From e5989302d7a1c007d88a7b24bc86877c39c50d62 Mon Sep 17 00:00:00 2001 From: Tatsuo Ishii Date: Sat, 11 Dec 2021 09:40:26 +0900 Subject: [PATCH] Revert "Add validations of wd_lifecheck_password and recovery_password format" This reverts commit e9cd3c230a7f4cce5879da5565eca16e2cd049ea. This commit caused failure in regression test due to pcp_recovery_node_error: recovery node 1...ERROR: invalid password format for recovery_user: t-ishii DETAIL: md5 hashed password is not allowed here --- src/auth/pool_passwd.c | 41 ---------------------------------- src/include/auth/pool_passwd.h | 1 - src/pcp_con/recovery.c | 8 ------- src/watchdog/wd_lifecheck.c | 8 ------- 4 files changed, 58 deletions(-) diff --git a/src/auth/pool_passwd.c b/src/auth/pool_passwd.c index d567b097c..97b1a4452 100644 --- a/src/auth/pool_passwd.c +++ b/src/auth/pool_passwd.c @@ -680,44 +680,3 @@ read_pool_key(char *key_file_path) #undef LINELEN } - -/* - * Check password type is md5 hashed or not. recovery_password and - * wd_lifecheck_password are not allowed to be md5 hashed format. - * The kind of returns of this function is follow; - * 0: password is not md5 hashed - * -1: password is md5 hashed - * -2: password is not found - */ -int -chceck_password_type_is_not_md5(char *username, char *password_in_config) -{ - PasswordType passwordType = PASSWORD_TYPE_UNKNOWN; - PasswordMapping *password_mapping = NULL; - - /* - * if the password specified in config is empty string or NULL look for the - * password in pool_passwd file - */ - if (password_in_config == NULL || strlen(password_in_config) == 0) - { - password_mapping = pool_get_user_credentials(username); - if (password_mapping == NULL) - { - return -2; - } - passwordType = password_mapping->pgpoolUser.passwordType; - } - else - { - passwordType = get_password_type(password_in_config); - } - - /* if the password type is MD5 hash return -1*/ - if (passwordType == PASSWORD_TYPE_MD5) - { - return -1; - } - - return 0; -} \ No newline at end of file diff --git a/src/include/auth/pool_passwd.h b/src/include/auth/pool_passwd.h index 9ec244b31..bbcaaa810 100644 --- a/src/include/auth/pool_passwd.h +++ b/src/include/auth/pool_passwd.h @@ -85,5 +85,4 @@ extern char *get_decrypted_password(const char *shadow_pass); extern char *read_pool_key(char *key_file_path); extern char *get_pgpool_config_user_password(char *username, char *password_in_config); extern void delete_passwordMapping(PasswordMapping * pwdMapping); -extern int chceck_password_type_is_not_md5(char *username, char *password_in_config); #endif /* POOL_PASSWD_H */ diff --git a/src/pcp_con/recovery.c b/src/pcp_con/recovery.c index a920e4809..4ae1cedf7 100644 --- a/src/pcp_con/recovery.c +++ b/src/pcp_con/recovery.c @@ -85,14 +85,6 @@ start_recovery(int recovery_node) ereport(ERROR, (errmsg("node recovery failed, node id: %d is alive", recovery_node))); - if (chceck_password_type_is_not_md5(pool_config->recovery_user, pool_config->recovery_password) == -1) - { - ereport(ERROR, - (errmsg("invalid password format for recovery_user: %s", - pool_config->recovery_user), - errdetail("md5 hashed password is not allowed here"))); - } - /* select main/primary node */ node_id = MAIN_REPLICA ? PRIMARY_NODE_ID : REAL_MAIN_NODE_ID; backend = &pool_config->backend_desc->backend_info[node_id]; diff --git a/src/watchdog/wd_lifecheck.c b/src/watchdog/wd_lifecheck.c index 6b6baf309..e2f8f2ab2 100644 --- a/src/watchdog/wd_lifecheck.c +++ b/src/watchdog/wd_lifecheck.c @@ -387,14 +387,6 @@ lifecheck_main(void) /* Identify myself via ps */ init_ps_display("", "", "", ""); - if (chceck_password_type_is_not_md5(pool_config->wd_lifecheck_user, pool_config->wd_lifecheck_password) == -1) - { - ereport(ERROR, - (errmsg("invalid password format for wd_lifecheck_user: %s", - pool_config->recovery_user), - errdetail("md5 hashed password is not allowed here"))); - } - pool_signal(SIGTERM, lifecheck_exit_handler); pool_signal(SIGINT, lifecheck_exit_handler); pool_signal(SIGQUIT, lifecheck_exit_handler); -- 2.39.5