Jacobo Vazquez | 27 Mar 12:13 2015

SSPI authentication ASC_REQ_REPLAY_DETECT flag

Hi all,

    I installed PostgreSQL 9.3 on a Windows Server 2012 and I have configured it to use SSPI authentication. The client is on a Windows 7 machine and make the connections via ODBC using a DSN with psqlodbc driver version 9.03.04.00. Authentication works in this scenario for the user authenticated in the client machine. I am always using the same user for connections.

    I used Wireshark in the configuration phase to analyze the traffic between the server and the client. It looks to me that in the authentication phase, the client always sends the same service ticket to postgresql server when a new connection is created, even when I create a new DSN pointing to the same server, it keeps sending the same service ticket.

    Analyzing the source code, in the file src/backend/libpq/auth.c looks like the server is not checking if the service ticket is reused:

    r = AcceptSecurityContext(&sspicred,
        sspictx,
        &inbuf,
        ASC_REQ_ALLOCATE_MEMORY,
        SECURITY_NETWORK_DREP,
        &newctx,
        &outbuf,
        &contextattr,
        NULL);

    The fourth parameter is not using the ASC_REQ_REPLAY_DETECT flag.

   Am I misunderstanding something or is this the expected behavior? This not means a replay attack risk? I think that if SSL is not used by the connection, a malicious user could capture the authentication package which the client service ticket and then reuse it.

Thanks in advance
--

Raiford | 26 Mar 21:38 2015

Re: Need to make a 32 bit PostgreSQL ODBC driver for Linux

Maybe this will help:

http://stackoverflow.com/questions/23638271/how-to-compile-32-bit-apps-on-64-bit-rhel


Jon



From:        Carter Chee <carter.chee <at> objectbrains.com>
To:        Raiford <at> labware.com
Date:        03/26/2015 04:32 PM
Subject:        Re: [ODBC] Need to make a 32 bit PostgreSQL ODBC driver for Linux



Red Hat Enterprise 7

On Mar 26, 2015, at 1:31 PM, Raiford <at> labware.com wrote:

Which Linux distribution are you using?

Jon



From:        Carter Chee <carter.chee <at> objectbrains.com>
To:        pgsql-odbc <at> postgresql.org
Date:        03/26/2015 04:19 PM
Subject:        [ODBC] Need to make a 32 bit PostgreSQL ODBC driver for Linux
Sent by:        pgsql-odbc-owner <at> postgresql.org



I’ve downloaded the psqlodbc-09.03.0300 source, and compiled and make it successfully.  The problem I have is I need a 32bit version of the driver.  The application that I need the driver for only uses the 32 bit version.  Is there a way to make a 32 bit version?  Any assistance would be greatly appreciated.

Thank you,

Carter Chee




--
Sent via pgsql-odbc mailing list (pgsql-odbc <at> postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-odbc



www.labware.com
Results Count






www.labware.com
Results Count



Carter Chee | 26 Mar 21:19 2015

Need to make a 32 bit PostgreSQL ODBC driver for Linux

I’ve downloaded the psqlodbc-09.03.0300 source, and compiled and make it successfully.  The problem I
have is I need a 32bit version of the driver.  The application that I need the driver for only uses the 32 bit
version.  Is there a way to make a 32 bit version?  Any assistance would be greatly appreciated.

Thank you,

Carter Chee

--

-- 
Sent via pgsql-odbc mailing list (pgsql-odbc <at> postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-odbc

Adrian Klaver | 26 Mar 15:37 2015

Re: Installation problems

On 03/26/2015 07:21 AM, Robert S. Bachman wrote:
> Thank you. Yes,  I'm using Windows 7 (64b).
>
> I invoked the dialog and setup a data source but I'm still having problems
> connecting.
>
> I attached a snippet of the driver setup dialog. When I hit the Test button,
> I get a
> Dialog stating. "Could not connect to the server; Could not resolve
> hostname."
>
> The Server entry in the dialog is: "PostgreSQL 9.0 (x86)(localhost:5432)"

PostgreSQL 9.0 (x86)(localhost:5432) is just an identifier pgAdmin 
creates to differentiate servers in the their server tree dialog.

