Skip to content
Permalink
Browse files

Don't allow CloneWith to persist security info

Fixes #2725
  • Loading branch information...
roji committed Nov 6, 2019
1 parent 2ec01b6 commit d8ec22bf24178d518fba41bb496845e24634a4b1
Showing with 29 additions and 0 deletions.
  1. +2 −0 src/Npgsql/NpgsqlConnection.cs
  2. +27 −0 test/Npgsql.Tests/ConnectionTests.cs
@@ -1307,6 +1307,8 @@ public NpgsqlConnection CloneWith(string connectionString)
var csb = new NpgsqlConnectionStringBuilder(connectionString);
if (csb.Password == null && Password != null)
csb.Password = Password;
if (csb.PersistSecurityInfo && !Settings.PersistSecurityInfo)
csb.PersistSecurityInfo = false;
return new NpgsqlConnection(csb.ToString()) {
ProvideClientCertificatesCallback = ProvideClientCertificatesCallback,
UserCertificateValidationCallback = UserCertificateValidationCallback,
@@ -948,6 +948,33 @@ public void NoPasswordWithoutPersistSecurityInfo([Values(true, false)] bool pool
}
}

[Test, IssueLink("https://github.com/npgsql/npgsql/issues/2725")]
public void CloneWithAndPersistSecurityInfo()
{
var csb = new NpgsqlConnectionStringBuilder(ConnectionString)
{
PersistSecurityInfo = true,
Pooling = false
};

var connStringWithPersist = csb.ToString();
using var connWithPersist = new NpgsqlConnection(connStringWithPersist);

// First un-persist, should work
csb.PersistSecurityInfo = false;
var connStringWithoutPersist = csb.ToString();
using var clonedWithoutPersist = connWithPersist.CloneWith(connStringWithoutPersist);
clonedWithoutPersist.Open();

Assert.That(clonedWithoutPersist.ConnectionString, Does.Not.Contain("Password="));

// Then attempt to re-persist, should not work
using var clonedConn = clonedWithoutPersist.CloneWith(connStringWithPersist);
clonedConn.Open();

Assert.That(clonedConn.ConnectionString, Does.Not.Contain("Password="));
}

[Test]
[IssueLink("https://github.com/npgsql/npgsql/issues/743")]
[IssueLink("https://github.com/npgsql/npgsql/issues/783")]

0 comments on commit d8ec22b

Please sign in to comment.
You can’t perform that action at this time.