GSSAPI patch
I have applied the latest version of the GSSAPI patch with only minor
further fixes.
I'm still working on the documentation part and will make a separate commit
with that as soon as I can.
I'd appreciate it if people can run tests with this on some other platforms
(I've only tested on Ubuntu linux and Win32). Specifically, I'm certain
that the autoconf stuff will need to be expanded a bit in order to work for
them all.
/Magnus
Magnus Hagander <magnus@hagander.net> writes:
I'd appreciate it if people can run tests with this on some other platforms
(I've only tested on Ubuntu linux and Win32). Specifically, I'm certain
that the autoconf stuff will need to be expanded a bit in order to work for
them all.
What sort of tests have you got in mind?
regards, tom lane
On Tue, Jul 10, 2007 at 10:43:22AM -0400, Tom Lane wrote:
Magnus Hagander <magnus@hagander.net> writes:
I'd appreciate it if people can run tests with this on some other platforms
(I've only tested on Ubuntu linux and Win32). Specifically, I'm certain
that the autoconf stuff will need to be expanded a bit in order to work for
them all.What sort of tests have you got in mind?
The one I'm most looking for is simply being able to build with GSSAPI
enabled. I don't foresee any problems between implementations (there could
be of course, but the standard defines the protocol), but I'm sure headers
and libraries could be in different places and have different names.
Actually testing the authentication itself is of course a bonus :-)
I've only tested it against Active Directory, but IIRC Henry has used a
Unix based Kerberos server. But more testing is always good.
//Magnus
Magnus Hagander wrote:
On Tue, Jul 10, 2007 at 10:43:22AM -0400, Tom Lane wrote:
Magnus Hagander <magnus@hagander.net> writes:
I'd appreciate it if people can run tests with this on some other platforms
(I've only tested on Ubuntu linux and Win32). Specifically, I'm certain
that the autoconf stuff will need to be expanded a bit in order to work for
them all.What sort of tests have you got in mind?
The one I'm most looking for is simply being able to build with GSSAPI
enabled. I don't foresee any problems between implementations (there could
be of course, but the standard defines the protocol), but I'm sure headers
and libraries could be in different places and have different names.
this sounds more like a headsup to the buildfarm owners to add that flag
to their configuration ?
Stefan
Stefan Kaltenbrunner wrote:
Magnus Hagander wrote:
On Tue, Jul 10, 2007 at 10:43:22AM -0400, Tom Lane wrote:
Magnus Hagander <magnus@hagander.net> writes:
I'd appreciate it if people can run tests with this on some other platforms
(I've only tested on Ubuntu linux and Win32). Specifically, I'm certain
that the autoconf stuff will need to be expanded a bit in order to work for
them all.What sort of tests have you got in mind?
The one I'm most looking for is simply being able to build with GSSAPI
enabled. I don't foresee any problems between implementations (there could
be of course, but the standard defines the protocol), but I'm sure headers
and libraries could be in different places and have different names.this sounds more like a headsup to the buildfarm owners to add that flag
to their configuration ?
Yes, but I'd like to see it tested on a couple of more platforms before
that :-) But hey, please go ahead...
//Magnus
On Jul 10, 2007, at 7:49 AM, Magnus Hagander wrote:
On Tue, Jul 10, 2007 at 10:43:22AM -0400, Tom Lane wrote:
Magnus Hagander <magnus@hagander.net> writes:
I'd appreciate it if people can run tests with this on some other
platforms
(I've only tested on Ubuntu linux and Win32). Specifically, I'm
certain
that the autoconf stuff will need to be expanded a bit in order
to work for
them all.What sort of tests have you got in mind?
The one I'm most looking for is simply being able to build with GSSAPI
enabled. I don't foresee any problems between implementations
(there could
be of course, but the standard defines the protocol), but I'm sure
headers
and libraries could be in different places and have different names.Actually testing the authentication itself is of course a bonus :-)
I've only tested it against Active Directory, but IIRC Henry has
used a
Unix based Kerberos server. But more testing is always good.//Magnus
Yes, I was using a Heimdal Kerberos server and Solaris 9 or MIT
GSSAPI client libraries. ("Client" means Kerberos client so it's
both client and server for Postgres.)
I just DL'ed the "2007-07-10 08:16:17" snapshot and I don't see any
reference to "gss" or "GSS" in configure.in. Should I wait for
tomorrow's snapshot tarball?
------------------------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu
"Henry B. Hotz" <hbhotz@oxy.edu> writes:
I just DL'ed the "2007-07-10 08:16:17" snapshot and I don't see any
reference to "gss" or "GSS" in configure.in. Should I wait for
tomorrow's snapshot tarball?
Either that or pull from the CVS server, cf
http://developer.postgresql.org/pgdocs/postgres/cvs.html
The snapshots are only made once a day, but the anoncvs server updates
every hour.
regards, tom lane