Quick Links

Re: Channel binding not supported using scram-sha-256 passwords

From:	Michael Paquier <michael(at)paquier(dot)xyz>
To:	Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>
Cc:	Hugh Ranalli <hugh(at)whtc(dot)ca>, Bruce Momjian <bruce(at)momjian(dot)us>, pgsql-general(at)lists(dot)postgresql(dot)org
Subject:	Re: Channel binding not supported using scram-sha-256 passwords
Date:	2019-02-21 04:47:58
Message-ID:	20190221044758.GK15532@paquier.xyz
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

On Wed, Feb 20, 2019 at 04:53:32PM +0100, Peter Eisentraut wrote:
> I think there is a bug in the frontend code. If the server offers
> SCRAM-SHA-256-PLUS, the client will choose it if SSL is in use, but it
> will later fail with this error message if not
> HAVE_PGTLS_GET_PEER_CERTIFICATE_HASH.

Good catch! Indeed that's not a good idea. What do you think about
the attached to fix the issue?
--
Michael

Attachment	Content-Type	Size
scram-libpq-fix-v1.patch	text/x-diff	1.2 KB

In response to

Re: Channel binding not supported using scram-sha-256 passwords at 2019-02-20 15:53:32 from Peter Eisentraut

Responses

Re: Channel binding not supported using scram-sha-256 passwords at 2019-02-21 19:32:01 from Peter Eisentraut

Browse pgsql-general by date

	From	Date	Subject
Next Message	Adrian Klaver	2019-02-21 05:12:34	Re: Plpythonu extension
Previous Message	rob stone	2019-02-21 04:41:12	Re: Connection string for Java to connect to PostgreSQL, using client certificates