Re: [PoC] Let libpq reject unexpected authentication requests
Jacob Champion <jchampion@timescale.com>
From: Jacob Champion <jchampion@timescale.com>
To: Michael Paquier <michael@paquier.xyz>
Cc: "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>, Aleksander Alekseev <aleksander@timescale.com>, Peter Eisentraut <peter.eisentraut@enterprisedb.com>, "David G. Johnston" <david.g.johnston@gmail.com>
Date: 2023-03-13T19:38:10Z
Lists: pgsql-hackers
Attachments
- v16-0003-require_auth-decouple-SASL-and-SCRAM.patch (text/x-patch) patch v16-0003
- v16-0001-libpq-let-client-reject-unexpected-auth-methods.patch (text/x-patch) patch v16-0001
- v16-0002-Add-sslcertmode-option-for-client-certificates.patch (text/x-patch) patch v16-0002
On Fri, Mar 10, 2023 at 3:16 PM Jacob Champion <jchampion@timescale.com> wrote: > > Could you send a new patch with all these adjustments? That would > > help a lot. > > Will do! Here's a v16: - updated 0001 patch message - all test names should have commas rather than colons now - new test for an empty require_auth - new SSPI suite (note that it doesn't run by default on Cirrus, due to the use of PG_TEST_USE_UNIX_SOCKETS) - fixed errant comma at EOL Thanks, --Jacob
Commits
-
libpq: Add sslcertmode option to control client certificates
- 36f40ce2dc66 16.0 landed
-
Rewrite error message related to sslmode in libpq
- bcaa1fafc82f 16.0 landed
-
libpq: Add support for require_auth to control authorized auth methods
- 3a465cc6783f 16.0 landed
-
Run pgindent on libpq's fe-auth.c, fe-auth-scram.c and fe-connect.c
- b6dfee28f2b4 16.0 landed