Re: [PoC] Let libpq reject unexpected authentication requests

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Jacob Champion <jchampion(at)timescale(dot)com>
Cc: "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>, Aleksander Alekseev <aleksander(at)timescale(dot)com>, Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>, "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>
Subject: Re: [PoC] Let libpq reject unexpected authentication requests
Date: 2023-03-25 02:59:10
Message-ID: ZB5jftra/
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

On Fri, Mar 24, 2023 at 09:30:06AM -0700, Jacob Champion wrote:
> On Thu, Mar 23, 2023 at 10:18 PM Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>> I have spent a couple of hours looking at the whole again today,
>> testing that with OpenSSL to make sure that everything was OK. Apart
>> from a few tweaks, that seemed pretty good. So, applied.
> Thank you!

Please note that the CF entry has been marked as committed. We should
really do something about having a cleaner separation between SASL,
the mechanisms and the AUTH_REQ_* codes, in the long term, though
honestly I don't know yet what would be the most elegant and the least
error-prone approach. And for anything that touches authentication,
simpler means better.

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Andres Freund 2023-03-25 03:00:44 Re: Reconcile stats in find_tabstat_entry() and get rid of PgStat_BackendFunctionEntry
Previous Message Andres Freund 2023-03-25 02:57:40 hio.c does visibilitymap_pin()/IO while holding buffer lock