Assuming the server is on the same machine as the ODBC driver then the 
Server entry should be:

localhost

If the ODBC client is remote to the Postgres server then the Server 
entry would be the

IP address, say 192.168.0.56

or a hostname, say dbserver.example.com

>
> The second attachment is a snippet of the pgAdmin dialog that  shows the
> Server name and the databases.
>
> We have an application that uses OTL to connect to various databases and
> we've recently
> Received a request from a customer for PostgreSQL.
>
> Any help you can provide would be greatly appreciated.
>
> Thank you again.
>
> Bob Bachman
>

-- 
Adrian Klaver
adrian.klaver <at> aklaver.com

--

-- 
Sent via pgsql-odbc mailing list (pgsql-odbc <at> postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-odbc

Robert S. Bachman | 25 Mar 22:20 2015

Installation problems

Hello,

 

I installed PostgreSQL 9.0 along with the ODBC driver that came with the installer.

 

I don’t see the (psqlodbc) Postgre ODBC driver in the ODBC Data source administrator dialog drivers tab.

 

Do I need to do something else?

 

Thank you very much.

 

Bob Bachman

Tom Lane | 25 Mar 18:40 2015
Picon

Fwd: [BUGS] BUG #12897: SQLDescribeColumn() and bit columns

forwarded from core bugs list

------- Forwarded Message

Date:    Wed, 25 Mar 2015 14:05:22 +0000
From:    smarvin <at> pobox.com
To:      pgsql-bugs <at> postgresql.org
Subject: [BUGS] BUG #12897: SQLDescribeColumn() and bit columns

The following bug has been logged on the website:

Bug reference:      12897
Logged by:          Steve Marvin
Email address:      smarvin <at> pobox.com
PostgreSQL version: 9.4.1
Operating system:   Windows 8.1
Description:        

when using statement 'select btest from public.tblname limit 1',
SQLDescribeColumn(1,...) returns nSQLType of 12 (SQL_VARCHAR) and length of
255 on columns of type 'bit' instead of -7(SQL_BIT) and length of 1.
select * from information_schema.columns using tablename,columnname,catalog
shows
the data_type is 'bit' and all other column information is correct.
ODBC Driver is PostgreSQL ANSI 9.03.04.00 10/26/2014.
Tested both x86 and x64 drivers.

------- End of Forwarded Message

--

-- 
Sent via pgsql-odbc mailing list (pgsql-odbc <at> postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-odbc

yuriana saldivar diaz | 24 Mar 21:03 2015
Picon

Controlador psqlodb

Buenas tardes, quisiera que me ayudaran porfavor a buscar el controlador psqlodb para windows server 2008 R2 standard
gracias.
esper recibir noticias pronto
Lindsay Stevens | 23 Mar 07:51 2015
Picon

Re: Re: Is it possible to set psql connection parameters before an ODBC connection?

Attached and copied below is a patch against master commit 825c29b to add a connection parameter for a postgres service name. The keyword is either "service" or the abbreviation "se". The string value gets passed in to the libpq connection.

The named service must match a service definition in a service file. The service file can be located in the default location (~/.pg_service.conf or %user%/AppData/postgresql) or in a location specified in a PGSERVICEFILE environment variable. As mentioned below, the service file allows specifying parameters like hostaddr, krbsrvname, sslcert (and others) for a connection.

Since there's no libpq servicefile parameter, I had a go at setting the service file for the libpq connection using a DSN servicefile keyword and _putenv, but that didn't seem to work, and I thought it would be better not to mess around with overriding user environment variables.

Also I haven't yet got my head around the ODBC manager dialog box stuff yet but this works just fine when specifying the parameter in a FileDSN or ODBC connection string. I also had trouble getting the installer to build - the light.exe step always failed for no apparent reason.

