SSPI client authentication in non-Windows builds

Hello all,

this patch adds support for connecting to servers running on Windows
and requesting SSPI authentication. It does this by treating
AUTH_REQ_SSPI the same as AUTH_REQ_GSS if no native SSPI support is
available.

In addition to being generally useful, this is a workaround to a
problem with MIT KfW that I encountered back in September 2010 [1].

This change has been tested and works correctly on FreeBSD 8.1, using
the Kerberos and GSSAPI libraries from Heimdal 1.4. The server is
running PostgreSQL 9.0.2 on Windows 2008.

I originally fixed only the JDBC driver in this way [2], but then I
thought that I might try applying the same logic to libpq as well.

The preprocessor logic in that part of fe_sendauth() is quite
impenetrable; I hope I have not broken everything else.

[1] <http://archives.postgresql.org/message-id/i6cpc2%24m3h%241%40dough.gmane.org>
[2] <http://archives.postgresql.org/message-id/i6org1%24mup%241%40dough.gmane.org>

*** src/interfaces/libpq/fe-auth.c.orig Mon Jan 3 13:33:32 2011
--- src/interfaces/libpq/fe-auth.c Mon Jan 3 13:34:41 2011
***************
*** 831,836 ****
--- 831,839 ----

#if defined(ENABLE_GSS) || defined(ENABLE_SSPI)
case AUTH_REQ_GSS:
+ #if defined(ENABLE_GSS) && !defined(ENABLE_SSPI)
+ case AUTH_REQ_SSPI:
+ #endif
{
int r;

***************
*** 891,896 ****
--- 894,902 ----
#else
case AUTH_REQ_GSS:
case AUTH_REQ_GSS_CONT:
+ #ifndef ENABLE_SSPI
+ case AUTH_REQ_SSPI:
+ #endif
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("GSSAPI authentication not supported\n"));
return STATUS_ERROR;
***************
*** 913,923 ****
}
pgunlock_thread();
break;
- #else
- case AUTH_REQ_SSPI:
- printfPQExpBuffer(&conn->errorMessage,
- libpq_gettext("SSPI authentication not supported\n"));
- return STATUS_ERROR;
#endif


--- 919,924 ----