Thread: BUG #4572: Incorrect error message when using wrong password with hostssl
BUG #4572: Incorrect error message when using wrong password with hostssl
From
"Tommy Gildseth"
Date:
The following bug has been logged online: Bug reference: 4572 Logged by: Tommy Gildseth Email address: tommy.gildseth@usit.uio.no PostgreSQL version: 8.3.x,8.2.x Operating system: Linux Description: Incorrect error message when using wrong password with hostssl Details: When logging into postgresql requiring SSL, providing the wrong password will produce an incorrect and confusing error message. ========== pg_hba.conf =============== hostssl all postgres 192.168.123.234 255.255.255.255 md5 ====================================== ========== Logging in: =============== [postgres@anothermachine ~]$ psql -W -h pgtest02 Password: <type in bogus password> psql: FATAL: no pg_hba.conf entry for host "192.168.123.234", user "postgres", database "postgres", SSL off ====================================== The error message returned here is clearly bogus. It's correct in that there is no pg_hba.conf entry for that user/host, with SSL off, but imo. it should have returned the more usefull error message: ====================================== psql -W -h pgtest02 Password: <type in bogus password> psql: FATAL: password authentication failed for user "postgres" ======================================
Re: BUG #4572: Incorrect error message when using wrong password with hostssl
From
Magnus Hagander
Date:
Tommy Gildseth wrote: > The following bug has been logged online: > > Bug reference: 4572 > Logged by: Tommy Gildseth > Email address: tommy.gildseth@usit.uio.no > PostgreSQL version: 8.3.x,8.2.x > Operating system: Linux > Description: Incorrect error message when using wrong password with > hostssl > Details: > > When logging into postgresql requiring SSL, providing the wrong password > will produce an incorrect and confusing error message. Hi! This has been fixed for 8.4. It will now show: psql: FATAL: password authentication failed for user "foo" FATAL: no pg_hba.conf entry for host "127.0.0.1", user "foo", database "postgres", SSL off This indicates that you had a password failure, and then retried with SSL off. For now, and if you later want to get rid of the second message, connect with PGSSLMODE=require (or put sslmode=require in the connection string) - that way you will prevent the attempt to reconnect without SSL. We can't easily backpatch this since it may break existing applications that aren't equipped to deal with multiline errors. //Magnus > ========== pg_hba.conf =============== > hostssl all postgres 192.168.123.234 255.255.255.255 md5 > ====================================== > > ========== Logging in: =============== > [postgres@anothermachine ~]$ psql -W -h pgtest02 > Password: <type in bogus password> > psql: FATAL: no pg_hba.conf entry for host "192.168.123.234", user > "postgres", database "postgres", SSL off > ====================================== > > The error message returned here is clearly bogus. It's correct in that there > is no pg_hba.conf entry for that user/host, with SSL off, but imo. it should > have returned the more usefull error message: > ====================================== > psql -W -h pgtest02 > Password: <type in bogus password> > psql: FATAL: password authentication failed for user "postgres" > ====================================== >