Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commite8f60e6

Browse files
committed
libpq should expose GSS-related parameters even when not implemented.
We realized years ago that it's better for libpq to accept allconnection parameters syntactically, even if some are ignored orrestricted due to lack of the feature in a particular build.However, that lesson from the SSL support was for some reason neverapplied to the GSSAPI support. This is causing various buildfarmmembers to have problems with a test case added by commit6136e94,and it's just a bad idea from a user-experience standpoint anyway,so fix it.While at it, fix some places where parameter-related infrastructurewas added with the aid of a dartboard, or perhaps with the aid ofthe anti-pattern "add new stuff at the end". It should be safeto rearrange the contents of struct pg_conn even in releasedbranches, since that's private to libpq (and we'd have to movesome fields in some builds to fix this, anyway).Back-patch to all supported branches.Discussion:https://postgr.es/m/11297.1576868677@sss.pgh.pa.us
1 parente5a37d9 commite8f60e6

File tree

5 files changed

+23
-39
lines changed

5 files changed

+23
-39
lines changed

‎contrib/postgres_fdw/expected/postgres_fdw.out

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -132,8 +132,8 @@ CREATE FOREIGN TABLE ft6 (
132132
-- ===================================================================
133133
-- tests for validator
134134
-- ===================================================================
135-
-- requiressl, krbsrvnameandgsslibare omitted because they depend on
136-
-- configure options
135+
-- requiresslandsome other parametersare omitted because
136+
--valid values for them depend onconfigure options
137137
ALTER SERVER testserver1 OPTIONS (
138138
use_remote_estimate 'false',
139139
updatable 'true',
@@ -158,10 +158,10 @@ ALTER SERVER testserver1 OPTIONS (
158158
sslcert 'value',
159159
sslkey 'value',
160160
sslrootcert 'value',
161-
sslcrl 'value'
161+
sslcrl 'value',
162162
--requirepeer 'value',
163-
--krbsrvname 'value',
164-
--gsslib 'value',
163+
krbsrvname 'value',
164+
gsslib 'value'
165165
--replication 'value'
166166
);
167167
-- Error, invalid list syntax

‎contrib/postgres_fdw/sql/postgres_fdw.sql

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -145,8 +145,8 @@ CREATE FOREIGN TABLE ft6 (
145145
-- ===================================================================
146146
-- tests for validator
147147
-- ===================================================================
148-
-- requiressl, krbsrvnameandgsslibare omitted because they depend on
149-
-- configure options
148+
-- requiresslandsome other parametersare omitted because
149+
--valid values for them depend onconfigure options
150150
ALTER SERVER testserver1 OPTIONS (
151151
use_remote_estimate'false',
152152
updatable'true',
@@ -171,10 +171,10 @@ ALTER SERVER testserver1 OPTIONS (
171171
sslcert'value',
172172
sslkey'value',
173173
sslrootcert'value',
174-
sslcrl'value'
174+
sslcrl'value',
175175
--requirepeer 'value',
176-
--krbsrvname 'value',
177-
--gsslib 'value',
176+
krbsrvname'value',
177+
gsslib'value'
178178
--replication 'value'
179179
);
180180

‎doc/src/sgml/libpq.sgml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1625,8 +1625,10 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname
16251625
<term><literal>gsslib</literal></term>
16261626
<listitem>
16271627
<para>
1628-
GSS library to use for GSSAPI authentication. Only used on Windows.
1629-
Set to <literal>gssapi</literal> to force libpq to use the GSSAPI
1628+
GSS library to use for GSSAPI authentication.
1629+
Currently this is disregarded except on Windows builds that include
1630+
both GSSAPI and SSPI support. In that case, set
1631+
this to <literal>gssapi</literal> to cause libpq to use the GSSAPI
16301632
library for authentication instead of the default SSPI.
16311633
</para>
16321634
</listitem>

‎src/interfaces/libpq/fe-connect.c

Lines changed: 6 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -309,30 +309,21 @@ static const internalPQconninfoOption PQconninfoOptions[] = {
309309
offsetof(structpg_conn,requirepeer)},
310310

