NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commitd09cfa3

committed

libpq should expose GSS-related parameters even when not implemented.

We realized years ago that it's better for libpq to accept allconnection parameters syntactically, even if some are ignored orrestricted due to lack of the feature in a particular build.However, that lesson from the SSL support was for some reason neverapplied to the GSSAPI support. This is causing various buildfarmmembers to have problems with a test case added by commit6136e94,and it's just a bad idea from a user-experience standpoint anyway,so fix it.While at it, fix some places where parameter-related infrastructurewas added with the aid of a dartboard, or perhaps with the aid ofthe anti-pattern "add new stuff at the end". It should be safeto rearrange the contents of struct pg_conn even in releasedbranches, since that's private to libpq (and we'd have to movesome fields in some builds to fix this, anyway).Back-patch to all supported branches.Discussion:https://postgr.es/m/11297.1576868677@sss.pgh.pa.us

1 parentd6eca49 commitd09cfa3Copy full SHA for d09cfa3

File tree

5 files changed

+21

-32

lines changed

contrib/postgres_fdw
- expected
  - postgres_fdw.out
- sql
  - postgres_fdw.sql
doc/src/sgml
- libpq.sgml
src/interfaces/libpq
- fe-connect.c
- libpq-int.h

5 files changed

+21

-32

lines changed

`‎contrib/postgres_fdw/expected/postgres_fdw.out`

Lines changed: 5 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -134,8 +134,8 @@ ALTER TABLE ft_pg_type SET WITH OIDS;`
`134`	`134`	`-- ===================================================================`
`135`	`135`	`-- tests for validator`
`136`	`136`	`-- ===================================================================`
`137`		`--- requiressl, krbsrvnameandgsslibare omitted because they depend on`
`138`		`--- configure options`
	`137`	`+-- requiresslandsome other parametersare omitted because`
	`138`	`+--valid values for them depend onconfigure options`
`139`	`139`	`ALTER SERVER testserver1 OPTIONS (`
`140`	`140`	`use_remote_estimate 'false',`
`141`	`141`	`updatable 'true',`
`@@ -159,10 +159,10 @@ ALTER SERVER testserver1 OPTIONS (`
`159`	`159`	`sslcert 'value',`
`160`	`160`	`sslkey 'value',`
`161`	`161`	`sslrootcert 'value',`
`162`		`-sslcrl 'value'`
	`162`	`+sslcrl 'value',`
`163`	`163`	`--requirepeer 'value',`
`164`		`---krbsrvname 'value',`
`165`		`---gsslib 'value',`
	`164`	`+krbsrvname 'value',`
	`165`	`+gsslib 'value'`
`166`	`166`	`--replication 'value'`
`167`	`167`	`);`
`168`	`168`	`-- Error, invalid list syntax`

`‎contrib/postgres_fdw/sql/postgres_fdw.sql`

Lines changed: 5 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -147,8 +147,8 @@ ALTER TABLE ft_pg_type SET WITH OIDS;`
`147`	`147`	`-- ===================================================================`
`148`	`148`	`-- tests for validator`
`149`	`149`	`-- ===================================================================`
`150`		`--- requiressl, krbsrvnameandgsslibare omitted because they depend on`
`151`		`--- configure options`
	`150`	`+-- requiresslandsome other parametersare omitted because`
	`151`	`+--valid values for them depend onconfigure options`
`152`	`152`	`ALTER SERVER testserver1 OPTIONS (`
`153`	`153`	`use_remote_estimate'false',`
`154`	`154`	`updatable'true',`
`@@ -172,10 +172,10 @@ ALTER SERVER testserver1 OPTIONS (`
`172`	`172`	`sslcert'value',`
`173`	`173`	`sslkey'value',`
`174`	`174`	`sslrootcert'value',`
`175`		`-sslcrl'value'`
	`175`	`+sslcrl'value',`
`176`	`176`	`--requirepeer 'value',`
`177`		`---krbsrvname 'value',`
`178`		`---gsslib 'value',`
	`177`	`+krbsrvname'value',`
	`178`	`+gsslib'value'`
`179`	`179`	`--replication 'value'`
`180`	`180`	`);`
`181`	`181`

`‎doc/src/sgml/libpq.sgml`

Lines changed: 4 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -1487,8 +1487,10 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname`
`1487`	`1487`	`<term><literal>gsslib</literal></term>`
`1488`	`1488`	`<listitem>`
`1489`	`1489`	`<para>`
`1490`		`- GSS library to use for GSSAPI authentication. Only used on Windows.`
`1491`		`- Set to <literal>gssapi</literal> to force libpq to use the GSSAPI`
	`1490`	`+ GSS library to use for GSSAPI authentication.`
	`1491`	`+ Currently this is disregarded except on Windows builds that include`
	`1492`	`+ both GSSAPI and SSPI support. In that case, set`
	`1493`	`+ this to <literal>gssapi</literal> to cause libpq to use the GSSAPI`
`1492`	`1494`	`library for authentication instead of the default SSPI.`
`1493`	`1495`	`</para>`
`1494`	`1496`	`</listitem>`

`‎src/interfaces/libpq/fe-connect.c`

Lines changed: 5 additions & 13 deletions

Original file line number	Diff line number	Diff line change
`@@ -296,23 +296,19 @@ static const internalPQconninfoOption PQconninfoOptions[] = {`
`296`	`296`	`"Require-Peer","",10,`
`297`	`297`	`offsetof(structpg_conn,requirepeer)},`
`298`	`298`
`299`		`-#if defined(ENABLE_GSS)\|\|defined(ENABLE_SSPI)`
	`299`	`+/*`
	`300`	`+ * As with SSL, all GSS options are exposed even in builds that don't have`
	`301`	`+ * support.`
	`302`	`+ */`
	`303`	`+`
`300`	`304`	`/* Kerberos and GSSAPI authentication support specifying the service name */`
`301`	`305`	`{"krbsrvname","PGKRBSRVNAME",PG_KRB_SRVNAM,NULL,`
`302`	`306`	`"Kerberos-service-name","",20,`
`303`	`307`	`offsetof(structpg_conn,krbsrvname)},`
`304`		`-#endif`
`305`		`-`
`306`		`-#if defined(ENABLE_GSS)&&defined(ENABLE_SSPI)`
`307`	`308`
`308`		`-/*`
`309`		`- * GSSAPI and SSPI both enabled, give a way to override which is used by`
`310`		`- * default`
`311`		`- */`
`312`	`309`	`{"gsslib","PGGSSLIB",NULL,NULL,`
`313`	`310`	`"GSS-library","",7,/* sizeof("gssapi") = 7 */`
`314`	`311`	`offsetof(structpg_conn,gsslib)},`
`315`		`-#endif`
`316`	`312`
`317`	`313`	`{"replication",NULL,NULL,NULL,`
`318`	`314`	`"Replication","D",5,`
`@@ -3605,14 +3601,10 @@ freePGconn(PGconn *conn)`
`3605`	`3601`	`free(conn->sslcompression);`
`3606`	`3602`	`if (conn->requirepeer)`
`3607`	`3603`	`free(conn->requirepeer);`
`3608`		`-#if defined(ENABLE_GSS)\|\| defined(ENABLE_SSPI)`
`3609`	`3604`	`if (conn->krbsrvname)`
`3610`	`3605`	`free(conn->krbsrvname);`
`3611`		`-#endif`
`3612`		`-#if defined(ENABLE_GSS)&& defined(ENABLE_SSPI)`
`3613`	`3606`	`if (conn->gsslib)`
`3614`	`3607`	`free(conn->gsslib);`
`3615`		`-#endif`
`3616`	`3608`	`/* Note that conn->Pfdebug is not ours to close or free */`
`3617`	`3609`	`if (conn->last_query)`
`3618`	`3610`	`free(conn->last_query);`

`‎src/interfaces/libpq/libpq-int.h`

Lines changed: 2 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -357,10 +357,9 @@ struct pg_conn`
`357`	`357`	`charsslrootcert;/ root certificate filename */`
`358`	`358`	`charsslcrl;/ certificate revocation list filename */`
`359`	`359`	`charrequirepeer;/ required peer credentials for local sockets */`
`360`		`-`
`361`		`-#if defined(ENABLE_GSS)\|\| defined(ENABLE_SSPI)`
`362`	`360`	`charkrbsrvname;/ Kerberos service name */`
`363`		`-#endif`
	`361`	`+chargsslib;/ What GSS library to use ("gssapi" or`
	`362`	`+ * "sspi") */`
`364`	`363`
`365`	`364`	`/* Type of connection to make. Possible values: any, read-write. */`
`366`	`365`	`char*target_session_attrs;`
`@@ -479,10 +478,6 @@ struct pg_conn`
`479`	`478`	`#endif`
`480`	`479`
`481`	`480`	`#ifdefENABLE_SSPI`
`482`		`-#ifdefENABLE_GSS`
`483`		`-chargsslib;/ What GSS library to use ("gssapi" or`
`484`		`- * "sspi") */`
`485`		`-#endif`
`486`	`481`	`CredHandlesspicred;/ SSPI credentials handle */`
`487`	`482`	`CtxtHandlesspictx;/ SSPI context */`
`488`	`483`	`charsspitarget;/ SSPI target name */`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitd09cfa3

File tree

5 files changed

5 files changed

`‎contrib/postgres_fdw/expected/postgres_fdw.out`

`‎contrib/postgres_fdw/sql/postgres_fdw.sql`

`‎doc/src/sgml/libpq.sgml`

`‎src/interfaces/libpq/fe-connect.c`

`‎src/interfaces/libpq/libpq-int.h`

0 commit comments