Home > mailing lists

Re: Handling better supported channel binding types for SSLimplementations - Mailing list pgsql-hackers

From	Michael Paquier
Subject	Re: Handling better supported channel binding types for SSLimplementations
Date	January 22, 2018 19:05:36
Msg-id	20180122130536.GC1772@paquier.xyz Whole thread Raw
In response to	Re: Handling better supported channel binding types for SSL implementations (Daniel Gustafsson <daniel@yesql.se>)
Responses	Re: Handling better supported channel binding types for SSL implementations
List	pgsql-hackers

Tree view

On Mon, Jan 22, 2018 at 11:07:55AM +0100, Daniel Gustafsson wrote:
> An extensible API makes more sense than on/off (or one on/off call per
> binding).  Perhaps a way to validate the contents of the list is
> required though?  Or an assertion on the contents to catch errors
> during testing.

Do you have something specific in mind?

> Nitpicking: In src/backend/libpq/auth.c:CheckSCRAMAuth(), this comment
> reads a bit strange:
>
> +     * Get the list of channel binding types supported by this SSL
> +     * implementation to determine if server should publish -PLUS
> +     * mechanisms or not.
>
> Since auth.c isn’t tied to any SSL implementation, shouldn’t it be
> “supported by the configured SSL implementation” or something along
> those lines?

Yes, your words sound better.
--
Michael

Attachment

signature.asc

pgsql-hackers by date:

From: Robert Haas
Date: 22 January 2018, 18:40:30
Subject: Re: [HACKERS] UPDATE of partition key

From: Robert Haas
Date: 22 January 2018, 19:46:07
Subject: Re: [HACKERS] parallel.c oblivion of worker-startup failures

Re: Handling better supported channel binding types for SSLimplementations - Mailing list pgsql-hackers

Attachment

Previous

Next