Home > mailing lists

Re: Proposal: Support custom authentication methods using hooks - Mailing list pgsql-hackers

From	Andres Freund
Subject	Re: Proposal: Support custom authentication methods using hooks
Date	February 25, 2022 20:40:53
Msg-id	20220225174053.grc7q2cqlo5t2vet@alap3.anarazel.de Whole thread Raw
In response to	Re: Proposal: Support custom authentication methods using hooks (Jeff Davis <pgsql@j-davis.com>)
List	pgsql-hackers

Tree view

Hi,

On 2022-02-25 09:33:45 -0800, Jeff Davis wrote:
> On Thu, 2022-02-24 at 20:47 -0500, Tom Lane wrote:
> > ... and, since we can't readily enforce that the client only sends
> > those cleartext passwords over suitably-encrypted connections, this
> > could easily be a net negative for security.  Not sure that I think
> > it's a good idea.
> 
> I don't understand your point. Can't you just use "hostssl" rather than
> "host"?

And the extension could check Port->ssl_in_use before sendAuthRequest(AUTH_REQ_PASSWORD)
if it wanted to restrict it.

Greetings,

Andres Freund

pgsql-hackers by date:

From: Tom Lane
Date: 25 February 2022, 20:39:24
Subject: Re: Proposal: Support custom authentication methods using hooks

From: Matthias van de Meent
Date: 25 February 2022, 20:49:42
Subject: Re: Report checkpoint progress with pg_stat_progress_checkpoint (was: Report checkpoint progress in server logs)

Re: Proposal: Support custom authentication methods using hooks - Mailing list pgsql-hackers

Previous

Next