On Mon, Sep 30, 2019 at 08:47:33AM +0900, Michael Paquier wrote:
> On Sun, Sep 29, 2019 at 12:51:31PM -0400, Tom Lane wrote:
>> Another point is that this error message is misleading --- or at least
>> would be misleading if the server had X509_get_signature_nid and the
>> client didn't.
>>
>> -#ifdef HAVE_PGTLS_GET_PEER_CERTIFICATE_HASH
>> if (conn->channel_binding[0] != 'd') /* disable */
>> + {
>> +#ifdef HAVE_PGTLS_GET_PEER_CERTIFICATE_HASH
>> selected_mechanism = SCRAM_SHA_256_PLUS_NAME;
>> +#else
>> + printfPQExpBuffer(&conn->errorMessage,
>> + libpq_gettext("client does not support SCRAM-SHA-256-PLUS authentication\n"));
>> + goto error;
>> + }
>> #endif
>> }
>
> Yes, it looks sensible to do that.
If the server publishes SCRAM-SHA-256-PLUS and the server does not
support channel binding, then we get this error message:
"channel binding is required, but server did not offer an
authentication method that supports channel binding."
So that's the part which is wrong.
Now, I am not completely sure that the suggested change is completely
right either as we would get an error in this scenario when
channel_binding is "prefer" or "require". For "require", this error
message is fine. However, for "prefer", shouldn't we do what we do on
HEAD, aka *not* select SCRAM-SHA-256-PLUS and switch to SCRAM-SHA-256?
This would have the advantage to make the connection work with default
parameters.
--
Michael