The in-database format of the ``IPSECKEY`` has changed from 'generic' format to its specialized format.
It is recommended to re-transfer, using ``pdns_control retrieve ZONE``, all zones that have ``IPSECKEY`` or ``TYPE45`` records.
+PostgreSQL configuration escaping
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+We now correctly quote/escape Postgres connection parameters.
+If you used single quotes around your Postgres password because it contained spaces, you now need to remove those quotes.
+
4.3.0 to 4.3.1
--------------
bool SPgSQL::s_dolog;
+static string escapeForPQparam(const string &v)
+{
+ string ret = v;
+ boost::replace_all(ret, "\\", "\\\\");
+ boost::replace_all(ret, "'", "\\'");
+
+ return string("'")+ret+string("'");
+}
+
SPgSQL::SPgSQL(const string &database, const string &host, const string& port, const string &user,
const string &password, const string &extra_connection_parameters, const bool use_prepared)
{
d_nstatements = 0;
if (!database.empty())
- d_connectstr+="dbname="+database;
+ d_connectstr+="dbname="+escapeForPQparam(database);
if (!user.empty())
- d_connectstr+=" user="+user;
+ d_connectstr+=" user="+escapeForPQparam(user);
if(!host.empty())
- d_connectstr+=" host="+host;
+ d_connectstr+=" host="+escapeForPQparam(host);
if(!port.empty())
- d_connectstr+=" port="+port;
+ d_connectstr+=" port="+escapeForPQparam(port);
if(!extra_connection_parameters.empty())
d_connectstr+=" " + extra_connection_parameters;
if(!password.empty()) {
d_connectlogstr+=" password=<HIDDEN>";
- d_connectstr+=" password="+password;
+ d_connectstr+=" password="+escapeForPQparam(password);
}
d_use_prepared = use_prepared;
projects / thirdparty / pdns.git / commitdiff
