Explicitly require password for SCRAM exchange

Daniel Gustafsson <dgustafsson@postgresql.org>

Commit: adcdb2c8dda4fb28e373ddff41a0de6936772249
Author: Daniel Gustafsson <dgustafsson@postgresql.org>
Date: 2024-03-21T13:45:54Z
Releases: 17.0
Explicitly require password for SCRAM exchange

This refactors the SASL init flow to set password_needed on the two
SCRAM exchanges currently supported. The code already required this
but was set up in such a way that all SASL exchanges required using
a password, a restriction which may not hold for all exchanges (the
example at hand being the proposed OAuthbearer exchange).

This was extracted from a larger patchset to introduce OAuthBearer
authentication and authorization.

Author: Jacob Champion <jacob.champion@enterprisedb.com>
Discussion: https://postgr.es/m/d1b467a78e0e36ed85a09adf979d04cf124a9d4b.camel@vmware.com

Files

PathChange+/−
src/interfaces/libpq/fe-auth.c modified +15 −13

Discussion