| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
| Cc: | PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Allowing SSL connection of v11 client to v10 server with SCRAM channel binding |
| Date: | 2017-12-01 14:55:03 |
| Message-ID: | 38aca887-98ae-9878-3891-f75e047ddafc@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 11/30/17 00:36, Michael Paquier wrote:
> On Wed, Nov 29, 2017 at 1:04 AM, Peter Eisentraut
> <peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
>> On 11/22/17 21:08, Michael Paquier wrote:
>>> Yes, agreed. This patch looks good to me. In fe-auth-scram.c, it would
>>> be also nice to add a comment to keep in sync the logics in
>>> build_client_first_message() and build_client_final_message() which
>>> assign the cbind flag value.
>>
>> Could you clarify what comment you would like to have added or changed?
>
> Sure. Here is with the attached patch what I have in mind. The way
> cbind-flag is assigned in the client-first message should be kept
> in-sync with the way the client-final message builds the binding data
> in c=. It could be possible to add more sanity-checks based on
> assertions by keeping track of the cbind-flag assigned in the
> client-first message as your upthread patch is doing in the backend
> code, but I see a simple comment as a sufficient reminder.
Committed with that comment, thanks.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Chapman Flack | 2017-12-01 15:04:26 | Re: Would a BGW need shmem_access or database_connection to enumerate databases? |
| Previous Message | Robert Haas | 2017-12-01 14:39:03 | Re: [HACKERS] Proposal: Local indexes for partitioned table |