Re: Patch to add Heimdal kerberos support

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bill Studenmund <wrstuden(at)netbsd(dot)org>
Cc: pgsql-patches(at)postgresql(dot)org
Subject: Re: Patch to add Heimdal kerberos support
Date: 2001-11-13 23:34:34
Message-ID: 4130.1005694474@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-patches

Bill Studenmund <wrstuden(at)netbsd(dot)org> writes:
> I'm not aware of something which says "Heimdal" or "MIT". Yes, I can
> personally look at the libraries, and if I see libroken and libasn1, then
> chances are it's heimdal, and if I see libk5crypto (I think that's the
> one), chances are it's MIT. But I'd like the configure script to be more
> robust - how do we tell if we have a broken install of either type?

Peter Eisentraut is our local autoconf guru, and perhaps will be willing
to help you out with this. But my guess would be that we link with
whichever libraries we see out there. It's not our business to
determine whether the Kerberos install is "broken".

> No, I looked at the docs in the MIT kerberos I pulled down, and they list
> an rc_type parameter for krb5_recvauth. The code, though, doesn't have
> one! Also, nothing else in the doc refers to rc_type....

Hmph. Okay, it must just be an error in the MIT docs. Nevermind that
then.

I still wonder whether there isn't some documented API (common to both
MIT and Heimdal) for extracting the client principal from a ticket.
I mean, that's almost the entire reason for getting the ticket in the
first place; you can hardly argue that this is not core functionality.
I find it hard to believe that Heimdal hasn't duplicated the standard
way of getting the principal from a ticket. I can believe that we
weren't *using* the standard way, however...

regards, tom lane

In response to

Responses

Browse pgsql-patches by date

  From Date Subject
Next Message Bill Studenmund 2001-11-14 02:48:52 Re: Patch to add Heimdal kerberos support
Previous Message Bill Studenmund 2001-11-13 23:18:49 Re: Patch to add Heimdal kerberos support