| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | "Henry B(dot) Hotz" <hbhotz(at)oxy(dot)edu> |
| Cc: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: Preliminary GSSAPI Patches |
| Date: | 2007-06-19 13:04:11 |
| Message-ID: | 20070619130411.GC9331@svr2.hagander.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
On Sun, May 20, 2007 at 01:28:40AM -0700, Henry B. Hotz wrote:
> I finally got to testing that updated patch. It's fine per-se, but
> was missing the updated README.GSSAPI file. Herewith fixed.
>
I've been reviewing and updating this patch, for a while now.I've changed
quite a bit around, and I have it working fine, but I have one question.
Is there a way to provoke GSSAPI into sending multiple packets in the
authentication? It doesn't seem to do that for me, and ISTM that the code
as it stands is broken in that case - but I'd like to verify it.
Basically, pg_GSS_recvauth() is supposed to loop and read all "continuing
exchange packets", right? But the reading of packets from the network sits
*outside* the loop. So it basically just loops over and over on the same
data, which ISTM is wrong. It does send a proper ask-for-continue message
to the frontend inside the loop, but I can't figure out how it's supposed
to read the response.
It looks like the fix should be as simple as moving the packet reading into
the loop, but again I'd like a way to test it :)
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2007-06-19 14:28:29 | Re: WIP: rewrite numeric division |
| Previous Message | Gregory Stark | 2007-06-19 12:33:25 | Re: [HACKERS] 'Waiting on lock' |