On Wed, Aug 7, 2024 at 5:55 AM Heikki Linnakangas wrote:
> On 06/08/2024 03:58, Thomas Munro wrote:
> > On Tue, Aug 6, 2024 at 2:41 AM Heikki Linnakangas wrote:
> >> What if the message contains multiple attribute of the same type? If
> >> there's a duplicate Message-Authenticator, we should sure
On 06/08/2024 03:58, Thomas Munro wrote:
On Tue, Aug 6, 2024 at 2:41 AM Heikki Linnakangas wrote:
What if the message contains multiple attribute of the same type? If
there's a duplicate Message-Authenticator, we should surely reject the
packet. I don't know if duplicate attributes are legal in
On Mon, Aug 05, 2024 at 05:41:21PM +0300, Heikki Linnakangas wrote:
> On 05/08/2024 15:43, Thomas Munro wrote:
>> Since PostgreSQL v12 and v13 don't have the modern "common/hmac.h"
>> API, I came up with a cheap kludge: locally #define those interfaces
>> to point directly to the OpenSSL HMAC API,
On Tue, Aug 6, 2024 at 2:41 AM Heikki Linnakangas wrote:
> Seems that on linux or freebsd, you'd plow ahead even if the binary is
> not found, and fail later, while on macOS you'd skip the tests. I think
> we should always error out if the dependencies are not found. If you
> make an effort to add
Heikki Linnakangas writes:
> On 05/08/2024 15:43, Thomas Munro wrote:
>> The response requirement can be enabled by radiusrequirema=1 in
>> pg_hba.conf. For example, Debian stable is currently shipping
>> FreeRADIUS 3.2.1 which doesn't yet send the MA in its responses, but
>> FreeBSD and Debian "
On 05/08/2024 15:43, Thomas Munro wrote:
The response requirement can be enabled by radiusrequirema=1 in
pg_hba.conf. For example, Debian stable is currently shipping
FreeRADIUS 3.2.1 which doesn't yet send the MA in its responses, but
FreeBSD and Debian "testing" have started shipping FreeRADIU
