Heimdal support (Kerberos V implementation from KTH)

2025-07-27 12:41:57 +03:00 · 2002-02-23 04:17:47 +00:00
parent 0055a39390
commit 42c3381fc7
7 changed files with 606 additions and 375 deletions
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.73 2002/02/19 19:49:09 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.74 2002/02/23 04:17:46 petere Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -229,7 +229,7 @@ pg_krb5_init(void)
 				 " Kerberos error %d\n", retval);
 		com_err("postgres", retval,
 				"while getting server principal for service %s",
-				pg_krb_server_keyfile);
+				PG_KRB_SRVNAM);
 		krb5_kt_close(pg_krb5_context, pg_krb5_keytab);
 		krb5_free_context(pg_krb5_context);
 		return STATUS_ERROR;
@ -283,8 +283,15 @@ pg_krb5_recvauth(Port *port)
 	 *
 	 * I have no idea why this is considered necessary.
 	 */
+#if defined(HAVE_KRB5_TICKET_ENC_PART2)
 	retval = krb5_unparse_name(pg_krb5_context,
 							   ticket->enc_part2->client, &kusername);
+#elif defined(HAVE_KRB5_TICKET_CLIENT)
+	retval = krb5_unparse_name(pg_krb5_context,
+							   ticket->client, &kusername);
+#else
+#error "bogus configuration"
+#endif
 	if (retval)
 	{
 		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
--- a/src/include/pg_config.h.in
+++ b/src/include/pg_config.h.in
@ -8,7 +8,7 @@
 * or in pg_config.h afterwards.  Of course, if you edit pg_config.h, then your
 * changes will be overwritten the next time you run configure.
 *
- * $Id: pg_config.h.in,v 1.16 2002/01/22 19:02:40 tgl Exp $
+ * $Id: pg_config.h.in,v 1.17 2002/02/23 04:17:46 petere Exp $
 */

 #ifndef PG_CONFIG_H
@ -622,6 +622,18 @@ extern int fdatasync(int fildes);
 /* Set to 1 if you have struct sockaddr_un */
 #undef HAVE_STRUCT_SOCKADDR_UN

+/* Set to 1 if you have krb5_ticket.enc_part2 */
+#undef HAVE_KRB5_TICKET_ENC_PART2
+
+/* Set to 1 if you have krb5_ticket.client */
+#undef HAVE_KRB5_TICKET_CLIENT
+
+/* Set to 1 if you have krb5_error.text.data */
+#undef HAVE_KRB5_ERROR_TEXT_DATA
+
+/* Set to 1 if you have krb5_ticket.e_data */
+#undef HAVE_KRB5_ERROR_E_DATA
+
 /* Set to 1 if type "long int" works and is 64 bits */
 #undef HAVE_LONG_INT_64

--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@ -10,7 +10,7 @@
 * exceed INITIAL_EXPBUFFER_SIZE (currently 256 bytes).
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.63 2001/11/05 17:46:37 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.64 2002/02/23 04:17:47 petere Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -403,9 +403,18 @@ pg_krb5_sendauth(char *PQerrormsg, int sock,
 	{
 		if (retval == KRB5_SENDAUTH_REJECTED && err_ret)
 		{
+#if defined(HAVE_KRB5_ERROR_TEXT_DATA)
 			snprintf(PQerrormsg, PQERRORMSG_LENGTH,
 			  libpq_gettext("Kerberos 5 authentication rejected: %*s\n"),
 					 err_ret->text.length, err_ret->text.data);
+#elif defined(HAVE_KRB5_ERROR_E_DATA)
+			snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+			  libpq_gettext("Kerberos 5 authentication rejected: %*s\n"),
+					 err_ret->e_data->length,
+					 (const char *)err_ret->e_data->data);
+#else
+#error "bogus configuration"
+#endif
 		}
 		else
 		{
@ -683,7 +692,7 @@ fe_getauthsvc(char *PQerrormsg)
 char *
 fe_getauthname(char *PQerrormsg)
 {
-	char	   *name = (char *) NULL;
+	const char *name = (char *) NULL;
 	char	   *authn = (char *) NULL;
 	MsgType		authsvc;