diff options
Diffstat (limited to 'src/backend/libpq/hba.c')
| -rw-r--r-- | src/backend/libpq/hba.c | 19 |
1 files changed, 4 insertions, 15 deletions
diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c index 0cc43977691..99319b273aa 100644 --- a/src/backend/libpq/hba.c +++ b/src/backend/libpq/hba.c @@ -1447,19 +1447,6 @@ parse_hba_line(TokenizedLine *tok_line, int elevel) *err_msg = "gssapi authentication is not supported on local sockets"; return NULL; } - if (parsedline->conntype == ctHostGSS && - parsedline->auth_method != uaGSS && - parsedline->auth_method != uaReject && - parsedline->auth_method != uaTrust) - { - ereport(elevel, - (errcode(ERRCODE_CONFIG_FILE_ERROR), - errmsg("GSSAPI encryption only supports gss, trust, or reject authentication"), - errcontext("line %d of configuration file \"%s\"", - line_num, HbaFileName))); - *err_msg = "GSSAPI encryption only supports gss, trust, or reject authentication"; - return NULL; - } if (parsedline->conntype != ctLocal && parsedline->auth_method == uaPeer) @@ -2134,9 +2121,11 @@ check_hba(hbaPort *port) /* Check GSSAPI state */ #ifdef ENABLE_GSS - if (port->gss->enc && hba->conntype == ctHostNoGSS) + if (port->gss && port->gss->enc && + hba->conntype == ctHostNoGSS) continue; - else if (!port->gss->enc && hba->conntype == ctHostGSS) + else if (!(port->gss && port->gss->enc) && + hba->conntype == ctHostGSS) continue; #else if (hba->conntype == ctHostGSS) |