#undef LINELEN
}
+
+/*
+ * Check password type is md5 hashed or not. recovery_password and
+ * wd_lifecheck_password are not allowed to be md5 hashed format.
+ * The kind of returns of this function is follow;
+ * 0: password is not md5 hashed
+ * -1: password is md5 hashed
+ * -2: password is not found
+ */
+int
+chceck_password_type_is_not_md5(char *username, char *password_in_config)
+{
+ PasswordType passwordType = PASSWORD_TYPE_UNKNOWN;
+ PasswordMapping *password_mapping = NULL;
+
+ /*
+ * if the password specified in config is empty string or NULL look for the
+ * password in pool_passwd file
+ */
+ if (password_in_config == NULL || strlen(password_in_config) == 0)
+ {
+ password_mapping = pool_get_user_credentials(username);
+ if (password_mapping == NULL)
+ {
+ return -2;
+ }
+ passwordType = password_mapping->pgpoolUser.passwordType;
+ }
+ else
+ {
+ passwordType = get_password_type(password_in_config);
+ }
+
+ /* if the password type is MD5 hash return -1*/
+ if (passwordType == PASSWORD_TYPE_MD5)
+ {
+ return -1;
+ }
+
+ return 0;
+}
\ No newline at end of file
extern char *read_pool_key(char *key_file_path);
extern char *get_pgpool_config_user_password(char *username, char *password_in_config);
extern void delete_passwordMapping(PasswordMapping * pwdMapping);
+extern int chceck_password_type_is_not_md5(char *username, char *password_in_config);
#endif /* POOL_PASSWD_H */
ereport(ERROR,
(errmsg("node recovery failed, node id: %d is alive", recovery_node)));
+ if (chceck_password_type_is_not_md5(pool_config->recovery_user, pool_config->recovery_password) == -1)
+ {
+ ereport(ERROR,
+ (errmsg("invalid password format for recovery_user: %s",
+ pool_config->recovery_user),
+ errdetail("md5 hashed password is not allowed here")));
+ }
+
/* select master/primary node */
node_id = MASTER_SLAVE ? PRIMARY_NODE_ID : REAL_MASTER_NODE_ID;
backend = &pool_config->backend_desc->backend_info[node_id];
/* Identify myself via ps */
init_ps_display("", "", "", "");
+ if (chceck_password_type_is_not_md5(pool_config->wd_lifecheck_user, pool_config->wd_lifecheck_password) == -1)
+ {
+ ereport(ERROR,
+ (errmsg("invalid password format for wd_lifecheck_user: %s",
+ pool_config->recovery_user),
+ errdetail("md5 hashed password is not allowed here")));
+ }
+
pool_signal(SIGTERM, lifecheck_exit_handler);
pool_signal(SIGINT, lifecheck_exit_handler);
pool_signal(SIGQUIT, lifecheck_exit_handler);
projects / pgpool2.git / commitdiff