Home > mailing lists

Re: Re: [HACKERS] BUG #13854: SSPI authentication failure: wrong realm name used - Mailing list pgsql-bugs

From	Alvaro Herrera
Subject	Re: Re: [HACKERS] BUG #13854: SSPI authentication failure: wrong realm name used
Date	March 25, 2016 00:23:20
Msg-id	20160324212249.GA697466@alvherre.pgsql Whole thread Raw
In response to	Re: Re: [HACKERS] BUG #13854: SSPI authentication failure: wrong realm name used (Christian Ullrich <chris@chrullrich.net>)
Responses	Re: [HACKERS] BUG #13854: SSPI authentication failure: wrong realm name used
List	pgsql-bugs

Tree view

Christian Ullrich wrote:

> To be honest, I'm not sure what can and cannot be done in auth code. I
> took inspiration from the existing SSPI code and nearly every error
> check in pg_SSPI_recvauth() ends up doing ereport(ERROR) already,
> directly or via pg_SSPI_error(). If this could cause serious trouble,
> someone would have noticed yet.

I think the problem is whether the report is sent to the client or not,
but I may be confusing with something else (COMMERROR reports?).

> What *could* happen, anyway? Can ereport(ERROR) in a backend make the
> postmaster panic badly enough to force a shared memory reset?

Probably not, since it's running in a backend already at that point, not
in postmaster.

-- 
Álvaro Herrera                http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

pgsql-bugs by date:

From: Christian Ullrich
Date: 24 March 2016, 23:58:16
Subject: Re: Re: [HACKERS] BUG #13854: SSPI authentication failure: wrong realm name used

From: Robert Haas
Date: 25 March 2016, 00:40:08
Subject: Re: Breakage with VACUUM ANALYSE + partitions

Re: Re: [HACKERS] BUG #13854: SSPI authentication failure: wrong realm name used - Mailing list pgsql-bugs

Previous

Next