Implement channel binding tls-server-end-point for SCRAM

Enterprise / PostgreSQL - Peter Eisentraut [gmx.net] - 4 January 2018 20:29 EST

This adds a second standard channel binding type for SCRAM. It is mainly intended for third-party clients that cannot implement tls-unique, for example JDBC.

Author: Michael Paquier

d3fb72ea6d Implement channel binding tls-server-end-point for SCRAM
doc/src/sgml/protocol.sgml | 17 ++++---
src/backend/libpq/auth-scram.c | 20 ++++++--
src/backend/libpq/be-secure-openssl.c | 61 ++++++++++++++++++++++++
src/include/common/scram-common.h | 1 +
src/include/libpq/libpq-be.h | 1 +
src/interfaces/libpq/fe-auth-scram.c | 15 ++++++
src/interfaces/libpq/fe-secure-openssl.c | 80 ++++++++++++++++++++++++++++++++
src/interfaces/libpq/libpq-int.h | 1 +
src/test/ssl/t/002_scram.pl | 5 +-
9 files changed, 189 insertions(+), 12 deletions(-)

Upstream: git.postgresql.org


  • Share