Re: [PATCHES] GSS warnings

Wed, 05 Sep 2007 10:07:36 -0700 


On Wed, 5 Sep 2007, Tom Lane wrote:


Kris Jurka <[EMAIL PROTECTED]> writes:

Parts of the GSS API want the object while others want pointers to the
object and it looks like this code got it backwards.  I haven't tested
these changes, but they look right to me.


Wouldn't the code fail entirely if it was wrong in that way?




Only if it was ever run.  My suspicion is that Port->gss->ctx/cred are 
never set to anything other than GSS_C_NO_CONTEXT and GSS_C_NO_CREDENTIAL. 
This patch also clarifies the checking we're doing on cleanup to be 
more clear about whether these are pointers or not.


Kris Jurka
? src/backend/libpq/.deps
? src/backend/libpq/.pqcomm.c.swp
Index: src/backend/libpq/auth.c
===================================================================
RCS file: /projects/cvsroot/pgsql/src/backend/libpq/auth.c,v
retrieving revision 1.155
diff -c -r1.155 auth.c
*** src/backend/libpq/auth.c    24 Jul 2007 09:00:27 -0000      1.155
--- src/backend/libpq/auth.c    5 Sep 2007 16:57:59 -0000
***************
*** 493,499 ****
                /*
                 * Release service principal credentials
                 */
!               gss_release_cred(&min_stat, port->gss->cred);
        }
  
        /*
--- 493,499 ----
                /*
                 * Release service principal credentials
                 */
!               gss_release_cred(&min_stat, &port->gss->cred);
        }
  
        /*
Index: src/backend/libpq/pqcomm.c
===================================================================
RCS file: /projects/cvsroot/pgsql/src/backend/libpq/pqcomm.c,v
retrieving revision 1.195
diff -c -r1.195 pqcomm.c
*** src/backend/libpq/pqcomm.c  24 Jul 2007 11:16:36 -0000      1.195
--- src/backend/libpq/pqcomm.c  5 Sep 2007 16:57:59 -0000
***************
*** 178,188 ****
                OM_uint32       min_s;
  
                /* Shutdown GSSAPI layer */
!               if (MyProcPort->gss->ctx)
!                       gss_delete_sec_context(&min_s, MyProcPort->gss->ctx, 
NULL);
  
!               if (MyProcPort->gss->cred)
!                       gss_release_cred(&min_s, MyProcPort->gss->cred);
  #endif /* ENABLE_GSS */
                /* GSS and SSPI share the port->gss struct */
  
--- 178,188 ----
                OM_uint32       min_s;
  
                /* Shutdown GSSAPI layer */
!               if (MyProcPort->gss->ctx != GSS_C_NO_CONTEXT)
!                       gss_delete_sec_context(&min_s, &MyProcPort->gss->ctx, 
NULL);
  
!               if (MyProcPort->gss->cred != GSS_C_NO_CREDENTIAL)
!                       gss_release_cred(&min_s, &MyProcPort->gss->cred);
  #endif /* ENABLE_GSS */
                /* GSS and SSPI share the port->gss struct */
  

---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
       subscribe-nomail command to [EMAIL PROTECTED] so that your
       message can get through to the mailing list cleanly






















					Reply via email to