Re: pgsql: Add libpq parameter 'channel_binding'.
| От | Jeff Davis |
|---|---|
| Тема | Re: pgsql: Add libpq parameter 'channel_binding'. |
| Дата | |
| Msg-id | 11a5c3b483f1c0140f9fc5cf863d8ac61a28e60a.camel@j-davis.com обсуждение исходный текст |
| Ответ на | Re: pgsql: Add libpq parameter 'channel_binding'. (Michael Paquier <michael@paquier.xyz>) |
| Ответы |
Re: pgsql: Add libpq parameter 'channel_binding'.
|
| Список | pgsql-committers |
On Mon, 2019-09-30 at 16:08 +0900, Michael Paquier wrote:
> So, something like the attached looks better to me. Using a server
> which publishes SCRAM-SHA-256-PLUS, I get the following over SSL:
> 1) client supports channel binding:
> 1-1) channel_binding = disable => OK, with SCRAM-SHA-256
> 1-2) channel_binding = prefer => OK, with SCRAM-SHA-256-PLUS
> 1-3) channel_binding = require => OK, with SCRAM-SHA-256-PLUS
> 2) client does not support channel binding
> 2-1) channel_binding = disable => OK, with SCRAM-SHA-256
> 2-2) channel_binding = prefer => OK, with SCRAM-SHA-256
> 2-3) channel_binding = require => failure with new error message,
> instead of the confusing one.
For 2-3, shouldn't we error at an earlier stage? The user of the client
has requested something impossible to satisfy.
Regards,
Jeff Davis
В списке pgsql-committers по дате отправления: