Re: [PATCH v2] GSSAPI encryption support
Robbie Harwood <rharwood@redhat.com>
From: Robbie Harwood <rharwood@redhat.com>
To: Michael Paquier <michael.paquier@gmail.com>
Cc: PostgreSQL mailing lists <pgsql-hackers@postgresql.org>
Date: 2015-09-09T16:44:49Z
Lists: pgsql-hackers
Michael Paquier <michael.paquier@gmail.com> writes: > On Wed, Sep 9, 2015 at 4:12 AM, Robbie Harwood wrote: >> Michael Paquier writes: >> As promised, here's a V2 to address your issues with comments. I >> haven't heard back on the issues you found in testing, so no other >> changes are present. > > Well, the issue is still here: login through gssapi fails with your > patch, not with HEAD. This patch is next on my review list by the way > so I'll see what I can do about it soon even if I am in the US for > Postgres Open next week. Still, how did you test it? I am just > creating by myself a KDC, setting up a valid credential with kinit, > and after setting up Postgres for this purpose the protocol > communication just fails. My KDC is setup through freeIPA; I create a service for postgres, acquire a keytab, set it in the config file, and fire up the server. It should go without saying that this is working for me, which is why I asked you for more information so I could try to debug. I wrote a post on this back in June when this was still in development: http://mivehind.net/page/view-page-slug/16/postgres-kerberos
Commits
-
GSSAPI encryption support
- b0b39f72b990 12.0 landed
-
Fix typo
- 57c932475504 9.6.0 cited