| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Andrew Gierth <andrew(at)tao11(dot)riddles(dot)org(dot)uk> |
| Cc: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Protocol problem with GSSAPI encryption? |
| Date: | 2019-12-04 05:24:41 |
| Message-ID: | 20191204052440.GD6962@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Greetings,
* Andrew Gierth (andrew(at)tao11(dot)riddles(dot)org(dot)uk) wrote:
> >>>>> "Peter" == Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> writes:
>
> >> It seems to me that this is a bug in ProcessStartupPacket, which
> >> should accept both GSS or SSL negotiation requests on a connection
> >> (in either order). Maybe secure_done should be two flags rather than
> >> one?
>
> Peter> I have also seen reports of that. I think your analysis is
> Peter> correct.
>
> I figure something along these lines for the fix. Anyone in a position
> to test this?
At least at first blush, I tend to agree with your analysis and patch.
I'll see about getting this actually set up and tested in the next week
or so (and maybe there's some way to also manage to have a regression
test for it..).
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kyotaro Horiguchi | 2019-12-04 05:33:07 | Re: Session WAL activity |
| Previous Message | Tom Lane | 2019-12-04 05:12:27 | Re: Windows buildfarm members vs. new async-notify isolation test |