From 19b52d3f81080d8eacb78c94bd5957ef7c637d07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Sun, 6 Jan 2013 23:01:28 -0300 Subject: Use whitelist to pass valid connection parameters to PGConn. All the valids parameters for libpq are used. See http://www.postgresql.org/docs/9.1/static/libpq-connect.html for the full list Fixes #8784 --- .../connection_adapters/postgresql_adapter.rb | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb b/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb index 8f7f12ab81..b1b0467379 100644 --- a/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb +++ b/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb @@ -17,22 +17,25 @@ require 'ipaddr' module ActiveRecord module ConnectionHandling + VALID_CONN_PARAMS = [:host, :hostaddr, :port, :dbname, :user, :password, :connect_timeout, + :client_encoding, :options, :application_name, :fallback_application_name, + :keepalives, :keepalives_idle, :keepalives_interval, :keepalives_count, + :tty, :sslmode, :requiressl, :sslcert, :sslkey, :sslrootcert, :sslcrl, + :requirepeer, :krbsrvname, :gsslib, :service] + # Establishes a connection to the database that's used by all Active Record objects def postgresql_connection(config) # :nodoc: conn_params = config.symbolize_keys - # Forward any unused config params to PGconn.connect. - [:statement_limit, :encoding, :min_messages, :schema_search_path, - :schema_order, :adapter, :pool, :checkout_timeout, :template, - :prepared_statements, :reaping_frequency, :insert_returning, :variables].each do |key| - conn_params.delete key - end - conn_params.delete_if { |k,v| v.nil? } + conn_params.delete_if { |_, v| v.nil? } # Map ActiveRecords param names to PGs. conn_params[:user] = conn_params.delete(:username) if conn_params[:username] conn_params[:dbname] = conn_params.delete(:database) if conn_params[:database] + # Forward only valid config params to PGconn.connect. + conn_params.keep_if { |k, _| VALID_CONN_PARAMS.include?(k) } + # The postgres drivers don't allow the creation of an unconnected PGconn object, # so just pass a nil connection object for the time being. ConnectionAdapters::PostgreSQLAdapter.new(nil, logger, conn_params, config) -- cgit v1.2.3