rust/neon
1
0
Fork 0
mirror of https://github.com/neondatabase/neon.git synced 2026-01-07 05:22:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

channel binding (#5683)

Browse Source 
## Problem

channel binding protects scram from sophisticated MITM attacks where the
attacker is able to produce 'valid' TLS certificates.

## Summary of changes

get the tls-server-end-point channel binding, and verify it is correct
for the SCRAM-SHA-256-PLUS authentication flow
This commit is contained in:
Conrad Ludgate
2023-11-27 21:45:15 +00:00
committed by GitHub
parent e09bb9974c
commit 316309c85b
15 changed files with 601 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
proxy/Cargo.toml
View File

@@ -76,3 +76,4 @@ tokio-util.workspace = true
rcgen.workspace = true
rstest.workspace = true
tokio-postgres-rustls.workspace = true
postgres-protocol.workspace = true