Since GSSAPI and SSPI authentication don't work in protocol version 2,

issue a helpful error message instead of sending unparsable garbage.
(It is clearly a design error that this doesn't work, but fixing it
is not worth the trouble at this point.)  Per discussion.

1 files changed, 44 insertions, 6 deletions

diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index 4fb3635d24f..1a33834485d 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.163 2008/01/30 04:11:19 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.164 2008/02/08 17:58:46 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -307,12 +307,13 @@ pg_krb5_recvauth(Port *port)
 }
 #endif   /* KRB5 */
 
-#ifdef ENABLE_GSS
 /*----------------------------------------------------------------
  * GSSAPI authentication system
  *----------------------------------------------------------------
  */
 
+#ifdef ENABLE_GSS
+
 #if defined(HAVE_GSSAPI_H)
 #include <gssapi.h>
 #else
@@ -389,6 +390,19 @@ pg_GSS_recvauth(Port *port)
 	StringInfoData buf;
 	gss_buffer_desc gbuf;
 
+	/*
+	 * GSS auth is not supported for protocol versions before 3, because it
+	 * relies on the overall message length word to determine the GSS payload
+	 * size in AuthenticationGSSContinue and PasswordMessage messages.
+	 * (This is, in fact, a design error in our GSS support, because protocol
+	 * messages are supposed to be parsable without relying on the length
+	 * word; but it's not worth changing it now.)
+	 */
+	if (PG_PROTOCOL_MAJOR(FrontendProtocol) < 3)
+		ereport(FATAL,
+				(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
+				 errmsg("GSSAPI is not supported in protocol version 2")));
+
 	if (pg_krb_server_keyfile && strlen(pg_krb_server_keyfile) > 0)
 	{
 		/*
@@ -594,7 +608,9 @@ pg_GSS_recvauth(Port *port)
 
 	return STATUS_OK;
 }
+
 #else							/* no ENABLE_GSS */
+
 static int
 pg_GSS_recvauth(Port *port)
 {
@@ -603,9 +619,20 @@ pg_GSS_recvauth(Port *port)
 			 errmsg("GSSAPI not implemented on this server")));
 	return STATUS_ERROR;
 }
+
 #endif   /* ENABLE_GSS */
 
+/*----------------------------------------------------------------
+ * SSPI authentication system
+ *----------------------------------------------------------------
+ */
+
 #ifdef ENABLE_SSPI
+
+typedef		SECURITY_STATUS
+			(WINAPI * QUERY_SECURITY_CONTEXT_TOKEN_FN) (
+													   PCtxtHandle, void **);
+
 static void
 pg_SSPI_error(int severity, char *errmsg, SECURITY_STATUS r)
 {
@@ -621,10 +648,6 @@ pg_SSPI_error(int severity, char *errmsg, SECURITY_STATUS r)
 				 errdetail("%s (%x)", sysmsg, (unsigned int) r)));
 }
 
-typedef		SECURITY_STATUS
-			(WINAPI * QUERY_SECURITY_CONTEXT_TOKEN_FN) (
-													   PCtxtHandle, void **);
-
 static int
 pg_SSPI_recvauth(Port *port)
 {
@@ -651,6 +674,18 @@ pg_SSPI_recvauth(Port *port)
 	HMODULE		secur32;
 	QUERY_SECURITY_CONTEXT_TOKEN_FN _QuerySecurityContextToken;
 
+	/*
+	 * SSPI auth is not supported for protocol versions before 3, because it
+	 * relies on the overall message length word to determine the SSPI payload
+	 * size in AuthenticationGSSContinue and PasswordMessage messages.
+	 * (This is, in fact, a design error in our SSPI support, because protocol
+	 * messages are supposed to be parsable without relying on the length
+	 * word; but it's not worth changing it now.)
+	 */
+	if (PG_PROTOCOL_MAJOR(FrontendProtocol) < 3)
+		ereport(FATAL,
+				(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
+				 errmsg("SSPI is not supported in protocol version 2")));
 
 	/*
 	 * Acquire a handle to the server credentials.
@@ -878,7 +913,9 @@ pg_SSPI_recvauth(Port *port)
 
 	return STATUS_OK;
 }
+
 #else							/* no ENABLE_SSPI */
+
 static int
 pg_SSPI_recvauth(Port *port)
 {
@@ -887,6 +924,7 @@ pg_SSPI_recvauth(Port *port)
 			 errmsg("SSPI not implemented on this server")));
 	return STATUS_ERROR;
 }
+
 #endif   /* ENABLE_SSPI */