Re: Add "password_protocol" connection parameter to libpq
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Stephen Frost <sfrost@snowman.net>
Cc: Jeff Davis <pgsql@j-davis.com>, pgsql-hackers@postgresql.org
Date: 2019-08-13T02:53:55Z
Lists: pgsql-hackers
On Fri, Aug 09, 2019 at 09:28:50AM -0400, Stephen Frost wrote: > I don't really care for auth_protocol as that's pretty close to > "auth_method" and that isn't what we're talking about here- this isn't > the user picking the auth method, per se, but rather saying which of the > password-based mechanisms for communicating that the user knows the > password is acceptable. Letting users choose which auth methods are > allowed might also be interesting (as in- we are in a Kerberized > environment and therefore no client should ever be using any auth method > except GSS, could be a reasonable ask) but it's not the same thing. > > What restriction are you suggesting here wrt krb5..? What I suggested in this previous set of emails is if it would make sense to extend what libpq can restrict at authentication time to not only be password-based authentication methods, but also if we could have a connection parameter allowing us to say "please I want krb5/gss and nothing else". My point is that password-based authentication is only one portion of the problem as what we are looking at is applying a filtering on AUTH_REQ messages that libpq receives from the server (SCRAM with and without channel binding is an exception as that's handled as part of the SASL set of messages), but at a high level we are going to need a filtering of the first authentication message received anyway. But that's also basically what you outline in this previous paragraph of yours. -- Michael
Commits
-
Add libpq parameter 'channel_binding'.
- d6e612f837e2 13.0 landed