From: | "jack liu" <liubin0123(at)gmail(dot)com> |
---|---|
To: | pgsql-bugs(at)postgresql(dot)org |
Subject: | BUG #5958: Connection error when authentication is kerberos |
Date: | 2011-03-30 02:58:38 |
Message-ID: | 201103300258.p2U2wcIt090611@wwwmaster.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
The following bug has been logged online:
Bug reference: 5958
Logged by: jack liu
Email address: liubin0123(at)gmail(dot)com
PostgreSQL version: 8.4.6
Operating system: windows xp sp3,redhat Enterprise 5
Description: Connection error when authentication is kerberos
Details:
Hi,there
I meet an error about authication is kerberos in windows.
and i try to use the newest version 9.0.3,this error reappear.
so i guess this may be a bug.
i use two pc about this experiment.
pc1: Kerberos server(KDC) ip:192.168.8.243
pc2: postgres.exe and psql ip:192.168.1.27
pc1 is a RedHat enterprise 5 linux,for issue TGT and ticket to pc2's
postgres and psql,and i can success get a TGT by user mit's
kerberos tools packet.
pc2 is a windows xp3 workstation,and i modify the file pg_hba.conf like
that:
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
host all all 192.168.0.0/16 krb5
# IPv6 local connections:
#host all all ::1/128 trust
and i also modify postgresql.conf
krb_server_keyfile = 'D:/pg_debug/etc/kadm5.keytab'
kadm5.keytab is a key table that copy from KDC server by
kadmin.local:ktadd -k kadm5.keytab postgres/test.example.com
step 1: start postgres:
postgres.exe -D ../data -h 192.168.1.27
step 2: get a database user's TGT
kinit -5 jack
step 3: psql to postgres's database test
psql -U jack -h 192.168.1.27 test
then,the error appear:
postgres:
--------------------------------------------
LOG: Kerberos recvauth returned error 10035
postgres: operations on nonblocking sockets that cannot be completed
immediately.from krb5_recvauth
FATAL: Kerberos 5 authentication failed for user "jack"
--------------------------------------------
psql:
--------------------------------------------
psql: krb5_sendauth:An existing connection was forcibly closed by the remote
host
--------------------------------------------
and i search msdn error number pages:
http://msdn.microsoft.com/en-us/library/ms740668(v=vs.85).aspx
postgres's error number :10035 WSAEWOULDBLOCK
psql's error number:10054 WSAECONNRESET
i guess server's socket setting is block however client socket is
non-block,but i search fe-auth.c
and found in pg_krb5_sendauth() there have a pg_set_block(conn->sock).
the error does not exist while postgres and psql run in linux environment.
Is that problem did not handle it in windows?
From | Date | Subject | |
---|---|---|---|
Next Message | Per-Olov Esgard | 2011-03-30 10:39:08 | BUG #5959: pg_restore --use-list does not always work with a pg_restore generated TOC file |
Previous Message | Grzegorz Szpetkowski | 2011-03-30 01:20:11 | BUG #5957: createdb with description and md5 auth forces to provide password twice |