Re: krb5 authentication and multihomed server hosts

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: pod(at)herald(dot)ox(dot)ac(dot)uk (pod)
Cc: pgsql-bugs(at)postgresql(dot)org
Subject: Re: krb5 authentication and multihomed server hosts
Date: 2005-07-26 18:12:36
Message-ID: 17211.1122401556@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

pod(at)herald(dot)ox(dot)ac(dot)uk (pod) writes:
> "TL" == Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> writes:
> TL> VirtualHost is long gone, so this patch is of little help anyway.

> A brief scan of src/backend/libpq/auth.c 1.127 make me think it will
> behave similarly to my patched 7.4.7 when krb_server_hostname is specified
> in the config file.

> I'd have to actually test multiple listen_addresses and krb5_recvauth()
> behaviour when the pg_krb5_server krb5_principal is NULL. I have a
> horrible suspicion that this used to be broken in MIT krb5 but may not be
> now. In any case, again, it's not your concern.

Well, actually, the subtext of my question is that we now support what's
effectively multiple VirtualHosts (see the listen_addresses parameter),
and I was wondering if that means that krb_server_hostname needs to have
an entry per listen_address in order to respond to the problem you see.

regards, tom lane

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Chris Saringolis 2005-07-27 06:36:05 BUG #1789: Error starting up server
Previous Message pod 2005-07-26 14:48:00 Re: krb5 authentication and multihomed server hosts