Re: [PoC] Let libpq reject unexpected authentication requests
Jacob Champion <jchampion@timescale.com>
From: Jacob Champion <jchampion@timescale.com>
To: Aleksander Alekseev <aleksander@timescale.com>,
"pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>
Cc: Peter Eisentraut <peter.eisentraut@enterprisedb.com>,
Michael Paquier <michael@paquier.xyz>,
"David G. Johnston" <david.g.johnston@gmail.com>
Date: 2022-11-12T00:11:07Z
Lists: pgsql-hackers
Attachments
- since-v11.diff.txt (text/plain)
- v12-0001-libpq-let-client-reject-unexpected-auth-methods.patch (text/x-patch) patch v12-0001
- v12-0002-Add-sslcertmode-option-for-client-certificates.patch (text/x-patch) patch v12-0002
- v12-0003-require_auth-decouple-SASL-and-SCRAM.patch (text/x-patch) patch v12-0003
On 11/11/22 05:52, Aleksander Alekseev wrote: > I noticed that this patchset stuck a bit so I decided to take a look. Thanks! > Assigning a negative number to uint32 doesn't necessarily work on all > platforms. I suggest using PG_UINT32_MAX. Hmm -- on which platforms is "-1 converted to unsigned" not equivalent to the maximum value? Are they C-compliant? > The commit message IMO has a better description of "require". I > suggest adding the part about "This doesn't add any additional > security ..." to the documentation. Sounds good; see what you think of v12. > ``` > + * hard-coded certificate via sslcert, so we don't actually set any > certificates > + * here; we just it to record whether or not the server has actually asked for > ``` > > Something is off with the wording here in the "we just it to ..." part. Fixed. > The patchset seems to be in very good shape except for these few > nitpicks. I'm inclined to change its status to "Ready for Committer" > as soon as the new version will pass cfbot unless there are going to > be any objections from the community. Thank you! I expect a maintainer will need to weigh in on the cost/benefit of 0003 either way. --Jacob
Commits
-
libpq: Add sslcertmode option to control client certificates
- 36f40ce2dc66 16.0 landed
-
Rewrite error message related to sslmode in libpq
- bcaa1fafc82f 16.0 landed
-
libpq: Add support for require_auth to control authorized auth methods
- 3a465cc6783f 16.0 landed
-
Run pgindent on libpq's fe-auth.c, fe-auth-scram.c and fe-connect.c
- b6dfee28f2b4 16.0 landed