From bb1e32b8da7f495372e5118096d9f64cc40bd807 Mon Sep 17 00:00:00 2001
From: Matt Jibson <matt.jibson@gmail.com>
Date: Mon, 27 Jul 2020 13:55:44 -0600
Subject: [PATCH] use krbsrvname for GSS auth; improve GSS docs

---
 README.md | 5 +----
 conn.go   | 8 ++++----
 doc.go    | 9 +++++++--
 3 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/README.md b/README.md
index ecd01939..c972a86a 100644
--- a/README.md
+++ b/README.md
@@ -19,10 +19,7 @@
 * Unix socket support
 * Notifications: `LISTEN`/`NOTIFY`
 * pgpass support
-
-## Optional Features
-
-* GSS (Kerberos) auth (to use, see GoDoc)
+* GSS (Kerberos) auth
 
 ## Tests
 
diff --git a/conn.go b/conn.go
index b3ab14d3..f313c149 100644
--- a/conn.go
+++ b/conn.go
@@ -1074,9 +1074,9 @@ func isDriverSetting(key string) bool {
 		return true
 	case "binary_parameters":
 		return true
-	case "service":
+	case "krbsrvname":
 		return true
-	case "spn":
+	case "krbspn":
 		return true
 	default:
 		return false
@@ -1168,13 +1168,13 @@ func (cn *conn) auth(r *readBuf, o values) {
 
 		var token []byte
 
-		if spn, ok := o["spn"]; ok {
+		if spn, ok := o["krbspn"]; ok {
 			// Use the supplied SPN if provided..
 			token, err = cli.GetInitTokenFromSpn(spn)
 		} else {
 			// Allow the kerberos service name to be overridden
 			service := "postgres"
-			if val, ok := o["service"]; ok {
+			if val, ok := o["krbsrvname"]; ok {
 				service = val
 			}
 
diff --git a/doc.go b/doc.go
index 78c670b1..b5718480 100644
--- a/doc.go
+++ b/doc.go
@@ -57,8 +57,6 @@ supported:
 	* sslkey - Key file location. The file must contain PEM encoded data.
 	* sslrootcert - The location of the root certificate file. The file
 	  must contain PEM encoded data.
-	* spn - Configures GSS (Kerberos) SPN.
-	* service - GSS (Kerberos) service name to use when constructing the SPN (default is `postgres`).
 
 Valid values for sslmode are:
 
@@ -259,5 +257,12 @@ package:
 This package is in a separate module so that users who don't need Kerberos
 don't have to download unnecessary dependencies.
 
+When imported, additional connection string parameters are supported:
+
+	* krbsrvname - GSS (Kerberos) service name when constructing the
+	  SPN (default is `postgres`). This will be combined with the host
+	  to form the full SPN: `krbsrvname/host`.
+	* krbspn - GSS (Kerberos) SPN. This takes priority over
+	  `krbsrvname` if present.
 */
 package pq