| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
| Cc: | Andreas Karlsson <andreas(at)proxel(dot)se>, Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com>, Jeff Janes <jeff(dot)janes(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [HACKERS] GnuTLS support |
| Date: | 2018-01-02 23:35:43 |
| Message-ID: | 20180102233543.GA1202@paquier.xyz |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jan 02, 2018 at 10:35:16AM -0500, Peter Eisentraut wrote:
> I see a potential problem with the SCRAM channel binding support.
> GnuTLS will not support tls-server-endpoint, so we'll need to check what
> happens when a client requests that. (That's not the problem of this
> patch, however.)
Doesn't it depend on the first patch merged into HEAD? At the end we'll
need to make be_tls_get_certificate_hash() generate an ereport() with
ERRCODE_FEATURE_NOT_SUPPORTED and have pgtls_get_peer_certificate_hash()
return NULL with conn->errorMessage properly filled.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joshua D. Drake | 2018-01-02 23:42:45 | Re: TODO list (was Re: Contributing with code) |
| Previous Message | Peter Eisentraut | 2018-01-02 22:52:37 | Re: Contributing with code |