On Wed, Feb 08, 2006 at 06:36:10PM +0200, Devrim GUNDUZ wrote:
> On Wed, 2006-02-08 at 11:28 -0500, Stephen Frost wrote:
>
> > I'd really like to see the multiple DB connections with different
> > Kerberos credentials go in to 8.1.3. It solved the problem we were
> > having authenticating to PostgreSQL using Kerberos from Apache. We were
> > also able to get phppgadmin to use Kerberos authentication with this
> > patch (which is very nice). That patch also went into the 8.1.2-2
> > release of the Debian packages
>
> [OT]
> So Debian has a patch that is not in 8.1.2? I can't believe that they
> are doing that -- personally I'm against to add any patch into binaries
> that is not in the core.
> [/OT]
Debian had the patch to enable ident over unix domain sockets well
before core did. So long that I didn't even realise it was a patch
until I compiled my own version. The patch had been submitted upstream
but fell between the cracks. As a Debian user it something I like.
The changelog entry says:
* Add debian/patches/12-krb5-multiusers.patch: - Fix krb5 credential handling in libpq for multiple connections
with different users: Don't keep credentials in global variables, but pass them around in a new krb5_info
struct. - Patch from Stephen Frost, proposed to be adopted upstream.
I consider it a form of preventative bug fixing. Somebody on Debian is
bound to complain about it sooner or later, so may as well fix it now.
There is a group who likes having kerberos working properly...
I imagine if a similar bug affected SSL connections, people would be
jumping up and down to have it fixed.
Have a nice day,
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
> tool for doing 5% of the work and then sitting around waiting for someone
> else to do the other 95% so you can sue them.