database/openGauss-server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

!3381 解决兼容B库下,可以成功创建user@localhost用户 但是无法连接

Browse Source 
Merge pull request !3381 from 王修强/user_host_new_bug
This commit is contained in:
opengauss_bot
2023-06-27 07:39:45 +00:00
committed by Gitee
parent 943b20bd7a c1a393d612
commit 13edddf64a
6 changed files with 39 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/common/backend/libpq/hba.cpp
View File

@ -2418,7 +2418,7 @@ char* MatchOtherUserHostName(const char* rolname, char* userHostName)
return firstPrivName;
}
char* GenUserHostName(hbaPort* port, const char* role)
char* GenUserHostName(hbaPort* port, const char* role, char** localhost)
{
if (!port)
ereport(ERROR,(errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),errmsg("The MyProcPort can't be NULL")));
@ -2431,7 +2431,13 @@ char* GenUserHostName(hbaPort* port, const char* role)
sizeof(remoteHostname));
errno_t rc = snprintf_s(userHostName, sizeof(userHostName), sizeof(userHostName) - 1, "%s@%s", role, remoteHostname);
securec_check_ss(rc, "", "");
return pstrdup(userHostName);
char* returnUserHost = pstrdup(userHostName);
if (pg_strcasecmp(remoteHostname, "127.0.0.1") == 0) {
rc = snprintf_s(userHostName, sizeof(userHostName), sizeof(userHostName) - 1, "%s@localhost", role);
securec_check_ss(rc, "", "");
*localhost = pstrdup(userHostName);
}
return returnUserHost;
}
extern char* GetDatabaseCompatibility(const char* dbname);
@ -2439,14 +2445,19 @@ HeapTuple SearchUserHostName(const char* userName, Oid* oid)
{
char* userHostName = NULL;
HeapTuple roleTup = NULL;
if (u_sess->attr.attr_common.b_compatibility_user_host_auth && !OidIsValid(u_sess->proc_cxt.MyDatabaseId) && u_sess->proc_cxt.MyProcPort) {
if (u_sess->attr.attr_common.b_compatibility_user_host_auth && (!OidIsValid(u_sess->proc_cxt.MyDatabaseId) || u_sess->proc_cxt.check_auth) && u_sess->proc_cxt.MyProcPort) {
bool isBFormat = false;
char* dbCompatibility = GetDatabaseCompatibility(u_sess->proc_cxt.MyProcPort->database_name);
if (dbCompatibility)
isBFormat = (pg_strcasecmp(dbCompatibility, "B") == 0);
if (isBFormat) {
userHostName = GenUserHostName(u_sess->proc_cxt.MyProcPort, userName);
char* localhost = NULL;
userHostName = GenUserHostName(u_sess->proc_cxt.MyProcPort, userName, &localhost);
roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(userHostName));
if (localhost && !roleTup) {
roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(localhost));
pfree_ext(localhost);
}
if (!roleTup) {
char* matchName = MatchOtherUserHostName(userName, userHostName);
if (matchName) {

15
src/common/backend/utils/init/postinit.cpp
View File

@ -2187,8 +2187,19 @@ void PostgresInitializer::InitSession()
Assert(dummyStandbyMode || CurrentMemoryContext == t_thrd.mem_cxt.cur_transaction_mem_cxt);
if (IsUnderPostmaster) {
CheckAuthentication();
InitUser();
u_sess->proc_cxt.check_auth = true;
PG_TRY();
{
CheckAuthentication();
InitUser();
u_sess->proc_cxt.check_auth = false;
}
PG_CATCH();
{
u_sess->proc_cxt.check_auth = false;
PG_RE_THROW();
}
PG_END_TRY();
} else {
CheckAtLeastOneRoles();
SetSuperUserStandalone();

1
src/gausskernel/process/threadpool/knl_session.cpp
View File

@ -612,6 +612,7 @@ static void knl_u_proc_init(knl_u_proc_context* proc_cxt)
proc_cxt->gsqlRemainCopyNum = 0;
proc_cxt->sessionBackupState = SESSION_BACKUP_NONE;
proc_cxt->registerExclusiveHandlerdone = false;
proc_cxt->check_auth = false;
}
static void knl_u_time_init(knl_u_time_context* time_cxt)

1
src/include/knl/knl_session.h
View File

@ -1230,6 +1230,7 @@ typedef struct knl_u_proc_context {
char* LabelFile;
char* TblspcMapFile;
bool registerAbortBackupHandlerdone; /* unterminated backups handler flag */
bool check_auth;
} knl_u_proc_context;
/* maximum possible number of fields in a date string */

7
src/test/regress/input/user_host_test.source
View File

@ -56,15 +56,12 @@ revoke insert on test2 from 'test_user_host'@'127.0.%';
\! echo 'b_compatibility_user_host_auth = on' >> @abs_srcdir@/tmp_check/datanode1/postgresql.conf
\! sed -i 's#host.*all.*all.*127.0.0.1/32.*#host all all all sha256#g' @abs_srcdir@/tmp_check/datanode1/pg_hba.conf
\! @abs_bindir@/gs_ctl restart -D @abs_srcdir@/tmp_check/datanode1 > /dev/null
\! sleep 5
\! sleep 2
\! @abs_bindir@/gsql -p @portstring@ -h 127.0.0.1 -d regression -r -U test_user_host -W 'test123@'
\! @abs_bindir@/gsql -p @portstring@ -h 127.0.0.1 -d user_host_db -r -U test_user_host -W 'test123@' -c "select current_user";
\! @abs_bindir@/gsql -p @portstring@ -d user_host_db -r -c "drop user if exists 'test_user_host'@'127.0.0.1'";
\! @abs_bindir@/gs_ctl restart -D @abs_srcdir@/tmp_check/datanode1 > /dev/null
\! sleep 5
\! @abs_bindir@/gsql -p @portstring@ -h 127.0.0.1 -d user_host_db -r -U test_user_host -W 'test123@' -c "select current_user";
\! @abs_bindir@/gsql -p @portstring@ -d user_host_db -r -c "drop user 'test_user_host'@'127.0.0.%'";
\! @abs_bindir@/gs_ctl restart -D @abs_srcdir@/tmp_check/datanode1 > /dev/null
\! sleep 5
\! @abs_bindir@/gsql -p @portstring@ -h 127.0.0.1 -d user_host_db -r -U test_user_host -W 'test123@' -c "select current_user";
\! @abs_bindir@/gsql -p @portstring@ -h 127.0.0.1 -d user_host_db -r -U test_user_host -W 'test123@' -c "select * from test2";
\! @abs_bindir@/gsql -p @portstring@ -h 127.0.0.1 -d user_host_db -r -U test_user_host2 -W 'test123@' -c "select current_user";

12
src/test/regress/output/user_host_test.source
View File

@ -111,7 +111,7 @@ revoke insert on test2 from 'test_user_host'@'127.0.%';
--?.*
--?.*
--?.*
\! sleep 5
\! sleep 2
--?.*
gsql: FATAL: Invalid username/password,login denied.
--?.*
@ -122,8 +122,6 @@ gsql: FATAL: Invalid username/password,login denied.
--?.*
DROP ROLE
--?.*
\! sleep 5
--?.*
current_user
--------------------------
@ -132,8 +130,6 @@ DROP ROLE
--?.*
DROP ROLE
--?.*
\! sleep 5
--?.*
current_user
------------------------
@ -146,3 +142,9 @@ DROP ROLE
1
(1 row)
--?.*
current_user
---------------------------
test_user_host2@localhost
(1 row)