Best regards,
Lindsay

*** start patch ***

diff --git a/connection.c b/connection.c
index 131a0e7..63af8ca 100644
--- a/connection.c
+++ b/connection.c
<at> <at> -312,6 +312,7 <at> <at> CC_copy_conninfo(ConnInfo *ci, const ConnInfo *sci)
     NAME_TO_NAME(ci->password, sci->password);
     CORR_STRCPY(port);
     CORR_STRCPY(sslmode);
+    CORR_STRCPY(service);
     CORR_STRCPY(onlyread);
     CORR_STRCPY(fake_oid_index);
     CORR_STRCPY(show_oid_column);
<at> <at> -2510,6 +2511,10 <at> <at> LIBPQ_connect(ConnectionClass *self)
             opts[cnt] = "sslmode";
             vals[cnt++] = ci->sslmode;
     }
+    if (ci->service[0])
+    {
+        opts[cnt] = "service";        vals[cnt++] = ci->service;
+    }
     if (NAME_IS_VALID(ci->password))
     {
         opts[cnt] = "password";    vals[cnt++] = SAFE_NAME(ci->password);
diff --git a/connection.h b/connection.h
index 20d0bbb..f8aa808 100644
--- a/connection.h
+++ b/connection.h
<at> <at> -218,6 +218,7 <at> <at> typedef struct
     pgNAME        password;
     char        port[SMALL_REGISTRY_LEN];
     char        sslmode[16];
+    char        service[MEDIUM_REGISTRY_LEN];
     char        onlyread[SMALL_REGISTRY_LEN];
     char        fake_oid_index[SMALL_REGISTRY_LEN];
     char        show_oid_column[SMALL_REGISTRY_LEN];
diff --git a/dlg_specific.c b/dlg_specific.c
index 6ab7464..cdc1a0d 100644
--- a/dlg_specific.c
+++ b/dlg_specific.c
<at> <at> -289,6 +289,7 <at> <at> inolog("hlen=%d", hlen);
             strcpy(protocol_and, "7.4");
         olen = snprintf(&connect_string[hlen], nlen, ";"
             INI_SSLMODE "=%s;"
+            INI_SERVICE "=%s;"
             INI_READONLY "=%s;"
             INI_PROTOCOL "=%s;"
             INI_FAKEOIDINDEX "=%s;"
<at> <at> -323,6 +324,7 <at> <at> inolog("hlen=%d", hlen);
             INI_XAOPT "=%d"    /* XAOPT */
 #endif /* _HANDLE_ENLIST_IN_DTC_ */
             ,ci->sslmode
+            ,ci->service
             ,ci->onlyread
             ,protocol_and
             ,ci->fake_oid_index
<at> <at> -660,6 +662,8 <at> <at> copyAttributes(ConnInfo *ci, const char *attribute, const char *value)
                 break;
         }
     }
+    else if (stricmp(attribute, INI_SERVICE) == 0 || stricmp(attribute, ABBR_SERVICE) == 0)
+        strcpy(ci->service, value);
     else if (stricmp(attribute, INI_ABBREVIATE) == 0)
         unfoldCXAttribute(ci, value);
 #ifdef    _HANDLE_ENLIST_IN_DTC_
<at> <at> -1000,6 +1004,9 <at> <at> getDSNinfo(ConnInfo *ci, char overwrite)
     if (ci->sslmode[0] == '\0' || overwrite)
         SQLGetPrivateProfileString(DSN, INI_SSLMODE, "", ci->sslmode, sizeof(ci->sslmode), ODBC_INI);
 
+    if (ci->service[0] == '\0' || overwrite)
+        SQLGetPrivateProfileString(DSN, INI_SERVICE, "", ci->service, sizeof(ci->service), ODBC_INI);
+
 #ifdef    _HANDLE_ENLIST_IN_DTC_
     if (ci->xa_opt < 0 || overwrite)
     {
<at> <at> -1270,6 +1277,10 <at> <at> writeDSNinfo(const ConnInfo *ci)
                                  INI_SSLMODE,
                                  ci->sslmode,
                                  ODBC_INI);
+    SQLWritePrivateProfileString(DSN,
+                                 INI_SERVICE,
+                                 ci->service,
+                                 ODBC_INI);
     sprintf(temp, "%d", ci->keepalive_idle);
     SQLWritePrivateProfileString(DSN,
                                  INI_KEEPALIVETIME,
diff --git a/dlg_specific.h b/dlg_specific.h
index 30ea389..ceb3bea 100644
--- a/dlg_specific.h
+++ b/dlg_specific.h
<at> <at> -157,6 +157,8 <at> <at> extern "C" {
 #define ABBR_LOWERCASEIDENTIFIER    "C9"
 #define INI_SSLMODE            "SSLmode"
 #define ABBR_SSLMODE            "CA"
+#define INI_SERVICE            "service"
+#define ABBR_SERVICE            "SE"
 #define INI_EXTRAOPTIONS        "AB"
 #define INI_LOGDIR            "Logdir"
 #define INI_GSSAUTHUSEGSSAPI        "GssAuthUseGSS"


