| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, Joe Conway <mail(at)joeconway(dot)com>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, David Steele <david(at)pgmasters(dot)net>, Michael Paquier <michael(at)paquier(dot)xyz>, Nico Williams <nico(at)cryptonector(dot)com>, Robbie Harwood <rharwood(at)redhat(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCH v20] GSSAPI encryption support |
| Date: | 2019-04-05 07:50:20 |
| Message-ID: | 7d0584ab-26a8-6731-aeee-9c8e195533e6@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2019-04-05 04:59, Stephen Frost wrote:
> Alright, that over-size error was a bug in the error-handling code,
> which I've just pushed a fix for. That said...
Yes, that looks better now.
> This looks like it's a real issue and it's unclear what's going on here.
> I wonder- are you certain that you're using all the same Kerberos
> libraries for the KDC, the server, and psql?
Right, it was built against the OS-provided Kerberos installation
(/usr/bin etc.). If I build against the Homebrew-provided one then the
tests pass.
So maybe that means that this encryption feature is not supported on
that (presumably older) installation? (krb5-config --version says
"Kerberos 5 release 1.7-prerelease") Is that plausible? Is a gentler
failure mode possible?
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2019-04-05 07:56:32 | Re: pg_rewind vs superuser |
| Previous Message | Michael Banck | 2019-04-05 07:41:58 | Re: pg_rewind vs superuser |