Skip site navigation (1) Skip section navigation (2)

Re: krb5 authentication and multihomed server hosts

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: pod(at)herald(dot)ox(dot)ac(dot)uk (pod)
Cc: pgsql-bugs(at)postgresql(dot)org
Subject: Re: krb5 authentication and multihomed server hosts
Date: 2005-07-26 18:12:36
Message-ID: 17211.1122401556@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-bugs
pod(at)herald(dot)ox(dot)ac(dot)uk (pod) writes:
> "TL" == Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> writes:
>     TL> VirtualHost is long gone, so this patch is of little help anyway.

> A brief scan of src/backend/libpq/auth.c 1.127 make me think it will
> behave similarly to my patched 7.4.7 when krb_server_hostname is specified
> in the config file.

> I'd have to actually test multiple listen_addresses and krb5_recvauth()
> behaviour when the pg_krb5_server krb5_principal is NULL.  I have a
> horrible suspicion that this used to be broken in MIT krb5 but may not be
> now.  In any case, again, it's not your concern.

Well, actually, the subtext of my question is that we now support what's
effectively multiple VirtualHosts (see the listen_addresses parameter),
and I was wondering if that means that krb_server_hostname needs to have
an entry per listen_address in order to respond to the problem you see.

			regards, tom lane

In response to

Responses

pgsql-bugs by date

Next:From: Chris SaringolisDate: 2005-07-27 06:36:05
Subject: BUG #1789: Error starting up server
Previous:From: podDate: 2005-07-26 14:48:00
Subject: Re: krb5 authentication and multihomed server hosts

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group