[PATCHES] Re: [HACKERS] Solaris ident authentication using unix domain sockets
Garick Hamlin wrote: On Thu, Jul 03, 2008 at 02:01:22PM -0400, Tom Lane wrote: Garick Hamlin [EMAIL PROTECTED] writes: I have a patch that I have been using to support postgresql's notion of ident authentication when using unix domain sockets on Solaris. This patch basically just adds support for using getupeercred() on Solaris so unix sockets and ident auth works just like it does on Linux and elsewhere. Cool. + #if defined(HAVE_GETPEERUCRED) + #include ucred.h + #endif But this is not cool. There might be systems out there that have getpeerucred() but not ucred.h, and this coding would cause a compile failure (even if they actually wouldn't be trying to use getpeerucred() because they have some other way to do it). You need an explicit configure probe for the header file too, I think. Ok, I can fix that. Garick, have you made any progress on an updated patch? -- Bruce Momjian [EMAIL PROTECTED]http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. + -- Sent via pgsql-patches mailing list (pgsql-patches@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-patches
[PATCHES] Re: [HACKERS] Solaris ident authentication using unix domain sockets
On Thu, Jul 03, 2008 at 02:01:22PM -0400, Tom Lane wrote: Garick Hamlin [EMAIL PROTECTED] writes: I have a patch that I have been using to support postgresql's notion of ident authentication when using unix domain sockets on Solaris. This patch basically just adds support for using getupeercred() on Solaris so unix sockets and ident auth works just like it does on Linux and elsewhere. Cool. + #if defined(HAVE_GETPEERUCRED) + #include ucred.h + #endif But this is not cool. There might be systems out there that have getpeerucred() but not ucred.h, and this coding would cause a compile failure (even if they actually wouldn't be trying to use getpeerucred() because they have some other way to do it). You need an explicit configure probe for the header file too, I think. Ok, I can fix that. Also, what is the rationale for putting this before the HAVE_STRUCT_CMSGCRED case instead of after? Again, that seems like it could cause unexpected behavioral changes on platforms that work fine now (consider possibility that getpeerucred is there but broken). Good Point, It should be the other way. regards, tom lane Thanks, Garick -- Sent via pgsql-patches mailing list (pgsql-patches@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-patches