mirrors/postgres
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improve GSSAPI Encryption startup comment in libpq

Browse Source 
The original comment was a bit confusing, pointed out by Alvaro Herrera.

Thread: https://postgr.es/m/20191224151520.GA16435%40alvherre.pgsql
This commit is contained in:
Stephen Frost 2020-01-08 10:57:09 -05:00
parent 4ac8aaa36f
commit 8dd1511e39
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/interfaces/libpq/fe-connect.c
View File

@ -2800,10 +2800,12 @@ keep_going: /* We will come back to here until there is
#ifdef ENABLE_GSS #ifdef ENABLE_GSS
/* /*
* If GSSAPI is enabled and we have a credential cache, try to * If GSSAPI encryption is enabled, then call
* set it up before sending startup messages. If it's already * pg_GSS_have_cred_cache() which will return true if we can
* operating, don't try SSL and instead just build the startup * acquire credentials (and give us a handle to use in
* packet. * conn->gcred), and then send a packet to the server asking
* for GSSAPI Encryption (and skip past SSL negotiation and
* regular startup below).
*/ */
if (conn->try_gss && !conn->gctx) if (conn->try_gss && !conn->gctx)
conn->try_gss = pg_GSS_have_cred_cache(&conn->gcred); conn->try_gss = pg_GSS_have_cred_cache(&conn->gcred);