Skip site navigation (1) Skip section navigation (2)

Re: Preliminary GSSAPI Patches

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: "Henry B(dot) Hotz" <hbhotz(at)oxy(dot)edu>
Cc: pgsql-patches(at)postgresql(dot)org
Subject: Re: Preliminary GSSAPI Patches
Date: 2007-06-19 13:04:11
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-patches
On Sun, May 20, 2007 at 01:28:40AM -0700, Henry B. Hotz wrote:
> I finally got to testing that updated patch.  It's fine per-se, but  
> was missing the updated README.GSSAPI file.  Herewith fixed.

I've been reviewing and updating this patch, for a while now.I've changed
quite a bit around, and I have it working fine, but I have one question.

Is there a way to provoke GSSAPI into sending multiple packets in the
authentication? It doesn't seem to do that for me, and ISTM that the code
as it stands is broken in that case - but I'd like to verify it.

Basically, pg_GSS_recvauth() is supposed to loop and read all "continuing
exchange packets", right? But the reading of packets from the network sits
*outside* the loop. So it basically just loops over and over on the same
data, which ISTM is wrong. It does send a proper ask-for-continue message
to the frontend inside the loop, but I can't figure out how it's supposed
to read the response.

It looks like the fix should be as simple as moving the packet reading into
the loop, but again I'd like a way to test it :)


In response to


pgsql-patches by date

Next:From: Tom LaneDate: 2007-06-19 14:28:29
Subject: Re: WIP: rewrite numeric division
Previous:From: Gregory StarkDate: 2007-06-19 12:33:25
Subject: Re: [HACKERS] 'Waiting on lock'

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group