Home > mailing lists

Re: [HACKERS] Letting the client choose the protocol to use during aSASL exchange - Mailing list pgsql-hackers

From	Heikki Linnakangas
Subject	Re: [HACKERS] Letting the client choose the protocol to use during aSASL exchange
Date	April 7, 2017 14:17:43
Msg-id	06cd6212-0d22-d840-acae-4d5158321ed3@iki.fi Whole thread Raw
In response to	Re: [HACKERS] Letting the client choose the protocol to use during aSASL exchange (Simon Riggs <simon@2ndquadrant.com>)
List	pgsql-hackers

Tree view

On 04/06/2017 11:16 PM, Simon Riggs wrote:
>> or it
>> can just ignore the list and send what it wants anyway, probably leading
>> to client disconnect.
> It would need to follow one of the requested protocols, but mark the
> request as doomed. Otherwise we'd be revealing information. That's
> what SCRAM does now.

It's not a secret today, what authentication method the server requires. 
You can't really hide it, anyway, as the client could probe with 
different lists of supported methods, and see which method the server 
picks in each case.

- Heikki

pgsql-hackers by date:

From: Tatsuo Ishii
Date: 07 April 2017, 14:06:20
Subject: Re: [HACKERS] pgbench - allow to store select results intovariables

From: Heikki Linnakangas
Date: 07 April 2017, 14:33:52
Subject: Re: [HACKERS] Letting the client choose the protocol to use during aSASL exchange

Re: [HACKERS] Letting the client choose the protocol to use during aSASL exchange - Mailing list pgsql-hackers

Previous

Next