-
- Downloads
Fix dblink_connect() so that it verifies that a password is supplied in the
conninfo string *before* trying to connect to the remote server, not after. As pointed out by Marko Kreen, in certain not-very-plausible situations this could result in sending a password from the postgres user's .pgpass file, or other places that non-superusers shouldn't have access to, to an untrustworthy remote server. The cleanest fix seems to be to expose libpq's conninfo-string-parsing code so that dblink can check for a password option without duplicating the parsing logic. Joe Conway, with a little cleanup by Tom Lane
Showing
- contrib/dblink/dblink.c 47 additions, 2 deletionscontrib/dblink/dblink.c
- doc/src/sgml/dblink.sgml 10 additions, 3 deletionsdoc/src/sgml/dblink.sgml
- doc/src/sgml/libpq.sgml 104 additions, 35 deletionsdoc/src/sgml/libpq.sgml
- src/interfaces/libpq/exports.txt 2 additions, 1 deletionsrc/interfaces/libpq/exports.txt
- src/interfaces/libpq/fe-connect.c 56 additions, 6 deletionssrc/interfaces/libpq/fe-connect.c
- src/interfaces/libpq/libpq-fe.h 7 additions, 3 deletionssrc/interfaces/libpq/libpq-fe.h
Loading
Please register or sign in to comment