311311
/*
312-
*Expose gssencmode similarly to sslmode - we can still handle "disable"
313-
*and "prefer".
312+
*As with SSL, all GSS options are exposed even in builds that don't have
313+
*support.
314314
*/
315315
{"gssencmode","PGGSSENCMODE",DefaultGSSMode,NULL,
316316
"GSSENC-Mode","",7,/* sizeof("disable") == 7 */
317317
offsetof(structpg_conn,gssencmode)},
318318

319-
#if defined(ENABLE_GSS)||defined(ENABLE_SSPI)
320319
/* Kerberos and GSSAPI authentication support specifying the service name */
321320
{"krbsrvname","PGKRBSRVNAME",PG_KRB_SRVNAM,NULL,
322321
"Kerberos-service-name","",20,
323322
offsetof(structpg_conn,krbsrvname)},
324-
#endif
325-
326-
#if defined(ENABLE_GSS)&&defined(ENABLE_SSPI)
327323

328-
/*
329-
* GSSAPI and SSPI both enabled, give a way to override which is used by
330-
* default
331-
*/
332324
{"gsslib","PGGSSLIB",NULL,NULL,
333325
"GSS-library","",7,/* sizeof("gssapi") = 7 */
334326
offsetof(structpg_conn,gsslib)},
335-
#endif
336327

337328
{"replication",NULL,NULL,NULL,
338329
"Replication","D",5,
@@ -3966,14 +3957,14 @@ freePGconn(PGconn *conn)
39663957
free(conn->sslcompression);
39673958
if (conn->requirepeer)
39683959
free(conn->requirepeer);
3969-
if (conn->connip)
3970-
free(conn->connip);
39713960
if (conn->gssencmode)
39723961
free(conn->gssencmode);
3973-
#if defined(ENABLE_GSS)|| defined(ENABLE_SSPI)
39743962
if (conn->krbsrvname)
39753963
free(conn->krbsrvname);
3976-
#endif
3964+
if (conn->gsslib)
3965+
free(conn->gsslib);
3966+
if (conn->connip)
3967+
free(conn->connip);
39773968
#ifdefENABLE_GSS
39783969
if (conn->gcred!=GSS_C_NO_CREDENTIAL)
39793970
{
@@ -3989,10 +3980,6 @@ freePGconn(PGconn *conn)
39893980
gss_delete_sec_context(&minor,&conn->gctx,GSS_C_NO_BUFFER);
39903981
conn->gctx=NULL;
39913982
}
3992-
#endif
3993-
#if defined(ENABLE_GSS)&& defined(ENABLE_SSPI)
3994-
if (conn->gsslib)
3995-
free(conn->gsslib);
39963983
#endif
39973984
/* Note that conn->Pfdebug is not ours to close or free */
39983985
if (conn->last_query)

‎src/interfaces/libpq/libpq-int.h

Lines changed: 3 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -359,10 +359,10 @@ struct pg_conn
359359
char*sslrootcert;/* root certificate filename */
360360
char*sslcrl;/* certificate revocation list filename */
361361
char*requirepeer;/* required peer credentials for local sockets */
362-
363-
#if defined(ENABLE_GSS)|| defined(ENABLE_SSPI)
362+
char*gssencmode;/* GSS mode (require,prefer,disable) */
364363
char*krbsrvname;/* Kerberos service name */
365-
#endif
364+
char*gsslib;/* What GSS library to use ("gssapi" or
365+
* "sspi") */
366366

367367
/* Type of connection to make. Possible values: any, read-write. */
368368
char*target_session_attrs;
@@ -481,7 +481,6 @@ struct pg_conn
481481
#endif/* USE_OPENSSL */
482482
#endif/* USE_SSL */
483483

484-
char*gssencmode;/* GSS mode (require,prefer,disable) */
485484
#ifdefENABLE_GSS
486485
gss_ctx_id_tgctx;/* GSS context */
487486
gss_name_tgtarg_nam;/* GSS target name */
@@ -493,10 +492,6 @@ struct pg_conn
493492
#endif
494493

495494
#ifdefENABLE_SSPI
496-
#ifdefENABLE_GSS
497-
char*gsslib;/* What GSS library to use ("gssapi" or
498-
* "sspi") */
499-
#endif
500495
CredHandle*sspicred;/* SSPI credentials handle */
501496
CtxtHandle*sspictx;/* SSPI context */
502497
char*sspitarget;/* SSPI target name */

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp