On Tue, Jan 02, 2018 at 10:35:16AM -0500, Peter Eisentraut wrote: > I see a potential problem with the SCRAM channel binding support. > GnuTLS will not support tls-server-endpoint, so we'll need to check what > happens when a client requests that. (That's not the problem of this > patch, however.)
Doesn't it depend on the first patch merged into HEAD? At the end we'll need to make be_tls_get_certificate_hash() generate an ereport() with ERRCODE_FEATURE_NOT_SUPPORTED and have pgtls_get_peer_certificate_hash() return NULL with conn->errorMessage properly filled. -- Michael
signature.asc
Description: PGP signature