Обсуждение: pgsql: > I've now tested this patch at home w/ 8.2HEAD and it seems to
pgsql: > I've now tested this patch at home w/ 8.2HEAD and it seems to
От
momjian@postgresql.org (Bruce Momjian)
Дата:
Log Message: ----------- > I've now tested this patch at home w/ 8.2HEAD and it seems to fix the > bug. I plan on testing it under 8.1.2 at work tommorow with > mod_auth_krb5, etc, and expect it'll work there. Assuming all goes > well and unless someone objects I'll forward the patch to -patches. > It'd be great to have this fixed as it'll allow us to use Kerberos to > authenticate to phppgadmin and other web-based tools which use > Postgres. While playing with this patch under 8.1.2 at home I discovered a mistake in how I manually applied one of the hunks to fe-auth.c. Basically, the base code had changed and so the patch needed to be modified slightly. This is because the code no longer either has a freeable pointer under 'name' or has 'name' as NULL. The attached patch correctly frees the string from pg_krb5_authname (where it had been strdup'd) if and only if pg_krb5_authname returned a string (as opposed to falling through and having name be set using name = pw->name;). Also added a comment to this effect. Please review. Stephen Frost (sfrost@snowman.net) wrote: Modified Files: -------------- pgsql/src/interfaces/libpq: fe-auth.c (r1.110 -> r1.111) (http://developer.postgresql.org/cvsweb.cgi/pgsql/src/interfaces/libpq/fe-auth.c.diff?r1=1.110&r2=1.111)
Patch backed out, needs review, is in queue now. --------------------------------------------------------------------------- Bruce Momjian wrote: > Log Message: > ----------- > > I've now tested this patch at home w/ 8.2HEAD and it seems to fix the > > bug. I plan on testing it under 8.1.2 at work tommorow with > > mod_auth_krb5, etc, and expect it'll work there. Assuming all goes > > well and unless someone objects I'll forward the patch to -patches. > > It'd be great to have this fixed as it'll allow us to use Kerberos to > > authenticate to phppgadmin and other web-based tools which use > > Postgres. > > While playing with this patch under 8.1.2 at home I discovered a > mistake in how I manually applied one of the hunks to fe-auth.c. > Basically, the base code had changed and so the patch needed to be > modified slightly. This is because the code no longer either has a > freeable pointer under 'name' or has 'name' as NULL. > > The attached patch correctly frees the string from pg_krb5_authname > (where it had been strdup'd) if and only if pg_krb5_authname returned > a string (as opposed to falling through and having name be set using > name = pw->name;). Also added a comment to this effect. > Please review. > > Stephen Frost (sfrost@snowman.net) wrote: > > Modified Files: > -------------- > pgsql/src/interfaces/libpq: > fe-auth.c (r1.110 -> r1.111) > (http://developer.postgresql.org/cvsweb.cgi/pgsql/src/interfaces/libpq/fe-auth.c.diff?r1=1.110&r2=1.111) > > ---------------------------(end of broadcast)--------------------------- > TIP 4: Have you searched our list archives? > > http://archives.postgresql.org > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073