Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2 - Mailing list pgsql-patches

From Magnus Hagander
Subject Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2
Date
Msg-id 6BCB9D8A16AC4241919521715F4D8BCE92E72B@algol.sollentuna.se
Whole thread Raw
Responses Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2  (Bruce Momjian <pgman@candle.pha.pa.us>)
List pgsql-patches
(Tom, this is the other one you were referring to, I hope.)

I'm still planning to do this, but I'm very pressed for time right now.
I'll try to get it done as soon as possible, but worst case it may be
around two weeks before I can do it. Sorry. If someone else wants to
beat me to it go right ahead, otherwise - it's on it's way eventually.
I think a general overview to make sure the different parts (config
section vs kerberos auth section) are actually in sync is required.

//Magnus

>
> I need a comment on this.
>
> --------------------------------------------------------------
> -------------
>
> Tom Lane wrote:
> > BTW, it appears to me that this patch has also broken the
> claim in the
> > manual that
> >
> >     If [krb_server_hostname is] not set, the default is to allow any
> >     service principal matching an entry in the keytab.
> >
> > The reason that was true was that we passed a NULL "server"
> value to
> > krb5_recvauth(), which with this patch we never do anymore.
> >
> > I'm not sure if this represents a serious loss of
> flexibility or not,
> > but in any case the documentation needs an update.
> >
> >             regards, tom lane
> >
> > ---------------------------(end of
> > broadcast)---------------------------
> > TIP 5: don't forget to increase your free space map settings
> >
>
> --
>   Bruce Momjian                        |  http://candle.pha.pa.us
>   pgman@candle.pha.pa.us               |  (610) 359-1001
>   +  If your life is a hard drive,     |  13 Roberts Road
>   +  Christ can be your backup.        |  Newtown Square,
> Pennsylvania 19073
>

pgsql-patches by date:

Previous
From: Tom Lane
Date:
Subject: Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2
Next
From: Bruce Momjian
Date:
Subject: Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2