diff options
| author | Peter Eisentraut <peter_e@gmx.net> | 2018-01-04 15:18:39 -0500 |
|---|---|---|
| committer | Peter Eisentraut <peter_e@gmx.net> | 2018-01-04 15:29:50 -0500 |
| commit | d3fb72ea6de58d285e278459bca9d7cdf7f6a38b (patch) | |
| tree | 27a374b84f98441e85da97a68dd4d144c699f38a /src/include | |
| parent | 39cfe86195f0b5cbc5fbe8d4e3aa6e2b0e322d0b (diff) | |
| download | postgresql-d3fb72ea6de58d285e278459bca9d7cdf7f6a38b.tar.gz postgresql-d3fb72ea6de58d285e278459bca9d7cdf7f6a38b.zip | |
Implement channel binding tls-server-end-point for SCRAM
This adds a second standard channel binding type for SCRAM. It is
mainly intended for third-party clients that cannot implement
tls-unique, for example JDBC.
Author: Michael Paquier <michael.paquier@gmail.com>
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/common/scram-common.h | 1 | ||||
| -rw-r--r-- | src/include/libpq/libpq-be.h | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/src/include/common/scram-common.h b/src/include/common/scram-common.h index 3d81934fdab..e1d742ba898 100644 --- a/src/include/common/scram-common.h +++ b/src/include/common/scram-common.h @@ -21,6 +21,7 @@ /* Channel binding types */ #define SCRAM_CHANNEL_BINDING_TLS_UNIQUE "tls-unique" +#define SCRAM_CHANNEL_BINDING_TLS_END_POINT "tls-server-end-point" /* Length of SCRAM keys (client and server) */ #define SCRAM_KEY_LEN PG_SHA256_DIGEST_LENGTH diff --git a/src/include/libpq/libpq-be.h b/src/include/libpq/libpq-be.h index e660e8afa84..49cb2631104 100644 --- a/src/include/libpq/libpq-be.h +++ b/src/include/libpq/libpq-be.h @@ -210,6 +210,7 @@ extern void be_tls_get_version(Port *port, char *ptr, size_t len); extern void be_tls_get_cipher(Port *port, char *ptr, size_t len); extern void be_tls_get_peerdn_name(Port *port, char *ptr, size_t len); extern char *be_tls_get_peer_finished(Port *port, size_t *len); +extern char *be_tls_get_certificate_hash(Port *port, size_t *len); #endif extern ProtocolVersion FrontendProtocol; |