| From: | Robbie Harwood <rharwood(at)redhat(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | [PATCH v1] GSSAPI encryption support |
| Date: | 2015-07-02 18:22:13 |
| Message-ID: | jlg1tgq1ktm.fsf@thriss.redhat.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hello -hackers,
As previously discussed on this list, I have coded up GSSAPI encryption
support. If it is easier for anyone, this code is also available for
viewing on my github:
https://github.com/postgres/postgres/compare/master...frozencemetery:feature/gssencrypt
Fallback support is present in both directions for talking to old client
and old servers; GSSAPI encryption is by default auto-upgraded to where
available (for compatibility), but both client and server contain
settings for requiring it.
There are 8 commits in this series; I have tried to err on the side of
creating too much separation rather than too little. A patch for each
is attached. This is v1 of the series.
Thanks!
| Attachment | Content-Type | Size |
|---|---|---|
| v1-1-build-Define-with_gssapi-for-use-in-Makefiles.patch | text/x-diff | 1.4 KB |
| v1-2-client-Disable-GSS-encryption-on-old-servers.patch | text/x-diff | 3.8 KB |
| v1-3-client-GSSAPI-encryption-and-decryption.patch | text/x-diff | 7.4 KB |
| v1-4-server-GSSAPI-encryption-and-decryption.patch | text/x-diff | 9.8 KB |
| v1-5-Error-when-receiving-plaintext-on-GSS-encrypted-conn.patch | text/x-diff | 3.4 KB |
| v1-6-server-hba-option-for-requiring-GSSAPI-encryption.patch | text/x-diff | 3.4 KB |
| v1-7-client-gss_enc_require-parameter-to-force-GSS-encryp.patch | text/x-diff | 3.0 KB |
| v1-8-Document-GSSAPI-encryption.patch | text/x-diff | 6.8 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Heikki Linnakangas | 2015-07-02 18:22:52 | Re: Time to fully remove heap_formtuple() and friends? |
| Previous Message | Robert Haas | 2015-07-02 18:17:16 | Re: Reducing ClogControlLock contention |