mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-10-03 01:56:54 +02:00
2c0cdc8183
Fix assorted bugs in handling of non-blocking I/O when using GSSAPI encryption. The encryption layer could return the wrong status information to its caller, resulting in effectively dropping some data (or possibly in aborting a not-broken connection), or in a "livelock" situation where data remains to be sent but the upper layers think transmission is done and just go to sleep. There were multiple small thinkos contributing to that, as well as one big one (failure to think through what to do when a send fails after having already transmitted data). Note that these errors could cause failures whether the client application asked for non-blocking I/O or not, since both libpq and the backend always run things in non-block mode at this level. Also get rid of use of static variables for GSSAPI inside libpq; that's entirely not okay given that multiple connections could be open at once inside a single client process. Also adjust a bunch of random small discrepancies between the frontend and backend versions of the send/receive functions -- except for error handling, they should be identical, and now they are. Also extend the Kerberos TAP tests to exercise cases where nontrivial amounts of data need to be pushed through encryption. Before, those tests didn't provide any useful coverage at all for the cases of interest here. (They still might not, depending on timing, but at least there's a chance.) Per complaint from pmc@citylink and subsequent investigation. Back-patch to v12 where this code was introduced. Discussion: https://postgr.es/m/20200109181822.GA74698@gate.oper.dinoex.org |
||
---|---|---|
.. | ||
t | ||
.gitignore | ||
Makefile | ||
README |
src/test/kerberos/README Tests for Kerberos/GSSAPI functionality ======================================= This directory contains a test suite for Kerberos/GSSAPI functionality. This requires a full MIT Kerberos installation, including server and client tools, and is therefore kept separate and not run by default. Also, this test suite creates a KDC server that listens for TCP/IP connections on localhost without any real access control, so it is not safe to run this on a system where there might be untrusted local users. Running the tests ================= NOTE: You must have given the --enable-tap-tests argument to configure. Run make check or make installcheck You can use "make installcheck" if you previously did "make install". In that case, the code in the installation tree is tested. With "make check", a temporary installation tree is built from the current sources and then tested. Either way, this test initializes, starts, and stops a test Postgres cluster, as well as a test KDC server. Requirements ============ MIT Kerberos server and client tools are required. Heimdal is not supported. Debian/Ubuntu packages: krb5-admin-server krb5-kdc krb5-user RHEL/CentOS/Fedora packages: krb5-server krb5-workstation FreeBSD port: krb5 (base system has Heimdal)