On Mon, Nov 20, 2017 at 11:35 AM, Michael Paquier <michael.paqu...@gmail.com> wrote: > The last set of patches available here does not apply: > https://www.postgresql.org/message-id/b5e2b87d-3e8a-4597-9a7f-8489b3b67...@yesql.se > The SSL test refactoring is one cause. I think as well that this is > crashing when attempting to use SCRAM authentication with the SSL > brand of macos and SCRAM's channel binding. I am going to send a patch > which allows handling of no support for channel bindings for a given > SSL implementation, something needed as well by the gnutls patch. > Please make sure that you define at least be_tls_get_peer_finished() > and pgtls_get_finished() with a NULL result and a length of 0 as > return results as, as far as I can see, macos does not give direct > access to the TLS finish message bytes. At least that's not > documented.
This last comment is from last week, so I am marking the patch as returned with feedback. This also needs more thoughts for channel binding support with SCRAM. -- Michael
