Re: Letting the client choose the protocol to use during a SASL exchange

Michael Paquier <michael.paquier@gmail.com>

From: Michael Paquier <michael.paquier@gmail.com>
To: Simon Riggs <simon@2ndquadrant.com>
Cc: Álvaro Hernández Tortosa <aht@8kdata.com>, Tom Lane <tgl@sss.pgh.pa.us>, PostgreSQL mailing lists <pgsql-hackers@postgresql.org>, Heikki Linnakangas <hlinnaka@iki.fi>
Date: 2017-04-06T22:33:36Z
Lists: pgsql-hackers
On Fri, Apr 7, 2017 at 7:29 AM, Simon Riggs <simon@2ndquadrant.com> wrote:
> On 6 April 2017 at 16:15, Álvaro Hernández Tortosa <aht@8kdata.com> wrote:
>
>>     Per the SCRAM RFC, it is the server who advertises and the client who picks.
>
> Yes, but what does the RFC say about how to handle servers with an pg_hba.conf?
>
> How and what will we advertise?

Did you read the first email of this thread? The RFC says that the
protocol implementers are free to do what they want as this is
protocol-specific. At least that's what I understand.
-- 
Michael


Commits

  1. Improve the SASL authentication protocol.

  2. Refactor libpq authentication request processing.

  3. Minor cleanup of backend SCRAM code.