On Wed, Feb 08, 2006 at 06:36:10PM +0200, Devrim GUNDUZ wrote: > On Wed, 2006-02-08 at 11:28 -0500, Stephen Frost wrote: > > > I'd really like to see the multiple DB connections with different > > Kerberos credentials go in to 8.1.3. It solved the problem we were > > having authenticating to PostgreSQL using Kerberos from Apache. We were > > also able to get phppgadmin to use Kerberos authentication with this > > patch (which is very nice). That patch also went into the 8.1.2-2 > > release of the Debian packages > > [OT] > So Debian has a patch that is not in 8.1.2? I can't believe that they > are doing that -- personally I'm against to add any patch into binaries > that is not in the core. > [/OT]
Debian had the patch to enable ident over unix domain sockets well
before core did. So long that I didn't even realise it was a patch
until I compiled my own version. The patch had been submitted upstream
but fell between the cracks. As a Debian user it something I like.
The changelog entry says:
* Add debian/patches/12-krb5-multiusers.patch:
- Fix krb5 credential handling in libpq for multiple connections with
different users: Don't keep credentials in global variables, but pass
them around in a new krb5_info struct.
- Patch from Stephen Frost, proposed to be adopted upstream.
I consider it a form of preventative bug fixing. Somebody on Debian is
bound to complain about it sooner or later, so may as well fix it now.
There is a group who likes having kerberos working properly...
I imagine if a similar bug affected SSL connections, people would be
jumping up and down to have it fixed.
Have a nice day,
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
> tool for doing 5% of the work and then sitting around waiting for someone
> else to do the other 95% so you can sue them.
signature.asc
Description: Digital signature
