Fix assorted bugs in handling of non-blocking I/O when using GSSAPI encryption. The encryption layer could return the wrong status information to its caller, resulting in effectively dropping some data (or possibly in aborting a not-broken connection), or in a "livelock" situation where data remains to be sent but the upper layers think transmission is done and just go to sleep. There were multiple small thinkos contributing to that, as well as one big one (failure to think through what to do when a send fails after having already transmitted data). Note that these errors could cause failures whether the client application asked for non-blocking I/O or not, since both libpq and the backend always run things in non-block mode at this level.
Also get rid of use of static variables for GSSAPI inside libpq; that's entirely not okay given that multiple connections could be open at once inside a single client process.
Also adjust a bunch of random small discrepancies between the frontend and backend versions of the send/receive functions -- except for error handling, they should be identical, and now they are.
Also extend the Kerberos TAP tests to exercise cases where nontrivial amounts of data need to be pushed through encryption. Before, those tests didn't provide any useful coverage at all for the cases of interest here. (They still might not, depending on timing, but at least there's a chance.)
Per complaint from pmc@citylink and subsequent investigation. Back-patch to v12 where this code was introduced.
2c0cdc8183 Extensive code review for GSSAPI encryption mechanism.
src/backend/libpq/be-secure-gssapi.c | 397 ++++++++++++++++--------------
src/interfaces/libpq/fe-connect.c | 17 +-
src/interfaces/libpq/fe-secure-gssapi.c | 416 ++++++++++++++++++++------------
src/interfaces/libpq/libpq-int.h | 17 ++
src/test/kerberos/t/001_auth.pl | 52 +++-
5 files changed, 555 insertions(+), 344 deletions(-)