*** end patch ***


On 21 March 2015 at 11:59, Lindsay Stevens <lindsay.stevens.au <at> gmail.com> wrote:

Thanks, I tried this but couldn't seem to get it to work, e.g. ConnSettings=/*krbsrvname=myvalue*/, or placing the comment in braces, or putting myvalue in quotes, or making the whole comment url encoded.

I haven't written a line of C before but I had a read of the source anyway and it seems that most of the DSN values get put in a ConnInfo object in dlg_specific which is passed in to libpq  PQconnectdb. So it might just be a matter of adding "service" and/or the relevant keywords to the conninfo object. It also seems that there is no servicefile keyword, unfortunately. I'll have a go at this and see if it works, I think it would be a useful feature.

I'm using pg 9.3.5 and the latest odbc driver, by the way.

On 20/03/2015 4:17 AM, "Jacobo" <jsanchez <at> denodo.com> wrote:
I was currently digging into the code to find a way to specify krbsrvname and
just found that before reading the PGKRBSRVNAME environment variable it
calls a function in order to find the krbsrvname.

Checking the implementation i realized that in order to read this parameter
from Connect Settings at this level they should be added inside a comment.

To verify this i have configured a DSN with Connect Settings
/*krbsrvname=myvalue*/ and from the logs it seems to be using this value.

I don't know for the rest of parameters but this may also work for them.

Hope this helps

Regards,

Jacobo



--
View this message in context: http://postgresql.nabble.com/Is-it-possible-to-set-psql-connection-parameters-before-an-ODBC-connection-tp5842291p5842571.html
Sent from the PostgreSQL - odbc mailing list archive at Nabble.com.


--
Sent via pgsql-odbc mailing list (pgsql-odbc <at> postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-odbc


--

-- 
Sent via pgsql-odbc mailing list (pgsql-odbc <at> postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-odbc
Kadri Raudsepp | 20 Mar 12:38 2015
Picon

Problem with client_encoding and PsqlODBC driver.

Hello, 

I have some trouble with client_encoding using psqlodbc driver and - being unable to solve it - was hoping you would be able to help me.

I need to import large amount of data to SQL Server from postgres database. I'm using psqlodbc driver version 9.03.04.00, Microsoft SQL Server 2012 and postgres version 9.2. My postgres cluster has the encoding SQL_ASCII and database encoding is LATIN1.

I tried both Unicode(x64) and ANSI(x64) drivers, writing "SET CLIENT_ENCODING TO 'LATIN1'" to Connect Settings textbox. For both drivers, connection is successful and I use openquery to read the data, but my text data is all garbled.

Looking into the driver log I can see that the client_encoding is indeed set to LATIN1 as expected, but after that cc_lookup_characterset is called and with that the encoding is changed to UTF8 with Unicode driver and - I'm not sure what happens with ANSI driver, but the result does not look like desired. I have attached a log file that contains the logs for both driver's connection test.

Is there a setting I've overlooked or an action I could take to have the driver not to override my desired client_encoding? Am I doing something wrong altogether? Or is there maybe an older version of the driver that doesn't behave this way?

Thank you in advance and all the best,
Katie
Attachment (mylog_2592.log): application/octet-stream, 30 KiB

--

-- 
Sent via pgsql-odbc mailing list (pgsql-odbc <at> postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-odbc
Ralph Stefan | 19 Mar 16:55 2015

BUG #12878: Update fails with ODBC driver 9.0.3.400

To Whom It May Concern:

Jaime Soler asked me to forward this to you. Any help would be greatly appreciated. I found the reports about extra_float_digits and that doesn’t seem to fix this problem.

