| From: | Simon Riggs <simon(at)2ndquadrant(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org>, Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
| Subject: | Re: Letting the client choose the protocol to use during a SASL exchange |
| Date: | 2017-04-06 20:16:10 |
| Message-ID: | CANP8+jKPq1TXVq17V9fdT-fJtb1u4tZeaK2SE66a9sL7Tt6nmA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 6 April 2017 at 16:05, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Perhaps we could turn this around: have the client send (in the connection
> request packet) a list of auth protocols it thinks it is able to handle.
> (I'm envisioning this as being more or less fixed for any one version of
> any one client, since it would basically mean "I have code to do X, Y, or
> Z".) Then the server can pick one that is allowed by pg_hba.conf,
+1
Much better plan.
> or it
> can just ignore the list and send what it wants anyway, probably leading
> to client disconnect.
It would need to follow one of the requested protocols, but mark the
request as doomed. Otherwise we'd be revealing information. That's
what SCRAM does now.
Since the list is currently length one, we can add more later when we
get a list potentially > 1.
> We could avoid this being a protocol break by having the server's default
> assumption being that the client can handle all pre-SCRAM auth protocols.
+1
--
Simon Riggs http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tomas Vondra | 2017-04-06 20:37:12 | Re: TPC-H Q20 from 1 hour to 19 hours! |
| Previous Message | Álvaro Hernández Tortosa | 2017-04-06 20:15:43 | Re: Letting the client choose the protocol to use during a SASL exchange |