forked frompostgres/postgres
- Notifications
You must be signed in to change notification settings - Fork6
Commit2c0cdc8
committed
Extensive code review for GSSAPI encryption mechanism.
Fix assorted bugs in handling of non-blocking I/O when using GSSAPIencryption. The encryption layer could return the wrong statusinformation to its caller, resulting in effectively dropping some data(or possibly in aborting a not-broken connection), or in a "livelock"situation where data remains to be sent but the upper layers thinktransmission is done and just go to sleep. There were multiple smallthinkos contributing to that, as well as one big one (failure to thinkthrough what to do when a send fails after having already transmitteddata). Note that these errors could cause failures whether the clientapplication asked for non-blocking I/O or not, since both libpq andthe backend always run things in non-block mode at this level.Also get rid of use of static variables for GSSAPI inside libpq;that's entirely not okay given that multiple connections could beopen at once inside a single client process.Also adjust a bunch of random small discrepancies between the frontendand backend versions of the send/receive functions -- except for errorhandling, they should be identical, and now they are.Also extend the Kerberos TAP tests to exercise cases where nontrivialamounts of data need to be pushed through encryption. Before, thosetests didn't provide any useful coverage at all for the cases ofinterest here. (They still might not, depending on timing, but atleast there's a chance.)Per complaint from pmc@citylink and subsequent investigation.Back-patch to v12 where this code was introduced.Discussion:https://postgr.es/m/20200109181822.GA74698@gate.oper.dinoex.org1 parentc67a55d commit2c0cdc8
File tree
5 files changed
+555
-344
lines changed- src
- backend/libpq
- interfaces/libpq
- test/kerberos/t
5 files changed
+555
-344
lines changed0 commit comments
Comments
(0)