Skip site navigation (1) Skip section navigation (2)

Re: BUG #5121: Segmentation Fault when using pam w/ krb5

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Douglas, Ryan" <RDouglas(at)arbinet(dot)com>
Cc: pgsql-bugs(at)postgreSQL(dot)org
Subject: Re: BUG #5121: Segmentation Fault when using pam w/ krb5
Date: 2009-10-16 16:37:20
Message-ID: 7812.1255711040@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-bugs
"Douglas, Ryan" <RDouglas(at)arbinet(dot)com> writes:
> I added some logging statements in the pam_passwd_conv_proc function and
> it gets as far as checking if the password is null then returning
> PAM_CONV_ERR.

That's what I would expect to happen if you don't use -W in psql.
What I suspect is happening with the MS KDC is that an additional
call to the conv_proc happens later with some parameter values that
we aren't prepared for.  Can you stick some debugging printout
into the checks at the very top of the routine?

>                 if (passwd == NULL)
>                                         ereport(LOG,(errmsg("RD - passwd
> is NULL... returning PAM_CONV_ERR")));
>                         return PAM_CONV_ERR;    /* client didn't want to
> send password */

I think you need to add some braces if you don't want to break the
behavior here.  This is C not Python ...

			regards, tom lane

In response to

pgsql-bugs by date

Next:From: Douglas, RyanDate: 2009-10-16 16:46:36
Subject: Re: BUG #5121: Segmentation Fault when using pam w/ krb5
Previous:From: David FetterDate: 2009-10-16 16:20:31
Subject: Re: BUG #5123: bug in window function "last_value"

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group