0003-remove-authtype-restriction.patch
text/x-diff
Filename: 0003-remove-authtype-restriction.patch
Type: text/x-diff
Part: 2
Patch
Format: unified
Series: patch 0003
| File | + | − |
|---|---|---|
| src/backend/libpq/auth.c | 0 | 11 |
| src/backend/libpq/hba.c | 0 | 13 |
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index 7f65310c14..aad7f982bf 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -382,17 +382,6 @@ ClientAuthentication(Port *port)
errmsg("connection requires a valid client certificate")));
}
-#ifdef ENABLE_GSS
- if (port->gss && port->gss->enc && port->hba->auth_method != uaReject &&
- port->hba->auth_method != uaImplicitReject &&
- port->hba->auth_method != uaTrust &&
- port->hba->auth_method != uaGSS)
- {
- ereport(FATAL, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
- errmsg("GSSAPI encryption can only be used with gss, trust, or reject authentication methods")));
- }
-#endif
-
/*
* Now proceed to do the actual authentication check
*/
diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c
index 41ca0791ea..99319b273a 100644
--- a/src/backend/libpq/hba.c
+++ b/src/backend/libpq/hba.c
@@ -1447,19 +1447,6 @@ parse_hba_line(TokenizedLine *tok_line, int elevel)
*err_msg = "gssapi authentication is not supported on local sockets";
return NULL;
}
- if (parsedline->conntype == ctHostGSS &&
- parsedline->auth_method != uaGSS &&
- parsedline->auth_method != uaReject &&
- parsedline->auth_method != uaTrust)
- {
- ereport(elevel,
- (errcode(ERRCODE_CONFIG_FILE_ERROR),
- errmsg("GSSAPI encryption only supports gss, trust, or reject authentication"),
- errcontext("line %d of configuration file \"%s\"",
- line_num, HbaFileName)));
- *err_msg = "GSSAPI encryption only supports gss, trust, or reject authentication";
- return NULL;
- }
if (parsedline->conntype != ctLocal &&
parsedline->auth_method == uaPeer)