| From: | Robbie Harwood <rharwood(at)redhat(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | [PATCH v7] GSSAPI encryption support |
| Date: | 2016-03-14 23:11:42 |
| Message-ID: | jlgbn6gpscx.fsf@thriss.redhat.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hello friends,
New week, new version. GitHub link:
https://github.com/frozencemetery/postgres/tree/feature/gssencrypt7
Changes in this version:
- Removed extra whitespace in auth code movement.
- Fixed connection desync issue. A diff of this and v6 will reveal
three issues:
- First, that pg_GSS_read() didn't properly handle having a full
buffer when called because pqsecure_raw_read() doesn't handle reads of
size 0. I've elected to change my own code here only, but it may be
desirable to change pqsecure_raw_read() as well depending on whether
other people are likely to hit that.
- Second, that I was shunting data into the wrong buffer (don't know
how this was overlooked; it has "write" right there in the name).
- Third, that I'm now immediately decrypting that data into
conn->inBuffer rather than deferring that step until later. This
removes the hang because now the connection will not erroneously get
stuck polling while data is buffered.
Thanks!
| Attachment | Content-Type | Size |
|---|---|---|
| v7-0001-Move-common-GSSAPI-code-into-its-own-files.patch | text/x-diff | 13.4 KB |
| v7-0002-Connection-encryption-support-for-GSSAPI.patch | text/x-diff | 37.1 KB |
| v7-0003-GSSAPI-authentication-cleanup.patch | text/x-diff | 4.8 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Geoghegan | 2016-03-14 23:11:48 | Re: Fix for OpenSSL error queue bug |
| Previous Message | Alvaro Herrera | 2016-03-14 23:10:58 | Re: Timeline following for logical slots |