Re: Securing "make check" (CVE-2014-0067)
| От | Noah Misch |
|---|---|
| Тема | Re: Securing "make check" (CVE-2014-0067) |
| Дата | |
| Msg-id | 20141225052706.GA1923279@tornado.leadboat.com обсуждение исходный текст |
| Ответ на | Re: Securing "make check" (CVE-2014-0067) (David Rowley <dgrowleyml@gmail.com>) |
| Ответы |
Re: Securing "make check" (CVE-2014-0067)
|
| Список | pgsql-hackers |
On Thu, Dec 25, 2014 at 03:55:02PM +1300, David Rowley wrote:
> f6dc6dd seems to have broken vcregress check for me:
> FATAL: no pg_hba.conf entry for host "::1", user "David", database
> "postgres"
> ...
> FATAL: no pg_hba.conf entry for host "::1", user "David", database
> "postgres"
Thanks. I bet this is the reason buildfarm members hamerkop, jacana and
bowerbird have not been reporting in.
> @@ -1085,6 +1085,8 @@ config_sspi_auth(const char *pgdata)
> CW(fputs("# Configuration written by config_sspi_auth()\n", hba) >= 0);
> CW(fputs("host all all 127.0.0.1/32 sspi include_realm=1 map=regress\n",
> hba) >= 0);
> + CW(fputs("host all all ::1/128 sspi include_realm=1 map=regress\n",
> + hba) >= 0);
This needs to be conditional on whether the platform supports IPv6, like we do
in setup_config(). The attached patch works on these configurations:
64-bit Windows Server 2003, 32-bit VS2010
64-bit Windows Server 2003, MinGW (always 32-bit)
64-bit Windows Server 2008, 64-bit VS2012
64-bit Windows Server 2008, 64-bit MinGW-w64
If the patch looks reasonable, I will commit it.
Вложения
В списке pgsql-hackers по дате отправления: