Participants
Tommy Gildseth
Tommy Gildseth
Magnus Hagander
Magnus Hagander
Attachments
Show all attachments
Thread Outline
#1Tommy GildsethTommy Gildseth
Dec 09, 2008
#2Magnus HaganderMagnus Haganderto Tommy Gildseth (#1)
Dec 09, 2008

BUG #4572: Incorrect error message when using wrong password with hostssl

Started by Tommy Gildsethover 17 years ago2 messagesbugs
Jump to latest
#1Tommy Gildseth
Tommy Gildseth
tommy.gildseth@usit.uio.no

The following bug has been logged online:

Bug reference: 4572
Logged by: Tommy Gildseth
Email address: tommy.gildseth@usit.uio.no
PostgreSQL version: 8.3.x,8.2.x
Operating system: Linux
Description: Incorrect error message when using wrong password with
hostssl
Details:

When logging into postgresql requiring SSL, providing the wrong password
will produce an incorrect and confusing error message.

========== pg_hba.conf ===============
hostssl all postgres 192.168.123.234 255.255.255.255 md5
======================================

========== Logging in: ===============
[postgres@anothermachine ~]$ psql -W -h pgtest02
Password: <type in bogus password>
psql: FATAL: no pg_hba.conf entry for host "192.168.123.234", user
"postgres", database "postgres", SSL off
======================================

The error message returned here is clearly bogus. It's correct in that there
is no pg_hba.conf entry for that user/host, with SSL off, but imo. it should
have returned the more usefull error message:
======================================
psql -W -h pgtest02
Password: <type in bogus password>
psql: FATAL: password authentication failed for user "postgres"
======================================

#2Magnus Hagander
Magnus Hagander
magnus@hagander.net
In reply to: Tommy Gildseth (#1)
Re: BUG #4572: Incorrect error message when using wrong password with hostssl

Tommy Gildseth wrote:

The following bug has been logged online:

Bug reference: 4572
Logged by: Tommy Gildseth
Email address: tommy.gildseth@usit.uio.no
PostgreSQL version: 8.3.x,8.2.x
Operating system: Linux
Description: Incorrect error message when using wrong password with
hostssl
Details:

When logging into postgresql requiring SSL, providing the wrong password
will produce an incorrect and confusing error message.

Hi!

This has been fixed for 8.4. It will now show:
psql: FATAL: password authentication failed for user "foo"
FATAL: no pg_hba.conf entry for host "127.0.0.1", user "foo", database
"postgres", SSL off

This indicates that you had a password failure, and then retried with
SSL off.

For now, and if you later want to get rid of the second message, connect
with PGSSLMODE=require (or put sslmode=require in the connection string)
- that way you will prevent the attempt to reconnect without SSL.

We can't easily backpatch this since it may break existing applications
that aren't equipped to deal with multiline errors.

//Magnus

Show quoted text

========== pg_hba.conf ===============
hostssl all postgres 192.168.123.234 255.255.255.255 md5
======================================

========== Logging in: ===============
[postgres@anothermachine ~]$ psql -W -h pgtest02
Password: <type in bogus password>
psql: FATAL: no pg_hba.conf entry for host "192.168.123.234", user
"postgres", database "postgres", SSL off
======================================

The error message returned here is clearly bogus. It's correct in that there
is no pg_hba.conf entry for that user/host, with SSL off, but imo. it should
have returned the more usefull error message:
======================================
psql -W -h pgtest02
Password: <type in bogus password>
psql: FATAL: password authentication failed for user "postgres"
======================================

← Back to Topics