From 83ae824c87a59f1183de560b2560641ab804c729 Mon Sep 17 00:00:00 2001 From: Daniel Gustafsson Date: Tue, 14 May 2024 10:50:26 +0200 Subject: [PATCH] Remove auth-options support from initdb When --auth was added to initdb in commit e7029b212755 it had support for auth options separated by space from the auth type, like: --auth pam --auth ident sameuser Passing an option to the ident auth type was removed in 01c1a12a5bb4 which left the pam auth-options support in place. 8a02339e9ba3 broke this by inverting a calculation in the strncmp arguments, which went unnoticed for a long time. The ability to pass options to the auth type was never documented. Rather than fixing the support for an undocumented feature which has been broken for all supported versions, and which only supports one out of many auth types which can take options, it is removed. Reported-by: Jingxian Li Reviewed-by: Michael Paquier Reviewed-by: Aleksander Alekseev Discussion: https://postgr.es/m/tencent_29731C7C7E6A2F9FB807C3A1DC3D81293C06@qq.com --- src/bin/initdb/initdb.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c index 30e17bd1d1e..5e89b3c8e8b 100644 --- a/src/bin/initdb/initdb.c +++ b/src/bin/initdb/initdb.c @@ -102,7 +102,7 @@ static const char *const auth_methods_host[] = { "sspi", #endif #ifdef USE_PAM - "pam", "pam ", + "pam", #endif #ifdef USE_BSD_AUTH "bsd", @@ -118,7 +118,7 @@ static const char *const auth_methods_host[] = { static const char *const auth_methods_local[] = { "trust", "reject", "scram-sha-256", "md5", "password", "peer", "radius", #ifdef USE_PAM - "pam", "pam ", + "pam", #endif #ifdef USE_BSD_AUTH "bsd", @@ -2512,10 +2512,6 @@ check_authmethod_valid(const char *authmethod, const char *const *valid_methods, { if (strcmp(authmethod, *p) == 0) return; - /* with space = param */ - if (strchr(authmethod, ' ')) - if (strncmp(authmethod, *p, (authmethod - strchr(authmethod, ' '))) == 0) - return; } pg_fatal("invalid authentication method \"%s\" for \"%s\" connections", -- 2.39.5