Re: BUG #5121: Segmentation Fault when using pam w/ krb5

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Douglas, Ryan" <RDouglas(at)arbinet(dot)com>
Cc: pgsql-bugs(at)postgreSQL(dot)org
Subject: Re: BUG #5121: Segmentation Fault when using pam w/ krb5
Date: 2009-10-16 16:37:20
Message-ID: 7812.1255711040@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

"Douglas, Ryan" <RDouglas(at)arbinet(dot)com> writes:
> I added some logging statements in the pam_passwd_conv_proc function and
> it gets as far as checking if the password is null then returning
> PAM_CONV_ERR.

That's what I would expect to happen if you don't use -W in psql.
What I suspect is happening with the MS KDC is that an additional
call to the conv_proc happens later with some parameter values that
we aren't prepared for. Can you stick some debugging printout
into the checks at the very top of the routine?

> if (passwd == NULL)
> ereport(LOG,(errmsg("RD - passwd
> is NULL... returning PAM_CONV_ERR")));
> return PAM_CONV_ERR; /* client didn't want to
> send password */

I think you need to add some braces if you don't want to break the
behavior here. This is C not Python ...

regards, tom lane

In response to

Browse pgsql-bugs by date

  From Date Subject
Next Message Douglas, Ryan 2009-10-16 16:46:36 Re: BUG #5121: Segmentation Fault when using pam w/ krb5
Previous Message David Fetter 2009-10-16 16:20:31 Re: BUG #5123: bug in window function "last_value"