return NULL;
}
+ /*
+ * For GSS and SSPI, set the default value of include_realm to true.
+ * Having include_realm set to false is dangerous in multi-realm
+ * situations and is generally considered bad practice. We keep the
+ * capability around for backwards compatibility, but we might want to
+ * remove it at some point in the future. Users who still need to strip
+ * the realm off would be better served by using an appropriate regex in a
+ * pg_ident.conf mapping.
+ */
+ if (parsedline->auth_method == uaGSS ||
+ parsedline->auth_method == uaSSPI)
+ parsedline->include_realm = true;
+
/* Parse remaining arguments */
while ((field = lnext(field)) != NULL)
{
hbaline->ldapscope = LDAP_SCOPE_SUBTREE;
#endif
- /*
- * For GSS and SSPI, set the default value of include_realm to true.
- * Having include_realm set to false is dangerous in multi-realm
- * situations and is generally considered bad practice. We keep the
- * capability around for backwards compatibility, but we might want to
- * remove it at some point in the future. Users who still need to strip
- * the realm off would be better served by using an appropriate regex in a
- * pg_ident.conf mapping.
- */
- if (hbaline->auth_method == uaGSS ||
- hbaline->auth_method == uaSSPI)
- hbaline->include_realm = true;
-
if (strcmp(name, "map") == 0)
{
if (hbaline->auth_method != uaIdent &&
projects / postgresql.git / commitdiff