+       }
+
+       snprintf(errmessage, messagelen, "password authentication failed for user \"%s\"",
+                MASTER_CONNECTION(cp)->sp->user);
+       if (send_error_to_frontend)
+       pool_send_fatal_message(frontend, protoMajor, "XX000", errmessage,
+                               "", "", __FILE__, __LINE__);
+       free(errmessage);
+} 
+
 /*
 * send authentication ok to frontend. if success return 0 otherwise non 0.
 */