| From: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Chris Gooch <cgooch(at)bamfunds(dot)com>, "pgsql-bugs(at)lists(dot)postgresql(dot)org" <pgsql-bugs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: [EXT] Re: GSS Auth issue when user member of lots of AD groups |
| Date: | 2025-05-27 22:24:37 |
| Message-ID: | CAOYmi+kFc_STQC=9kPufkxmUS1RwRSim2p+1MambGJNSHUj-Tg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs pgsql-committers |
On Tue, May 27, 2025 at 3:15 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> I don't think so, because that would create exactly the cross-version
> discrepancy we need to avoid. (That is, if sender thinks it can do
> 16384 when receiver's limit is 16384-4, kaboom.) The patch proposes
> to allow slop in this during the auth phase when the packet size is
> really being determined by the underlying GSSAPI library anyway.
> But once we're past that and our own code is slicing up the data
> stream into packets, I think the max packet size is indeed an
> inalterable part of the protocol.
Oh, I see. Yeah, that's unfortunate but makes sense.
> Could we address your confusion by improving the comment about the
> packet-size #define to point out that it includes the header word?
Yes, I think so.
Thanks!
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2025-05-28 00:00:20 | Re: SIMILAR TO expressions translate wildcards where they shouldn't |
| Previous Message | Tom Lane | 2025-05-27 22:15:29 | Re: [EXT] Re: GSS Auth issue when user member of lots of AD groups |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2025-05-28 00:00:03 | pgsql: Fix conversion of SIMILAR TO regexes for character classes |
| Previous Message | Tom Lane | 2025-05-27 22:15:29 | Re: [EXT] Re: GSS Auth issue when user member of lots of AD groups |