Skip site navigation (1) Skip section navigation (2)

BUG #5958: Connection error when authentication is kerberos

From: "jack liu" <liubin0123(at)gmail(dot)com>
To: pgsql-bugs(at)postgresql(dot)org
Subject: BUG #5958: Connection error when authentication is kerberos
Date: 2011-03-30 02:58:38
Message-ID: (view raw or whole thread)
Lists: pgsql-bugs
The following bug has been logged online:

Bug reference:      5958
Logged by:          jack liu
Email address:      liubin0123(at)gmail(dot)com
PostgreSQL version: 8.4.6
Operating system:   windows xp sp3,redhat Enterprise 5
Description:        Connection error when authentication is kerberos


I meet an error about authication is kerberos in windows.
and i try to use the newest  version 9.0.3,this error reappear.
so i guess this may be a bug.

i use two pc about this experiment.

pc1: Kerberos server(KDC)  	ip:
pc2: postgres.exe and psql 	ip:

pc1 is a RedHat enterprise 5 linux,for issue TGT and ticket to pc2's
postgres and psql,and i can success get a TGT by user mit's 

kerberos tools packet.

pc2 is a windows xp3 workstation,and i modify the file pg_hba.conf like


# IPv4 local connections:
host    all         all          trust
host    all         all          krb5
# IPv6 local connections:
#host    all         all         ::1/128               trust

and i also modify postgresql.conf

krb_server_keyfile = 'D:/pg_debug/etc/kadm5.keytab'

kadm5.keytab is a key table that copy from KDC server by 
kadmin.local:ktadd -k kadm5.keytab	postgres/ 

step 1: start postgres:
postgres.exe -D ../data -h

step 2: get a database user's TGT
kinit -5 jack

step 3: psql to postgres's database test
psql -U jack -h test

then,the error appear:
LOG:  Kerberos recvauth returned error 10035
postgres: operations on nonblocking sockets that cannot be completed
immediately.from krb5_recvauth
FATAL: Kerberos 5 authentication failed for user "jack"
psql: krb5_sendauth:An existing connection was forcibly closed by the remote
and i search msdn error number pages:

postgres's error number :10035	WSAEWOULDBLOCK
psql's error number:10054	WSAECONNRESET

i guess server's socket setting is block however client socket is
non-block,but i search fe-auth.c
and found in pg_krb5_sendauth() there have a pg_set_block(conn->sock).

the error does not exist while postgres and psql run in linux environment.

Is that problem  did not handle it in windows?

pgsql-bugs by date

Next:From: Per-Olov EsgardDate: 2011-03-30 10:39:08
Subject: BUG #5959: pg_restore --use-list does not always work with a pg_restore generated TOC file
Previous:From: Grzegorz SzpetkowskiDate: 2011-03-30 01:20:11
Subject: BUG #5957: createdb with description and md5 auth forces to provide password twice

Privacy Policy | About PostgreSQL
Copyright © 1996-2015 The PostgreSQL Global Development Group