Home > mailing lists

Re: [EXT] Re: GSS Auth issue when user member of lots of AD groups - Mailing list pgsql-bugs

From	Jacob Champion
Subject	Re: [EXT] Re: GSS Auth issue when user member of lots of AD groups
Date	May 28 01:24:37
Msg-id	CAOYmi+kFc_STQC=9kPufkxmUS1RwRSim2p+1MambGJNSHUj-Tg@mail.gmail.com Whole thread Raw
In response to	Re: [EXT] Re: GSS Auth issue when user member of lots of AD groups (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	RE: [EXT] Re: GSS Auth issue when user member of lots of AD groups Re: [EXT] Re: GSS Auth issue when user member of lots of AD groups
List	pgsql-bugs

Tree view

On Tue, May 27, 2025 at 3:15 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
> I don't think so, because that would create exactly the cross-version
> discrepancy we need to avoid.  (That is, if sender thinks it can do
> 16384 when receiver's limit is 16384-4, kaboom.)  The patch proposes
> to allow slop in this during the auth phase when the packet size is
> really being determined by the underlying GSSAPI library anyway.
> But once we're past that and our own code is slicing up the data
> stream into packets, I think the max packet size is indeed an
> inalterable part of the protocol.

Oh, I see. Yeah, that's unfortunate but makes sense.

> Could we address your confusion by improving the comment about the
> packet-size #define to point out that it includes the header word?

Yes, I think so.

Thanks!
--Jacob

pgsql-bugs by date:

From: Tom Lane
Date: 28 May, 01:15:29
Subject: Re: [EXT] Re: GSS Auth issue when user member of lots of AD groups

From: Laurenz Albe
Date: 28 May, 11:33:39
Subject: Re: SIMILAR TO expressions translate wildcards where they shouldn't

Re: [EXT] Re: GSS Auth issue when user member of lots of AD groups - Mailing list pgsql-bugs

Previous

Next