[PATCH v8] GSSAPI encryption support

Robbie Harwood <rharwood@redhat.com>

From: Robbie Harwood <rharwood@redhat.com>
To: pgsql-hackers@postgresql.org
Date: 2016-03-20T04:09:27Z
Lists: pgsql-hackers

Attachments

Hello friends,

A new version of my GSSAPI encryption patchset is available, both in
this email and on my github:
https://github.com/frozencemetery/postgres/tree/feature/gssencrypt8

What changed:

- Fixed fallback in the new server/old client case.  The server flag
  checking has been reduced.  In the (distant) future when all old
  clients are gone, the checking should be increased in strength once
  again.

- Fixed fallback in the old server/new client case.  This consists of
  checking whether the first message we receive after auth is done is an
  error, and raising it without decrypting if it is so that reconnection
  can happen if desired.  The quality of the fallback path has also
  generally been improved.

- Removed overzealous whitespace cleanup.  I'm a packager and have been
  bitten by upstreams doing this; I should have known better.

- Made flushing the AUTH_REQ_OK message conditional again.

- Fixed typo in server error message for insufficient GSSAPI protection.

Thanks!

Commits

  1. GSSAPI encryption support

  2. Fix typo