On Fri, Jun 20, 2003 at 07:48:02PM -0700, Joe Conway wrote:
> This change (I'm sure this will wrap poorly -- sorry):
> http://developer.postgresql.org/cvsweb.cgi/pgsql-server/src/include/libpq/pqcomm.h.diff?r1=1.85&r2=1.86
>
> modified SockAddr, but no corresponding change was made here
> (fe-auth.c:612):
>
> case AUTH_REQ_KRB5:
> #ifdef KRB5
> if (pg_krb5_sendauth(PQerrormsg, conn->sock, &conn->laddr.in,
> &conn->raddr.in,
> hostname) != STATUS_OK)
>
> It's not obvious to me what the change ought to be though.
This patch should hopefully fix both kerberos 4 and 5.
Kurt
Index: src/backend/libpq/auth.c
===================================================================
RCS file: /projects/cvsroot/pgsql-server/src/backend/libpq/auth.c,v
retrieving revision 1.102
diff -u -r1.102 auth.c
--- src/backend/libpq/auth.c 12 Jun 2003 07:36:51 -0000 1.102
+++ src/backend/libpq/auth.c 21 Jun 2003 15:02:06 -0000
@@ -430,6 +430,13 @@
}
case uaKrb4:
+ /* Kerberos 4 only seems to work with AF_INET. */
+ if (port->raddr.addr.ss_family != AF_INET
+ || port->laddr.addr.ss_family != AF_INET)
+ {
+ elog(FATAL,
+ "Unsupported protocol for Kerberos 4");
+ }
sendAuthRequest(port, AUTH_REQ_KRB4);
status = pg_krb4_recvauth(port);
break;
Index: src/interfaces/libpq/fe-auth.c
===================================================================
RCS file: /projects/cvsroot/pgsql-server/src/interfaces/libpq/fe-auth.c,v
retrieving revision 1.80
diff -u -r1.80 fe-auth.c
--- src/interfaces/libpq/fe-auth.c 14 Jun 2003 17:49:53 -0000 1.80
+++ src/interfaces/libpq/fe-auth.c 21 Jun 2003 15:02:08 -0000
@@ -357,10 +357,7 @@
* the server
*/
static int
-pg_krb5_sendauth(char *PQerrormsg, int sock,
- struct sockaddr_in * laddr,
- struct sockaddr_in * raddr,
- const char *hostname)
+pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
{
krb5_error_code retval;
int ret;
@@ -594,9 +591,10 @@
case AUTH_REQ_KRB4:
#ifdef KRB4
- if (pg_krb4_sendauth(PQerrormsg, conn->sock, &conn->laddr.in,
- &conn->raddr.in,
- hostname) !=
STATUS_OK)
+ if (pg_krb4_sendauth(PQerrormsg, conn->sock,
+ (struct sockaddr_in *)&conn->laddr.addr,
+ (struct sockaddr_in *)&conn->raddr.addr,
+ hostname) != STATUS_OK)
{
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
libpq_gettext("Kerberos 4 authentication
failed\n"));
@@ -611,9 +609,8 @@
case AUTH_REQ_KRB5:
#ifdef KRB5
- if (pg_krb5_sendauth(PQerrormsg, conn->sock, &conn->laddr.in,
- &conn->raddr.in,
- hostname) !=
STATUS_OK)
+ if (pg_krb5_sendauth(PQerrormsg, conn->sock,
+ hostname) != STATUS_OK)
{
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
libpq_gettext("Kerberos 5 authentication
failed\n"));
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faqs/FAQ.html
