seems that my last post didn't make it through. That's good
since the diff itself didn't covered the renaming of
pg_user.h to pg_shadow.h and it's new content.
Here it's again. The complete regression test passwd with
only some float diffs. createuser and destroyuser work.
pg_shadow cannot be read by ordinary user.
What it does:
It solves stupid problem with cyrillic charsets IP-based on-fly recoding.
take a look at /data/charset.conf for details.
You can use any tables for any charset.
Tables are from Russian Apache project.
Tables in this patch contains also Ukrainian characters.
Then run ./configure --enable-recode
I haven't had final confirmation from Peter yet, but the attached patch
needs to be applied for the Beta otherwise password and crypt
authentication just won't work.
It puts back the loop in libpq and also fixes a couple of problems with
maintaining compatability with pre-6.3 drivers.
Attached is the patch to fix the warning messages from my code. I also
fixed one which wasn't my code. Apart from the usual warnings about the
bison/yacc generated code I only have one other warning message. This
is in gramm.y around line 2234. I wasn't sure of the fix.
I've also replaced all the calls to free() in gramm.y to calls to
pfree(). Without these I was getting backend crashes with GRANT. This
might already have been fixed.
I've completed the patch to fix the protocol and authentication issues I
was discussing a couple of weeks ago. The particular changes are:
- the protocol has a version number
- network byte order is used throughout
- the pg_hba.conf file is used to specify what method is used to
authenticate a frontend (either password, ident, trust, reject, krb4
or krb5)
- support for multiplexed backends is removed
- appropriate changes to man pages
- the -a switch to many programs to specify an authentication service
no longer has any effect
- the libpq.so version number has changed to 1.1
The new backend still supports the old protocol so old interfaces won't
break.
o A new patch that contains the following changes:
-- The pg_pwd file is now cached in the postmaster's memory.
-- pg_pwd is reloaded when the postmaster detects a flag file creat()'ed
by a backend.
-- qsort() is used to sort loaded password entries, and bsearch() is
is used to find entries in the pg_pwd cache.
-- backends now copy the pg_user relation to pg_pwd.pid, and then
rename the temp file to be pg_pwd.
-- The delimiter for pg_pwd has been changed to a tab character.
tree "non-PORTNAME" dependent. Technically, anything that is PORTNAME
dependent should be able to be derived at compile time, through configure
or through gcc
Subject: [PORTS] Patches for Irix 6.4
I have worked out how to compile PostgreSQL on Irix 6.4 using the -n32 compiler
mode and version 7.1 of the C compiler. (The n32 compiler use 32 bits
addressing,
but allows access to all the instructions in the MIPS4 instruction set.)
There were several problems:
1) The ld command is not referenced as a macro in all the Makefiles. On
this platform, you have to include -n32 on all the ld commands. Makefiles
were changed as needed.
3) Lots of warnings are generated from the compiler. Since the regression
tests worked OK, I didn't attempt to fix them. If anyone wants the compilation
log, please let me know, and I'll email it to you.
The version of postgresql was 970602. Here is Makefile.custom:
CUSTOM_COPT = -O2 -n32
MK_NO_LORDER = 1
LD = ld -n32
CC += -n32
Subject: [PATCHES] pqcomprim.c patch
This is the patch by Robert Bruccoleri to fix the endian problem.
(Actually, it's the reverse of his patch. He must have gotten the
order wrong.)
Subject: [PATCHES] 970417: some large object patches
Two patches here, made against 970417. Both have to do with large
objects:
1. lobjfuncs was not initialized in PQconnectdb. This causes
failure later if large objects are used. (Someone already
caught this error in PQsetdb.)
2. Postgres functions lo_import and lo_export sometimes
produce garbage for the file names because the filename
strings aren't always terminated by \0. (VARDATA isn't
necessarily null terminated.)
Subject: [PATCHES] 970417: two more patches for large objects
Here are two more patches:
1. pg_getint doesn't properly set the status flag when
calling pqGetShort or pqGetLong. This is required when
accessing large objects via libpq. This, combined with
problem 1 above causes postgres to crash when postgres
tries to print out the message that the status was not
good.
2. ExceptionalCondition crashes when called with detail =
NULL. This patch prevents dereferencing the NULL.
invalid macro definitions, the compiler complains about:
"pqcomprim.c", line 48.9: 1506-275 (S) Unexpected text ';' ignored.
"pqcomprim.c", line 61.9: 1506-275 (S) Unexpected text ';' ignored.
The ';' terminating the macro definition ntoh_s(n) on line 27 and
ntoh_l(n) on line 28 should be removed.
Pointed out by: Olaf Mittelstaedt <MSTAEDT@va-sigi.va.fh-ulm.de>
FreeBSD
The Makefile(s) have all been cleaned up such that there is a single
LDFLAGS vs LD_ADD or LDADD or LDFLAGS or LDFLAGS_BE. The Makefile(s)
should be alot more straightforward then they were before...and
consistent
of endian.h. I figure that if it exists it's pretty sure that it has
the byte order information and we may catch some other ports without
any further testing.
