On Nov 9, 2007, at 5:24 AM, Magnus Hagander wrote:
On Tue, 2007-11-06 at 18:10 -0800, Henry B. Hotz wrote:
On Nov 6, 2007, at 6:27 AM, Magnus Hagander wrote:
On Fri, Nov 02, 2007 at 11:23:30AM -0700, Henry B. Hotz wrote:
I'm not entirely sure what the intended semantics of
krb_match_realm
a
On Tue, 2007-11-06 at 18:10 -0800, Henry B. Hotz wrote:
> On Nov 6, 2007, at 6:27 AM, Magnus Hagander wrote:
> > On Fri, Nov 02, 2007 at 11:23:30AM -0700, Henry B. Hotz wrote:
> >> I'm not entirely sure what the intended semantics of
> >> krb_match_realm
> >> are, but if you're trying
On Nov 6, 2007, at 6:27 AM, Magnus Hagander wrote:
On Fri, Nov 02, 2007 at 11:23:30AM -0700, Henry B. Hotz wrote:
I'm not entirely sure what the intended semantics of
krb_match_realm
are, but if you're trying to match the GSSAPI-authenticated name
against
"value_of(PGUSER)@value_of(krb_match_r
On Fri, Nov 02, 2007 at 11:23:30AM -0700, Henry B. Hotz wrote:
> I'm not entirely sure what the intended semantics of
> krb_match_realm
> are, but if you're trying to match the GSSAPI-authenticated name
> against
> "value_of(PGUSER)@value_of(krb_match_realm)" then you need t
Henry B. Hotz wrote:
>
> On Nov 1, 2007, at 6:33 AM, Tom Lane wrote:
>
>> Magnus Hagander <[EMAIL PROTECTED]> writes:
>>> Tom Lane wrote:
Also the elog message texts need a bit of copy-editing.
>>
>>> Probably ;-) Got any specific hints, so I don't have to go through the
>>> iteration twice?
On Nov 1, 2007, at 6:33 AM, Tom Lane wrote:
Magnus Hagander <[EMAIL PROTECTED]> writes:
Tom Lane wrote:
Also the elog message texts need a bit of copy-editing.
Probably ;-) Got any specific hints, so I don't have to go through
the
iteration twice?
The one that caught my eye was
On Nov 2, 2007, at 8:38 AM, Magnus Hagander wrote:
Henry B. Hotz wrote:
On Nov 1, 2007, at 1:40 PM, Magnus Hagander wrote:
Henry B. Hotz wrote:
Thank you very much. This helps, but I'm still evaluating how
much.
I *can* point at one problem though: you do a strchr
(gbuf.value, '@')
a
Henry B. Hotz wrote:
>
> On Nov 1, 2007, at 1:40 PM, Magnus Hagander wrote:
>
>> Henry B. Hotz wrote:
>>> Thank you very much. This helps, but I'm still evaluating how much.
>>>
>>> I *can* point at one problem though: you do a strchr(gbuf.value, '@')
>>> and then error out if there isn't a Ker
On Nov 1, 2007, at 1:40 PM, Magnus Hagander wrote:
Henry B. Hotz wrote:
Thank you very much. This helps, but I'm still evaluating how much.
I *can* point at one problem though: you do a strchr(gbuf.value,
'@')
and then error out if there isn't a Kerberos realm there. In fact
that
is e
Thank you very much. This helps, but I'm still evaluating how much.
I *can* point at one problem though: you do a strchr(gbuf.value,
'@') and then error out if there isn't a Kerberos realm there. In
fact that is exactly the default username of at least one of the
GSSAPI implementations I
Henry B. Hotz wrote:
> Thank you very much. This helps, but I'm still evaluating how much.
>
> I *can* point at one problem though: you do a strchr(gbuf.value, '@')
> and then error out if there isn't a Kerberos realm there. In fact that
> is exactly the default username of at least one of the
Tom Lane wrote:
> Magnus Hagander <[EMAIL PROTECTED]> writes:
>> Tom Lane wrote:
>>> Also the elog message texts need a bit of copy-editing.
>
>> Probably ;-) Got any specific hints, so I don't have to go through the
>> iteration twice?
>
> The one that caught my eye was
>
> "SSPI d
Magnus Hagander <[EMAIL PROTECTED]> writes:
> Tom Lane wrote:
>> Also the elog message texts need a bit of copy-editing.
> Probably ;-) Got any specific hints, so I don't have to go through the
> iteration twice?
The one that caught my eye was
"SSPI domain (%s) does and configured d
Tom Lane wrote:
> Magnus Hagander <[EMAIL PROTECTED]> writes:
>> Attached patch implements krb_match_realm for krb5, gssapi and sspi per
>> complaint from Henry. Comments welcome.
>
> Minor gripe: "krb_match_realm" sounds like it should be a boolean:
> do or don't check the realm. Would just "krb
Magnus Hagander <[EMAIL PROTECTED]> writes:
> Attached patch implements krb_match_realm for krb5, gssapi and sspi per
> complaint from Henry. Comments welcome.
Minor gripe: "krb_match_realm" sounds like it should be a boolean:
do or don't check the realm. Would just "krb_realm" be sensible?
Also
Attached patch implements krb_match_realm for krb5, gssapi and sspi per
complaint from Henry. Comments welcome.
Working on documentation which will of course be ready when it's
committed :)
Oh, and it changes the krb username handling to be the same as the
gssapi one. I've never heard of anybody
16 matches
Mail list logo
