upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-03-06 23:32:30 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src
History
Michael Paquier 44bd0126c7 Add more sanity checks in SASL exchanges 
The following checks are added, to make the SASL infrastructure more
aware of defects when implementing new mechanisms:
- Detect that no output is generated by a mechanism if an exchange fails
in the backend, failing if there is a message waiting to be sent.
- Handle zero-length messages in the frontend.  The backend handles that
already, and SCRAM would complain if sending empty messages as this is
not authorized for this mechanism, but other mechanisms may want this
capability (the SASL specification allows that).
- Make sure that a mechanism generates a message in the middle of the
exchange in the frontend.

SCRAM, as implemented, respects all these requirements already, and the
recent refactoring of SASL done in 9fd8557 helps in documenting that in
a cleaner way.

Analyzed-by: Jacob Champion
Author: Michael Paquier
Reviewed-by: Jacob Champion
Discussion: https://postgr.es/m/3d2a6f5d50e741117d6baf83eb67ebf1a8a35a11.camel@vmware.com
2021-07-10 21:45:28 +09:00
..
backend Add more sanity checks in SASL exchanges 2021-07-10 21:45:28 +09:00
bin Simplify error handing of jsonapi.c for the frontend 2021-07-02 09:35:12 +09:00
common Simplify error handing of jsonapi.c for the frontend 2021-07-02 09:35:12 +09:00
fe_utils Fix incautious handling of possibly-miscoded strings in client code. 2021-06-07 14:15:25 -04:00
include Update configure's probe for libldap to work with OpenLDAP 2.5. 2021-07-09 12:38:55 -04:00
interfaces Add more sanity checks in SASL exchanges 2021-07-10 21:45:28 +09:00
makefiles Add NO_INSTALL option to pgxs 2021-05-27 13:58:29 +02:00
pl Restore the portal-level snapshot for simple expressions, too. 2021-06-22 17:48:39 -04:00
port Fix error handling in replacement pthread_barrier_init(). 2021-06-01 11:31:06 +12:00
template Further tweaking of PG_SYSROOT heuristics for macOS. 2021-01-20 12:07:23 -05:00
test Fix numeric_mul() overflow due to too many digits after decimal point. 2021-07-10 12:42:59 +01:00
timezone Update time zone data files to tzdata release 2021a. 2021-01-24 16:29:47 -05:00
tools Update configure's probe for libldap to work with OpenLDAP 2.5. 2021-07-09 12:38:55 -04:00
tutorial doc: Prefer explicit JOIN syntax over old implicit syntax in tutorial 2021-04-08 10:51:26 +02:00
.gitignore
DEVELOPERS
Makefile Remove the option to build thread_test.c outside configure. 2020-10-21 12:08:48 -04:00
Makefile.global.in Fix prove_installcheck to use correct paths when used with PGXS 2021-07-01 09:02:46 -04:00
Makefile.shlib Add PostgreSQL home page to --help output 2020-02-28 13:12:21 +01:00
nls-global.mk Add errhint_plural() function and make use of it 2021-03-31 09:16:25 +02:00