Re: [PoC] Let libpq reject unexpected authentication requests
Jacob Champion <jchampion@timescale.com>
From: Jacob Champion <jchampion@timescale.com>
To: Peter Eisentraut <peter.eisentraut@enterprisedb.com>
Cc: "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>,
Michael Paquier <michael@paquier.xyz>, "David G. Johnston" <david.g.johnston@gmail.com>
Date: 2022-06-30T23:26:54Z
Lists: pgsql-hackers
Attachments
- since-v6.diff.txt (text/plain)
- v7-0002-Add-sslcertmode-option-for-client-certificates.patch (text/x-patch) patch v7-0002
- v7-0001-libpq-let-client-reject-unexpected-auth-methods.patch (text/x-patch) patch v7-0001
On Wed, Jun 29, 2022 at 6:36 AM Peter Eisentraut
<peter.eisentraut@enterprisedb.com> wrote:
> It's not strictly related to your patch, but maybe this hint has
> outlived its usefulness? I mean, we don't list all available tables
> when you try to reference a table that doesn't exist. And unordered on
> top of that.
Yeah, maybe it'd be better to tell the user the correct context for an
otherwise-valid option ("the 'sslcert' option may only be applied to
USER MAPPING"), and avoid the option dump entirely?
--
v7, attached, fixes configuration on Windows.
--Jacob
Commits
-
libpq: Add sslcertmode option to control client certificates
- 36f40ce2dc66 16.0 landed
-
Rewrite error message related to sslmode in libpq
- bcaa1fafc82f 16.0 landed
-
libpq: Add support for require_auth to control authorized auth methods
- 3a465cc6783f 16.0 landed
-
Run pgindent on libpq's fe-auth.c, fe-auth-scram.c and fe-connect.c
- b6dfee28f2b4 16.0 landed