[PATCH v8] GSSAPI encryption support

From: Robbie Harwood <rharwood(at)redhat(dot)com>
To: pgsql-hackers(at)postgresql(dot)org
Subject: [PATCH v8] GSSAPI encryption support
Date: 2016-03-20 04:09:27
Message-ID: jlg37rlg58o.fsf@thriss.redhat.com
Views: Raw Message | Whole Thread | Download mbox
Lists: pgsql-hackers

Hello friends,

A new version of my GSSAPI encryption patchset is available, both in
this email and on my github:

What changed:

- Fixed fallback in the new server/old client case. The server flag
checking has been reduced. In the (distant) future when all old
clients are gone, the checking should be increased in strength once

- Fixed fallback in the old server/new client case. This consists of
checking whether the first message we receive after auth is done is an
error, and raising it without decrypting if it is so that reconnection
can happen if desired. The quality of the fallback path has also
generally been improved.

- Removed overzealous whitespace cleanup. I'm a packager and have been
bitten by upstreams doing this; I should have known better.

- Made flushing the AUTH_REQ_OK message conditional again.

- Fixed typo in server error message for insufficient GSSAPI protection.


Attachment Content-Type Size
v8-0001-Move-common-GSSAPI-code-into-its-own-files.patch text/x-diff 13.4 KB
v8-0002-Connection-encryption-support-for-GSSAPI.patch text/x-diff 38.0 KB
v8-0003-GSSAPI-authentication-cleanup.patch text/x-diff 4.6 KB

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Andres Freund 2016-03-20 04:14:09 Re: Performance degradation in commit ac1d794
Previous Message Michael Paquier 2016-03-20 04:02:23 Re: VS 2015 support in src/tools/msvc