Re: Protocol problem with GSSAPI encryption? - Mailing list pgsql-hackers

From Stephen Frost
Subject Re: Protocol problem with GSSAPI encryption?
Date
Msg-id 20191204052440.GD6962@tamriel.snowman.net
Whole thread Raw
In response to Re: Protocol problem with GSSAPI encryption?  (Andrew Gierth <andrew@tao11.riddles.org.uk>)
Responses Re: Protocol problem with GSSAPI encryption?
Re: Protocol problem with GSSAPI encryption?
Re: Protocol problem with GSSAPI encryption?
List pgsql-hackers
Greetings,

* Andrew Gierth (andrew@tao11.riddles.org.uk) wrote:
> >>>>> "Peter" == Peter Eisentraut <peter.eisentraut@2ndquadrant.com> writes:
>
>  >> It seems to me that this is a bug in ProcessStartupPacket, which
>  >> should accept both GSS or SSL negotiation requests on a connection
>  >> (in either order). Maybe secure_done should be two flags rather than
>  >> one?
>
>  Peter> I have also seen reports of that. I think your analysis is
>  Peter> correct.
>
> I figure something along these lines for the fix. Anyone in a position
> to test this?

At least at first blush, I tend to agree with your analysis and patch.

I'll see about getting this actually set up and tested in the next week
or so (and maybe there's some way to also manage to have a regression
test for it..).

Thanks!

Stephen

Attachment

pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: Windows buildfarm members vs. new async-notify isolation test
Next
From: Kyotaro Horiguchi
Date:
Subject: Re: Session WAL activity