From: "D'Arcy J.M. Cain" <darcy@druid.net>
Subject: [HACKERS] libpq/pqcomm stuff and Solaris byte order
I decided to go ahead with the required changes since no one else seems
to. I don't guarantee that it is perfect but with these changes the
package actually compiles. While I was at it I added to the Sparc
Solaris header to define the byte order. Note that NetBSD sets this
in the system headers so it wasn't required there.
In particular, someone may want to check whether I removed the correct
84 lines from backend/libpq/pqcomprim.c.
Subject: [HACKERS] auth.c for kerberos.
I made pgsql with eBones(international version of Kerberos4). The
following modification was needed. And I added read permition for
group to srvtab instead of running postmaster as root.
of common routines in pqcomprim.c (pq communication primitives).
Not all adapted to it yet, but it's a start.
- Rewritten some of those routines, to write/read bigger chunks of
data, precomputing stuff in buffers instead of sending out byte
by byte.
- As a consequence, I need to know the endianness of the machine.
Currently I rely on getting it from machine/endian.h, but this
may not be available everywhere? (Who the hell thought it was
a good idea to pass integers to the backend the other way around
than the normal network byte order? *argl*)
- Libpq looks in the environment for magic variables, and upon
establishing a connection to the backend, sends it queries
of the form "SET var_name TO 'var_value'". This needs a change
in the backend parser (Mr. Parser, are you there? :)
- Currently it looks for two Env-Vars, namely PG_DATEFORMAT
and PG_FLOATFORMAT. What else makes sense? PG_TIMEFORMAT?
PG_TIMEZONE?
From: "Martin J. Laubach" <mjl@wwx.vip.at>
Subject: [HACKERS] password authentication
This patch adds support for plaintext password authentication. To use
it, you add a line like
host all 0.0.0.0 0.0.0.0 password pg_pwd.conf
to your pg_hba.conf, where 'pg_pwd.conf' is the name of a file containing
the usernames and password hashes in the format of the first two fields
of a Unix /etc/passwd file. (Of course, you can use a specific database
name or IP instead.)
Then, to connect with a password through libpq, you use the PQconnectdb()
function, specifying the "password=" tag in the connect string and also
adding the tag "authtype=password".
I also added a command-line switch '-u' to psql that tells it to prompt
for a username and password and use password authentication.
The following patch to src/backend/libpq/pqpacket.c provides additional
checking for bad packet length data. It was tested with the Linux telnet
client, with netcat using the numbers.txt and by dumping random numbers
into the port.
Patch by: Alvaro Martinez Echevarria <alvaro@lander.es>
another one in Solaris' port-protos.h.
The following patch will bring inet_aton's prototype into scope for
Ultrix to silence a compilation warning.
If the intention is to have inet_aton's prototype in its own header
filer, the declaration in Solaris' port-protos.h should be removed.
If the declaration in port-protos.h is deemed to be the correct
place, a declaration should be added in Ultrix' port-protos.h
regards
Erik Bertelsen
At least the first two should be fixed before the final release of 6.0.
1) There is a mismatch between the type declared in the catalog for
the input/output attributes of pg_type and the actual type of
values stored in the table. The type of typinput, typoutput,
typsend and typreceive are declared oid (26) while the values are
regproc (24). The error was there also in previous versions but
nobody noticed it until an Assert has been added in ExecEvalVar.
The effect is that it is now impossible to replace the typoutput
of existing data types with new procs.
2) The identd hba fails after the first time because the data read
from the identd socket is not zero-terminated and strlen reports
an incorrect length if the stack contains garbage, which usually
happens after the first connection has been made.
3) The new initdb wants to create itself the data directory. This
implies that the parent directory must be writable by postgres and
this may not always be desirable. A better solution would be to
allow the directory to be created by root and then filled by initdb.
It would also nice to have some reasonable default for PGLIB and
PGDATA like the previous version did. This applies also to the
postmaster executable.
In particular, no more compiled-in default for PGDATA or LIBDIR. Commands
that need them need either invocation options or environment variables.
PGPORT default is hardcoded as 5432, but overrideable with options or
environment variables.
way one creates a database system. Parts that were in "make install"
are not either in "make all" or initdb. Nothing goes in the PGDATA
directory besides user data. Creating multiple database systems is
easier.
In addition to applying the patch, it is necessary to move the file
libpq/pg_hba to backend/libpq/pg_hba.sample.
Submitted by: Bryan Henderson <bryanh@giraffe.netgate.net>
directory. The code that looks for the pg_hba file doesn't use it, though,
so the postmaster uses the wrong pg_hba file. Also, when the postmaster
looks in one directory and the user thinks it is looking in another
directory, the error messages don't give enough information to solve the
problem. I extended the error message for this.
Submitted by: Bryan Henderson <bryanh@giraffe.netgate.net>