git.ipfire.org Git - thirdparty/haproxy.git/commit

author	Fatih Acar <facar@scaleway.com>
	Mon, 26 Sep 2022 15:27:11 +0000 (17:27 +0200)
committer	Christopher Faulet <cfaulet@haproxy.com>
	Mon, 3 Oct 2022 13:31:22 +0000 (15:31 +0200)
commit	0d6fb7a3eb0a9754348ec15be14a017a1c84df0f
tree	481c2c73a3044d0899bb5d46b64a825913c9e720	tree \| snapshot
parent	dd4a2a69dcb9be001a9299eb65caa96ad6e950e0	commit \| diff

BUG/MINOR: checks: update pgsql regex on auth packet

This patch adds support to the following authentication methods:

- AUTH_REQ_GSS (7)
- AUTH_REQ_SSPI (9)
- AUTH_REQ_SASL (10)

Note that since AUTH_REQ_SASL allows multiple authentication mechanisms
such as SCRAM-SHA-256 or SCRAM-SHA-256-PLUS, the auth payload length may
vary since the method is sent in plaintext. In order to allow this, the
regex now matches any payload length.

This partially fixes Github issue #1508 since user authentication is
still broken but should restore pre-2.2 behavior.

This should be backported up to 2.2.

Signed-off-by: Fatih Acar <facar@scaleway.com>

reg-tests/checks/pgsql-check.vtc		diff \| blob \| blame \| history
src/tcpcheck.c		diff \| blob \| blame \| history