| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Accept SCRAM channel binding enabled clients |
| Date: | 2017-12-08 15:22:48 |
| Message-ID: | E1eNKUC-0006F5-7y@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Accept SCRAM channel binding enabled clients
Add support to the SCRAM exchange for clients that support channel
binding, such as PostgreSQL version 11 and beyond. If such a client
encounters a PostgreSQL 10 server that does not support channel binding,
it will send a channel binding flag 'y', meaning the client supports
channel binding but thinks the server does not. But PostgreSQL 10
erroneously did not accept that flag. This would cause connections to
fail if a version 11 client connects to a version 10 server with SCRAM
authentication over SSL.
Author: Michael Paquier <michael(dot)paquier(at)gmail(dot)com>
Branch
------
REL_10_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/218b024a7ec866ec62abb5c2fb4eb9108bb5fc0f
Modified Files
--------------
src/backend/libpq/auth-scram.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2017-12-08 15:59:10 | pgsql: doc: Add advice about systemd RemoveIPC |
| Previous Message | Peter Eisentraut | 2017-12-08 14:43:28 | pgsql: Apply identity sequence values on COPY |