diff options
| author | Magnus Hagander | 2009-06-25 11:30:08 +0000 |
|---|---|---|
| committer | Magnus Hagander | 2009-06-25 11:30:08 +0000 |
| commit | 356083d9ec7e69a06c5528a03f761f0a769ddcca (patch) | |
| tree | 4ca8e8e6d7316ab0ed63b82da0faac1c10d96ed9 | |
| parent | 0ea4761afbeabd5d9d71b6e974e00cb758150bda (diff) | |
Disallow empty passwords in LDAP authentication, the same way
we already do it for PAM.
| -rw-r--r-- | src/backend/libpq/auth.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index 5c223d347b..fc184e1fe4 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -2066,6 +2066,13 @@ CheckLDAPAuth(Port *port) if (passwd == NULL) return STATUS_EOF; /* client wouldn't send password */ + if (strlen(passwd) == 0) + { + ereport(LOG, + (errmsg("empty password returned by client"))); + return STATUS_ERROR; + } + ldap = ldap_init(port->hba->ldapserver, port->hba->ldapport); if (!ldap) { |