Home > mailing lists

Re: pgsql: Add libpq parameter 'channel_binding'. - Mailing list pgsql-committers

From	Jeff Davis
Subject	Re: pgsql: Add libpq parameter 'channel_binding'.
Date	September 30, 2019 21:14:47
Msg-id	11a5c3b483f1c0140f9fc5cf863d8ac61a28e60a.camel@j-davis.com Whole thread Raw
In response to	Re: pgsql: Add libpq parameter 'channel_binding'. (Michael Paquier <michael@paquier.xyz>)
Responses	Re: pgsql: Add libpq parameter 'channel_binding'. (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-committers

Tree view

On Mon, 2019-09-30 at 16:08 +0900, Michael Paquier wrote:
> So, something like the attached looks better to me.  Using a server
> which publishes SCRAM-SHA-256-PLUS, I get the following over SSL:
> 1) client supports channel binding:
> 1-1) channel_binding = disable => OK, with SCRAM-SHA-256 
> 1-2) channel_binding = prefer => OK, with SCRAM-SHA-256-PLUS
> 1-3) channel_binding = require => OK, with SCRAM-SHA-256-PLUS
> 2) client does not support channel binding
> 2-1) channel_binding = disable => OK, with SCRAM-SHA-256
> 2-2) channel_binding = prefer => OK, with SCRAM-SHA-256
> 2-3) channel_binding = require => failure with new error message,
> instead of the confusing one.

For 2-3, shouldn't we error at an earlier stage? The user of the client
has requested something impossible to satisfy.

Regards,
    Jeff Davis

pgsql-committers by date:

From: Bruce Momjian
Date: 30 September 2019, 20:44:27
Subject: pgsql: docs: adjust multi-column most-common-value statistics

From: Tom Lane
Date: 30 September 2019, 21:20:29
Subject: Re: pgsql: Add libpq parameter 'channel_binding'.

Re: pgsql: Add libpq parameter 'channel_binding'. - Mailing list pgsql-committers

Previous

Next