Postgres Pro
Downloads
Home   >   mailing lists

Thread: pgsql: Make RADIUS authentication use pg_getaddrinfo_all() to get

pgsql: Make RADIUS authentication use pg_getaddrinfo_all() to get

From
mha@postgresql.org (Magnus Hagander)
Date:
Log Message:
-----------
Make RADIUS authentication use pg_getaddrinfo_all() to get address of
the server.

Gets rid of a fairly ugly hack for Solaris, and also provides hostname
and IPV6 support.

Modified Files:
--------------
    pgsql/doc/src/sgml:
        client-auth.sgml (r1.129 -> r1.130)
        (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/doc/src/sgml/client-auth.sgml?r1=1.129&r2=1.130)
    pgsql/src/backend/libpq:
        auth.c (r1.193 -> r1.194)
        (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/backend/libpq/auth.c?r1=1.193&r2=1.194)
        hba.c (r1.196 -> r1.197)
        (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/backend/libpq/hba.c?r1=1.196&r2=1.197)
    pgsql/src/include/port:
        solaris.h (r1.18 -> r1.19)
        (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/include/port/solaris.h?r1=1.18&r2=1.19)

Re: pgsql: Make RADIUS authentication use pg_getaddrinfo_all() to get

From
Tom Lane
Date:
mha@postgresql.org (Magnus Hagander) writes:
> Make RADIUS authentication use pg_getaddrinfo_all() to get address of
> the server.

Looks like the mingw machines don't have in6addr_any.

Perhaps instead of depending on magic constants, you should have the
code use what "localhost" resolves as, comparably to pgstat.c.

            regards, tom lane

Re: pgsql: Make RADIUS authentication use pg_getaddrinfo_all() to get

From
Magnus Hagander
Date:
On Wednesday, February 3, 2010, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> mha@postgresql.org (Magnus Hagander) writes:
>> Make RADIUS authentication use pg_getaddrinfo_all() to get address of
>> the server.
>
> Looks like the mingw machines don't have in6addr_any.

*grumble*


> Perhaps instead of depending on magic constants, you should have the
> code use what "localhost" resolves as, comparably to pgstat.c.

Uh, but those are not the same. If we bind to localhost we can't
communicate with non-localhost addresses. inadds_any corresponds so
0.0.0.0/0 which you are specifically *not* supposed to use - you
should use the magic constant and not a manual such.  And I don't know
if there is a symbolic name that corresponds to it at all?

Pgstat only talks locally so that's a completely different thing.

/Magnus


--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

Re: pgsql: Make RADIUS authentication use pg_getaddrinfo_all() to get

From
Tom Lane
Date:
Magnus Hagander <magnus@hagander.net> writes:
> On Wednesday, February 3, 2010, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> Perhaps instead of depending on magic constants, you should have the
>> code use what "localhost" resolves as, comparably to pgstat.c.

> Pgstat only talks locally so that's a completely different thing.

Ah, right.

I notice that in libpq/ip.c, we're using a macro IN6_IS_ADDR_UNSPECIFIED()
as a substitute for testing equality to in6addr_any.  I wonder where
that comes from and whether it has a brother for assignment...

            regards, tom lane

Re: pgsql: Make RADIUS authentication use pg_getaddrinfo_all() to get

From
Magnus Hagander
Date:
On Wednesday, February 3, 2010, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Magnus Hagander <magnus@hagander.net> writes:
>> On Wednesday, February 3, 2010, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>>> Perhaps instead of depending on magic constants, you should have the
>>> code use what "localhost" resolves as, comparably to pgstat.c.
>
>> Pgstat only talks locally so that's a completely different thing.
>
> Ah, right.
>
> I notice that in libpq/ip.c, we're using a macro IN6_IS_ADDR_UNSPECIFIED()
> as a substitute for testing equality to in6addr_any.  I wonder where
> that comes from and whether it has a brother for assignment...
>

I'll take a look. I'm off doing training all day so it won't be until
tonight though.

/Magnus

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

Re: pgsql: Make RADIUS authentication use pg_getaddrinfo_all() to get

From
Magnus Hagander
Date:
On Wed, Feb 3, 2010 at 07:22, Magnus Hagander <magnus@hagander.net> wrote:
> On Wednesday, February 3, 2010, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> Magnus Hagander <magnus@hagander.net> writes:
>>> On Wednesday, February 3, 2010, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>>>> Perhaps instead of depending on magic constants, you should have the
>>>> code use what "localhost" resolves as, comparably to pgstat.c.
>>
>>> Pgstat only talks locally so that's a completely different thing.
>>
>> Ah, right.
>>
>> I notice that in libpq/ip.c, we're using a macro IN6_IS_ADDR_UNSPECIFIED()
>> as a substitute for testing equality to in6addr_any.  I wonder where
>> that comes from and whether it has a brother for assignment...
>>
>
> I'll take a look. I'm off doing training all day so it won't be until
> tonight though.

Ok. Mingw *does* have inaddr6_any. Only they have it in the headers,
as an extern, but they didn't put it in their libraries. *sigh*

So one thing we could do is to simply define the extern in a #ifdef
section, right there. Which seems rather ugly. Or we can create a new
symbol on mingw and #define or #ifdef it to use that one, like
inaddr6_any_brokenmingw.

From some googling, the value should be:
static in6_addr inaddr6_any={0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0};

Which one seems least ugly?

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/