|From:||Robbie Harwood <rharwood(at)redhat(dot)com>|
|To:||PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org>|
|Cc:||Andres Freund <andres(at)anarazel(dot)de>, Michael Paquier <michael(dot)paquier(at)gmail(dot)com>|
|Subject:||Re: [PATCH v3] GSSAPI encryption support|
|Views:||Raw Message | Whole Thread | Download mbox|
Alright, here's v3. As requested, it's one patch now. Other things
addressed herein include:
- postgres.h/assert.h ordering fix
- spacing around casts
- leaking of GSS buffer in be_gss_inplace_decrypt
- libpq-be.h not having a conditional internal include
- always exposing guc veriable gss_encrypt
- copyright/description headers on all new files
- movement of GSSAPI methods from fe-auth.c and auth.c to fe-gss.c and
- renaming GSSAPI files to fe-gss.c and be-gss.c (drops -secure)
Andres, one thing you mentioned as "feels rather wrong" was the
GSSAPI-specific code in pqcomm.c; while looking at that again, I have a
slightly better explanation than what I said previously.
Essentially, the problem is that socket_putmessage_noblock() needs to
know the size of the message to put in the buffer but we can't know
that until we've encrypted the message. socket_putmessage_noblock()
calls socket_putmessage() after ensuring the call will not block;
however, other code paths simply call directly into socket_putmessage()
and so socket_putmessage() needs to have a path to encryption as well.
If you have other potential solutions to this problem, I would love to
hear them; right now though I don't see a better way.
Patch follows. Thanks!
|Next Message||Amir Rohan||2015-10-13 22:52:21||Re: Proposal: pg_confcheck - syntactic & semantic validation of postgresql configuration files|
|Previous Message||Andres Freund||2015-10-13 22:16:06||Re: Proposal: pg_confcheck - syntactic & semantic validation of postgresql configuration files|