[pgpool-committers: 7176] pgpool: Deal with GSSAPI encrypted connection request from frontend.

Tatsuo Ishii ishii at sraoss.co.jp
Sat Oct 3 09:29:09 JST 2020

Deal with GSSAPI encrypted connection request from frontend.

If GSSAPI connection request comes from frontend, Pgpool-II responded
in inappropriate way.  For example,

psql: error: could not connect to server: server closed the connection unexpectedly
This probably means the server terminated abnormally
before or while processing the request.

or even:
FATAL:  client authentication failed
DETAIL:  no pool_hba.conf entry for host "x.x.x.x", user "", database "", SSL off

With this commit Pgpool-II responds better. i.e. replies back to
frontend with "we don't support GSSAPI" and expects that the frontend
falls back to SSL connection (if frontend's param: gssencmode=prefer
(default) and SSL is configure when Pgpool-II was built) or fals back
to non-SSL connection.

Patch by me, reviewed and tested by Umar Hayat.



Modified Files
src/protocol/child.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)

More information about the pgpool-committers mailing list