Regards,

Ralph Stefan

 

The following bug has been logged on the website:

 

Bug reference:      12878

Logged by:          Ralph Stefan

Email address:      rstefan <at> perceptron.com

PostgreSQL version: 9.2.10

Operating system:   Windows 7

Description:        

 

I have a problem with the 9.0.3.400 ODBC driver. Using a C++ client using CRecordSet, the update method fails. The ODBC driver is now expanding a double to 17 or 18 digits of precision. In version 9.0.3.300 and lower, it only expanded it to 16 digits of precision. Here is the SQL log for an update in version 9.0.3.300:

 

UPDATE SP_MEMS_LIGHTSOURCE_OPTIONS SET

start_x='-0.0819098162202559',start_y='-0.288030017956869',end_x='0.0959545102741697',end_y='0.270450291244762',number_of_lines=10,cycle_time=480,exposure=5946,min_clipz='-20',max_clipz='20',min_exposure=500,max_exposure=10000

WHERE "options_id" = 10009 AND "lightsource_order" = 0 AND "surface_id" =

10007 AND "lightsource_type" = 1 AND "pattern_type" = 0 AND "start_x" = '-0.28' AND "start_y" = '-0.32' AND "end_x" = '0.32' AND "end_y" = '0.26'

AND "number_of_lines" = 20 AND "cycle_time" = 800 AND "samples_per_second" =

50000 AND "horizontal_speed" = 0 AND "vertical_speed" = 0 AND "scan_rate" =

25 AND "exposure" = 6196 AND "gain" = 3 AND "mode" = 1 AND "continuous" = 0 AND "disable_interpolation" = 0 AND "disable_filter" = 0 AND "min_clipz" = '-50' AND "max_clipz" = '50' AND "rotation" = '0' AND "algorithm" = 2 AND "min_exposure" = 0 AND "max_exposure" = 0 AND "laser_modulation" = 0 AND "allow_updates" = 1

 

Here is the same update in 9.0.3.400

 

UPDATE SP_MEMS_LIGHTSOURCE_OPTIONS SET

start_x='-0.081909816220255879',start_y='-0.288030017956869',end_x='0.09595451027416968',end_y='0.27045029124476166',number_of_lines=10,cycle_time=480,exposure=5946,min_clipz='-20',max_clipz='20',min_exposure=500,max_exposure=10000

WHERE "options_id" = 10019 AND "lightsource_order" = 0 AND "surface_id" =

10017 AND "lightsource_type" = 1 AND "pattern_type" = 0 AND "start_x" = '-0.28000000000000003' AND "start_y" = '-0.32000000000000001' AND "end_x" = '0.32000000000000001' AND "end_y" = '0.26000000000000001' AND "number_of_lines" = 20 AND "cycle_time" = 800 AND "samples_per_second" =

50000 AND "horizontal_speed" = 0 AND "vertical_speed" = 0 AND "scan_rate" =

25 AND "exposure" = 6196 AND "gain" = 3 AND "mode" = 1 AND "continuous" = 0 AND "disable_interpolation" = 0 AND "disable_filter" = 0 AND "min_clipz" = '-50' AND "max_clipz" = '50' AND "rotation" = '0' AND "algorithm" = 2 AND "min_exposure" = 0 AND "max_exposure" = 0 AND "laser_modulation" = 0 AND "allow_updates" = 1

 

With the additional garbage digit of precision, the update now fails.

 

 

 

Enrico | 19 Mar 11:01 2015
Picon

Odbc through vpn

Hi, I did a migration from postgresql 8.1 to 9.4.1 and I have this problem, only for clients who work through
the vpn, queries are very slow and this problem did not exist before migration,the network is the same , the
server is the same, the current version of postgresql is 9.4.1 and odbc is the latest 32-bit version.
For the clients who work in LAN , ODBC works fine.

Can anyone help me?

Thanks in advantage.

-- 
Enrico <sscotty71 <at> gmail.com>

--

-- 
Sent via pgsql-odbc mailing list (pgsql-odbc <at> postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-odbc


Gmane