| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Cc: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Subject: | Re: Please test peer (socket ident) auth on *BSD |
| Date: | 2011-05-31 02:31:20 |
| Message-ID: | 15317.1306809080@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
I wrote:
> I've applied patches to fix Martin Pitt's report of peer auth failing on
> FreeBSD-amd64 kernels. I tested it with FreeBSD but do not have the
> resources to check every other platform that uses the same code branch
> in auth_peer. The buildfarm will soon tell us if the patches fail to
> compile anywhere, but since the buildfarm doesn't test that
> authentication path, it's not going to be as obvious whether it works.
> So, if you have a BSD-ish machine, please try HEAD and see if peer auth
> (or "ident" auth in older branches) still works for you. Extra points
> if you find out it used to be broken on your machine. (Hey Stefan, did
> you ever try that on spoonbill?)
BTW, after looking more closely at the buildfarm configure logs, it
appears that both OpenBSD and NetBSD have getpeereid(), which means
that they don't use this code at all. It is currently looking to me
like the HAVE_STRUCT_FCRED and HAVE_STRUCT_SOCKCRED variants are dead
code. They've been in there since before we had the getpeereid() code
path, and presumably were needed at one time ... but does anyone know
of a platform where they're still needed?
I'm a bit inclined to rip that code out of HEAD, if we can't point to a
platform where it'd be needed, just to reduce the #ifdef spaghetti.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2011-05-31 02:43:20 | Re: Getting a bug tracker for the Postgres project |
| Previous Message | ktm@rice.edu | 2011-05-31 02:19:21 | Re: Getting a bug tracker for the Postgres project |