I've completed the patch to fix the protocol and authentication issues I
was discussing a couple of weeks ago. The particular changes are:
- the protocol has a version number
- network byte order is used throughout
- the pg_hba.conf file is used to specify what method is used to
authenticate a frontend (either password, ident, trust, reject, krb4
or krb5)
- support for multiplexed backends is removed
- appropriate changes to man pages
- the -a switch to many programs to specify an authentication service
no longer has any effect
- the libpq.so version number has changed to 1.1
The new backend still supports the old protocol so old interfaces won't
break.
Makefile.global.
End result, if all goes well, should allow for much easier porting, since
there will no longer be a concept of a "port". Most, if not everything,
*should* be determined by configure, or by the compiler itself. Still
work to be done though :)
postgres backend processes end up as so called zombies. It seems that
only Linux a.out (libc.4.6.27) systems are affected.
By:
Wolfgang Roth <roth@statistik.uni-mannheim.de>
Subject: [HACKERS] password authentication
This patch adds support for plaintext password authentication. To use
it, you add a line like
host all 0.0.0.0 0.0.0.0 password pg_pwd.conf
to your pg_hba.conf, where 'pg_pwd.conf' is the name of a file containing
the usernames and password hashes in the format of the first two fields
of a Unix /etc/passwd file. (Of course, you can use a specific database
name or IP instead.)
Then, to connect with a password through libpq, you use the PQconnectdb()
function, specifying the "password=" tag in the connect string and also
adding the tag "authtype=password".
I also added a command-line switch '-u' to psql that tells it to prompt
for a username and password and use password authentication.
In particular, no more compiled-in default for PGDATA or LIBDIR. Commands
that need them need either invocation options or environment variables.
PGPORT default is hardcoded as 5432, but overrideable with options or
environment variables.
my postmaster 1.07.
It's really simple, the loop dealing with all sockets
can't handle more than one ready socket :-)
A simple logic error dealing with lists.
OR IS THERE ANY REASON FOR SETTING curr TO 0?
Submitted by: Carsten Heyl <Heyl@nads.de>
directory. The code that looks for the pg_hba file doesn't use it, though,
so the postmaster uses the wrong pg_hba file. Also, when the postmaster
looks in one directory and the user thinks it is looking in another
directory, the error messages don't give enough information to solve the
problem. I extended the error message for this.
Submitted by: Bryan Henderson <bryanh@giraffe.netgate.net>
I've enclosed two patches. The first affects Solaris compilability. The
bug stems from netdb.h (where MAXHOSTNAMELEN is defined on a stock
system). If the user has installed the header files from BIND 4.9.x,
there will be no definition of MAXHOSTNAMELEN. The patch will, if all
else fails, try to include <arpa/nameser.h> and set MAXHOSTNAMELEN to
MAXDNAME, which is 256 (just like MAXHOSTNAMELEN on a stock system).
The second patch adds aliases for "ISNULL" to "IS NULL" and likewise for
"NOTNULL" to "IS NOT NULL". I have not removed the postgres specific
ISNULL and NOTNULL. I noticed this on the TODO list, and figured it would
be easy to remove.
The full semantics are:
[ expression IS NULL ]
[ expression IS NOT NULL ]
--Jason
Submitted by: Jason Wright <jason@oozoo.vnet.net>