Sean Chittenden wrote:
> > > > > auth.c: In function `pg_krb5_recvauth':
> > > > > auth.c:294: structure has no member named `user'
> > > >
> > > > Ooops, my fault --- I didn't build with Kerberos support after
> > > > changing those field names.
> > > >
> > > > Now that I think about it, there might be similar omissions in the
> > > > PAM or Kerberos4 support --- can anyone try those?
> > >
> > > krb4 code should be removed from PostgreSQL ASAP for various
> > > insecurities in the protocol. It's been removed from FreeBSD, MIT,
> > > and Heimdal's code base and is officially unsupported as of June this
> > > year. -sc
> >
> > I have added the following to our documentation in the Kerberos section:
> >
> > <para>
> > While <productname>PostgreSQL</> supports both Kerberos 4 and
> > Kerberos 5, only Kerberos 5 is recommended. Kerberos 4 is
> > considered insecure and no longer recommended for general
> > use.
> > </para>
>
> iirc, we were going to depreciate kerberos 4 in the 7.4 release notes
> and remove support for it for 7.5, giving users one full release cycle
> to move to krb5.
>
> There any plans to include the appropriate verbiage to allow for krb4's
> future deorbit?
I don't remember any agreement to remove krb4 in 7.5. Am I wrong?
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square,
Pennsylvania19073
