Re: [PoC] Let libpq reject unexpected authentication requests

Jacob Champion <jchampion@timescale.com>

From: Jacob Champion <jchampion@timescale.com>
To: Peter Eisentraut <peter.eisentraut@enterprisedb.com>
Cc: "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>, Michael Paquier <michael@paquier.xyz>, "David G. Johnston" <david.g.johnston@gmail.com>
Date: 2022-09-21T15:33:55Z
Lists: pgsql-hackers

Attachments

On Fri, Sep 16, 2022 at 1:29 PM Jacob Champion <jchampion@timescale.com> wrote:
> I'm happy to implement proofs of concept for that, or any other ideas,
> given the importance of getting this "right enough" the first time.
> Just let me know.

v8 rebases over the postgres_fdw HINT changes; there are no functional
differences.

--Jacob

Commits

  1. libpq: Add sslcertmode option to control client certificates

  2. Rewrite error message related to sslmode in libpq

  3. libpq: Add support for require_auth to control authorized auth methods

  4. Run pgindent on libpq's fe-auth.c, fe-auth-scram.c and fe-connect.c