diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/interfaces/libpq/fe-connect.c | 37 |
1 files changed, 9 insertions, 28 deletions
diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index 27c9bb46eea..7bee9dd2014 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -477,6 +477,11 @@ pqDropConnection(PGconn *conn, bool flushInput) { OM_uint32 min_s; + if (conn->gcred != GSS_C_NO_CREDENTIAL) + { + gss_release_cred(&min_s, &conn->gcred); + conn->gcred = GSS_C_NO_CREDENTIAL; + } if (conn->gctx) gss_delete_sec_context(&min_s, &conn->gctx, GSS_C_NO_BUFFER); if (conn->gtarg_nam) @@ -496,6 +501,7 @@ pqDropConnection(PGconn *conn, bool flushInput) free(conn->gss_ResultBuffer); conn->gss_ResultBuffer = NULL; } + conn->gssenc = false; } #endif #ifdef ENABLE_SSPI @@ -2027,11 +2033,6 @@ connectDBStart(PGconn *conn) */ resetPQExpBuffer(&conn->errorMessage); -#ifdef ENABLE_GSS - if (conn->gssencmode[0] == 'd') /* "disable" */ - conn->try_gss = false; -#endif - /* * Set up to try to connect to the first host. (Setting whichhost = -1 is * a bit of a cheat, but PQconnectPoll will advance it to 0 before @@ -2468,6 +2469,9 @@ keep_going: /* We will come back to here until there is conn->allow_ssl_try = (conn->sslmode[0] != 'd'); /* "disable" */ conn->wait_ssl_try = (conn->sslmode[0] == 'a'); /* "allow" */ #endif +#ifdef ENABLE_GSS + conn->try_gss = (conn->gssencmode[0] != 'd'); /* "disable" */ +#endif reset_connection_state_machine = false; need_new_connection = true; @@ -3349,12 +3353,8 @@ keep_going: /* We will come back to here until there is */ if (conn->gssenc && conn->gssencmode[0] == 'p') { - OM_uint32 minor; - /* postmaster expects us to drop the connection */ conn->try_gss = false; - conn->gssenc = false; - gss_delete_sec_context(&minor, &conn->gctx, NULL); pqDropConnection(conn, true); conn->status = CONNECTION_NEEDED; goto keep_going; @@ -3906,9 +3906,6 @@ makeEmptyPGconn(void) conn->verbosity = PQERRORS_DEFAULT; conn->show_context = PQSHOW_CONTEXT_ERRORS; conn->sock = PGINVALID_SOCKET; -#ifdef ENABLE_GSS - conn->try_gss = true; -#endif /* * We try to send at least 8K at a time, which is the usual size of pipe @@ -4065,22 +4062,6 @@ freePGconn(PGconn *conn) free(conn->gsslib); if (conn->connip) free(conn->connip); -#ifdef ENABLE_GSS - if (conn->gcred != GSS_C_NO_CREDENTIAL) - { - OM_uint32 minor; - - gss_release_cred(&minor, &conn->gcred); - conn->gcred = GSS_C_NO_CREDENTIAL; - } - if (conn->gctx) - { - OM_uint32 minor; - - gss_delete_sec_context(&minor, &conn->gctx, GSS_C_NO_BUFFER); - conn->gctx = NULL; - } -#endif /* Note that conn->Pfdebug is not ours to close or free */ if (conn->last_query) free(conn->last_query); |