Skip to content

Commit 02d3448

Browse files
michaelpqmichaelpq
committed
Store IdentLine->pg_user as an AuthToken
While system_user was stored as an AuthToken in IdentLine, pg_user was stored as a plain string. This commit changes the code as we start storing pg_user as an AuthToken too. This does not have any functional changes, as all the operations on pg_user only use the string from the AuthToken. There is no regexp compiled and no check based on its quoting, yet. This is in preparation of more features that intend to extend its capabilities, like support for regexps and group membership. Author: Jelte Fennema Discussion: https://postgr.es/m/CAGECzQRNow4MwkBjgPxywXdJU_K3a9+Pm78JB7De3yQwwkTDew@mail.gmail.com
1 parent 647fa50 commit 02d3448

File tree

3 files changed

+13
-11
lines changed

3 files changed

+13
-11
lines changed

src/backend/libpq/hba.c

Lines changed: 11 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -2800,7 +2800,7 @@ parse_ident_line(TokenizedAuthLine *tok_line, int elevel)
28002800
tokens = lfirst(field);
28012801
IDENT_MULTI_VALUE(tokens);
28022802
token = linitial(tokens);
2803-
parsedline->pg_user = pstrdup(token->string);
2803+
parsedline->pg_user = copy_auth_token(token);
28042804

28052805
/*
28062806
* Now that the field validation is done, compile a regex from the user
@@ -2865,7 +2865,7 @@ check_ident_usermap(IdentLine *identLine, const char *usermap_name,
28652865
return;
28662866
}
28672867

2868-
if ((ofs = strstr(identLine->pg_user, "\\1")) != NULL)
2868+
if ((ofs = strstr(identLine->pg_user->string, "\\1")) != NULL)
28692869
{
28702870
int offset;
28712871

@@ -2875,7 +2875,7 @@ check_ident_usermap(IdentLine *identLine, const char *usermap_name,
28752875
ereport(LOG,
28762876
(errcode(ERRCODE_INVALID_REGULAR_EXPRESSION),
28772877
errmsg("regular expression \"%s\" has no subexpressions as requested by backreference in \"%s\"",
2878-
identLine->system_user->string + 1, identLine->pg_user)));
2878+
identLine->system_user->string + 1, identLine->pg_user->string)));
28792879
*error_p = true;
28802880
return;
28812881
}
@@ -2884,9 +2884,9 @@ check_ident_usermap(IdentLine *identLine, const char *usermap_name,
28842884
* length: original length minus length of \1 plus length of match
28852885
* plus null terminator
28862886
*/
2887-
expanded_pg_user = palloc0(strlen(identLine->pg_user) - 2 + (matches[1].rm_eo - matches[1].rm_so) + 1);
2888-
offset = ofs - identLine->pg_user;
2889-
memcpy(expanded_pg_user, identLine->pg_user, offset);
2887+
expanded_pg_user = palloc0(strlen(identLine->pg_user->string) - 2 + (matches[1].rm_eo - matches[1].rm_so) + 1);
2888+
offset = ofs - identLine->pg_user->string;
2889+
memcpy(expanded_pg_user, identLine->pg_user->string, offset);
28902890
memcpy(expanded_pg_user + offset,
28912891
system_user + matches[1].rm_so,
28922892
matches[1].rm_eo - matches[1].rm_so);
@@ -2895,7 +2895,7 @@ check_ident_usermap(IdentLine *identLine, const char *usermap_name,
28952895
else
28962896
{
28972897
/* no substitution, so copy the match */
2898-
expanded_pg_user = pstrdup(identLine->pg_user);
2898+
expanded_pg_user = pstrdup(identLine->pg_user->string);
28992899
}
29002900

29012901
/*
@@ -2921,13 +2921,13 @@ check_ident_usermap(IdentLine *identLine, const char *usermap_name,
29212921
/* Not regular expression, so make complete match */
29222922
if (case_insensitive)
29232923
{
2924-
if (pg_strcasecmp(identLine->pg_user, pg_user) == 0 &&
2924+
if (pg_strcasecmp(identLine->pg_user->string, pg_user) == 0 &&
29252925
pg_strcasecmp(identLine->system_user->string, system_user) == 0)
29262926
*found_p = true;
29272927
}
29282928
else
29292929
{
2930-
if (strcmp(identLine->pg_user, pg_user) == 0 &&
2930+
if (strcmp(identLine->pg_user->string, pg_user) == 0 &&
29312931
strcmp(identLine->system_user->string, system_user) == 0)
29322932
*found_p = true;
29332933
}
@@ -3074,6 +3074,7 @@ load_ident(void)
30743074
{
30753075
newline = (IdentLine *) lfirst(parsed_line_cell);
30763076
free_auth_token(newline->system_user);
3077+
free_auth_token(newline->pg_user);
30773078
}
30783079
MemoryContextDelete(ident_context);
30793080
return false;
@@ -3086,6 +3087,7 @@ load_ident(void)
30863087
{
30873088
newline = (IdentLine *) lfirst(parsed_line_cell);
30883089
free_auth_token(newline->system_user);
3090+
free_auth_token(newline->pg_user);
30893091
}
30903092
}
30913093
if (parsed_ident_context != NULL)

src/backend/utils/adt/hbafuncs.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -493,7 +493,7 @@ fill_ident_line(Tuplestorestate *tuple_store, TupleDesc tupdesc,
493493
{
494494
values[index++] = CStringGetTextDatum(ident->usermap);
495495
values[index++] = CStringGetTextDatum(ident->system_user->string);
496-
values[index++] = CStringGetTextDatum(ident->pg_user);
496+
values[index++] = CStringGetTextDatum(ident->pg_user->string);
497497
}
498498
else
499499
{

src/include/libpq/hba.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -143,7 +143,7 @@ typedef struct IdentLine
143143

144144
char *usermap;
145145
AuthToken *system_user;
146-
char *pg_user;
146+
AuthToken *pg_user;
147147
} IdentLine;
148148

149149
/*

0 commit comments

Comments
 (0)