Greetings,
* Stephen Frost (sfr...@snowman.net) wrote:
> * Andrew Gierth (and...@tao11.riddles.org.uk) wrote:
> > > "Peter" == Peter Eisentraut writes:
> >
> > >> It seems to me that this is a bug in ProcessStartupPacket, which
> > >> should accept both GSS or SSL negotiation requests on
On Fri, Feb 21, 2020 at 12:35:03AM +, Andrew Gierth wrote:
> > "Stephen" == Stephen Frost writes:
>
> >> I figure something along these lines for the fix. Anyone in a
> >> position to test this?
>
> Stephen> At least at first blush, I tend to agree with your analysis
> Stephen> and
> "Stephen" == Stephen Frost writes:
>> I figure something along these lines for the fix. Anyone in a
>> position to test this?
Stephen> At least at first blush, I tend to agree with your analysis
Stephen> and patch.
Stephen> I'll see about getting this actually set up and tested in
On Fri, Dec 20, 2019 at 06:14:09PM +, Andrew Gierth wrote:
> > "Bruce" == Bruce Momjian writes:
>
> >> This came up recently on IRC, not sure if the report there was
> >> passed on at all.
> >>
> >> ProcessStartupPacket assumes that there will be only one negotiation
> >> request
> "Bruce" == Bruce Momjian writes:
>> This came up recently on IRC, not sure if the report there was
>> passed on at all.
>>
>> ProcessStartupPacket assumes that there will be only one negotiation
>> request for an encrypted connection, but libpq is capable of issuing
>> two: it will
Greetings,
* Bruce Momjian (br...@momjian.us) wrote:
> On Sun, Dec 1, 2019 at 01:13:31AM +, Andrew Gierth wrote:
> > This came up recently on IRC, not sure if the report there was passed on
> > at all.
> >
> > ProcessStartupPacket assumes that there will be only one negotiation
> > request
On Sun, Dec 1, 2019 at 01:13:31AM +, Andrew Gierth wrote:
> This came up recently on IRC, not sure if the report there was passed on
> at all.
>
> ProcessStartupPacket assumes that there will be only one negotiation
> request for an encrypted connection, but libpq is capable of issuing
>
> On 4. Dec 2019, at 06:24, Stephen Frost wrote:
>
> Greetings,
>
> * Andrew Gierth (and...@tao11.riddles.org.uk) wrote:
>>> "Peter" == Peter Eisentraut writes:
>>
It seems to me that this is a bug in ProcessStartupPacket, which
should accept both GSS or SSL negotiation
Greetings,
* Andrew Gierth (and...@tao11.riddles.org.uk) wrote:
> > "Peter" == Peter Eisentraut writes:
>
> >> It seems to me that this is a bug in ProcessStartupPacket, which
> >> should accept both GSS or SSL negotiation requests on a connection
> >> (in either order). Maybe
> "Peter" == Peter Eisentraut writes:
>> It seems to me that this is a bug in ProcessStartupPacket, which
>> should accept both GSS or SSL negotiation requests on a connection
>> (in either order). Maybe secure_done should be two flags rather than
>> one?
Peter> I have also seen
On 2019-12-01 02:13, Andrew Gierth wrote:
But ProcessStartupPacket assumes that the packet after a failed
negotiation of either kind will be the actual startup packet, so the SSL
connection request is rejected with "unsupported version 1234.5679".
I'm guessing this usually goes unnoticed
This came up recently on IRC, not sure if the report there was passed on
at all.
ProcessStartupPacket assumes that there will be only one negotiation
request for an encrypted connection, but libpq is capable of issuing
two: it will ask for GSS encryption first, if it looks like it will be
able to
12 matches
Mail list logo
