Index: doc/src/sgml/runtime.sgml
===================================================================
RCS file: /cvsroot/pgsql/doc/src/sgml/runtime.sgml,v
retrieving revision 1.325
diff -c -c -r1.325 runtime.sgml
*** doc/src/sgml/runtime.sgml 13 Jun 2005 02:40:06 -0000 1.325
--- doc/src/sgml/runtime.sgml 14 Jun 2005 17:39:22 -0000
***************
*** 969,992 ****
Sets the Kerberos service name. See
! for details. This parameter can only be set at server start.
!
! krb_caseins_users (boolean)
!
! krb_caseins_users configuration parameter
!
!
! Sets if Kerberos usernames should be treated case-insensitive.
! The default is off (case sensitive). This parameter can only be
! set at server start.
!
!
db_user_namespace (boolean)
--- 969,1012 ----
Sets the Kerberos service name. See
! for details. This parameter can only be set at server start.
!
! krb_caseins_users (boolean)
!
! krb_caseins_users configuration parameter
!
!
! Sets if Kerberos usernames should be treated case-insensitive.
! The default is off (case sensitive). This parameter can only be
! set at server start.
!
!
!
!
! krb_server_hostname (string)
!
! krb_server_hostname configuration parameter
!
!
!
! Sets the hostname part of the service principal.
! This, combined with krb_srvname, is used to generate
! the complete service principal, i.e.
! krb_server_hostname/krb_server_hostname@REALM.
!
!
! If not set, the default is to allow any service principal matching an entry
! in the keytab. See for details.
! This parameter can only be set at server start.
!
!
!
db_user_namespace (boolean)
Index: src/backend/libpq/auth.c
===================================================================
RCS file: /cvsroot/pgsql/src/backend/libpq/auth.c,v
retrieving revision 1.124
diff -c -c -r1.124 auth.c
*** src/backend/libpq/auth.c 4 Jun 2005 20:42:42 -0000 1.124
--- src/backend/libpq/auth.c 14 Jun 2005 17:39:23 -0000
***************
*** 43,48 ****
--- 43,49 ----
char *pg_krb_server_keyfile;
char *pg_krb_srvnam;
bool pg_krb_caseins_users;
+ char *pg_krb_server_hostname = NULL;
#ifdef USE_PAM
#ifdef HAVE_PAM_PAM_APPL_H
***************
*** 221,240 ****
return STATUS_ERROR;
}
! retval = krb5_sname_to_principal(pg_krb5_context, NULL, pg_krb_srvnam,
! KRB5_NT_SRV_HST, &pg_krb5_server);
! if (retval)
{
! ereport(LOG,
! (errmsg("Kerberos sname_to_principal(\"%s\") returned error %d",
! pg_krb_srvnam, retval)));
! com_err("postgres", retval,
! "while getting server principal for service \"%s\"",
! pg_krb_srvnam);
! krb5_kt_close(pg_krb5_context, pg_krb5_keytab);
! krb5_free_context(pg_krb5_context);
! return STATUS_ERROR;
! }
pg_krb5_initialised = 1;
return STATUS_OK;
--- 222,246 ----
return STATUS_ERROR;
}
! if (pg_krb_server_hostname)
{
! retval = krb5_sname_to_principal(pg_krb5_context,
! pg_krb_server_hostname, pg_krb_srvnam,
! KRB5_NT_SRV_HST, &pg_krb5_server);
! if (retval)
! {
! ereport(LOG,
! (errmsg("Kerberos sname_to_principal(\"%s\") returned error %d",
! pg_krb_srvnam, retval)));
! com_err("postgres", retval,
! "while getting server principal for service \"%s\"",
! pg_krb_srvnam);
! krb5_kt_close(pg_krb5_context, pg_krb5_keytab);
! krb5_free_context(pg_krb5_context);
! return STATUS_ERROR;
! }
! } else
! pg_krb5_server = NULL;
pg_krb5_initialised = 1;
return STATUS_OK;
Index: src/backend/utils/misc/guc.c
===================================================================
RCS file: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v
retrieving revision 1.264
diff -c -c -r1.264 guc.c
*** src/backend/utils/misc/guc.c 4 Jun 2005 20:42:42 -0000 1.264
--- src/backend/utils/misc/guc.c 14 Jun 2005 17:39:27 -0000
***************
*** 1594,1599 ****
--- 1594,1608 ----
},
{
+ {"krb_server_hostname", PGC_POSTMASTER, CONN_AUTH_SECURITY,
+ gettext_noop("Sets the hostname of the Kerberos server."),
+ NULL
+ },
+ &pg_krb_server_hostname,
+ NULL, NULL, NULL
+ },
+
+ {
{"bonjour_name", PGC_POSTMASTER, CONN_AUTH_SETTINGS,
gettext_noop("Sets the Bonjour broadcast service name."),
NULL
Index: src/bin/psql/tab-complete.c
===================================================================
RCS file: /cvsroot/pgsql/src/bin/psql/tab-complete.c,v
retrieving revision 1.130
diff -c -c -r1.130 tab-complete.c
*** src/bin/psql/tab-complete.c 25 May 2005 22:12:05 -0000 1.130
--- src/bin/psql/tab-complete.c 14 Jun 2005 17:39:28 -0000
***************
*** 559,565 ****
"geqo_selection_bias",
"geqo_threshold",
"join_collapse_limit",
- "krb_server_keyfile",
"lc_messages",
"lc_monetary",
"lc_numeric",
--- 559,564 ----
Index: src/include/libpq/auth.h
===================================================================
RCS file: /cvsroot/pgsql/src/include/libpq/auth.h,v
retrieving revision 1.27
diff -c -c -r1.27 auth.h
*** src/include/libpq/auth.h 4 Jun 2005 20:42:42 -0000 1.27
--- src/include/libpq/auth.h 14 Jun 2005 17:39:29 -0000
***************
*** 29,33 ****
--- 29,34 ----
extern char *pg_krb_server_keyfile;
extern char *pg_krb_srvnam;
extern bool pg_krb_caseins_users;
+ extern char *pg_krb_server_hostname;
#endif /* AUTH_H */