Release 2.27.0.0-b504: [#28108] YSQL: Add a gflag to toggle SCRAM with channel binding · yugabyte/yugabyte-db

2.27.0.0-b504
b9588a4
Choose a tag to compare

Filter

View all tags

2.27.0.0-b504: [#28108] YSQL: Add a gflag to toggle SCRAM with channel binding

2.27.0.0-b504
b9588a4
Choose a tag to compare

Filter

View all tags

vdamle-yb tagged this 29 Aug 11:51

Summary:
Per [[ https://github.com/yugabyte/yugabyte-db/issues/28108 | #28108 ]], this diff adds a gflag to enable SCRAM with channel binding (referred to
as SCRAM-SHA-256-PLUS during the SASL message exchange). The default value of the flag
`ysql_enable_scram_channel_binding` is false.

The aim is to make the option to use channel binding explicit as connection manager does not
support SCRAM with channel binding. Thus, clients forcing channel binding would see differing
behaviour with and without connection manager by default. Forcing explicit enabling of channel
binding ensures this is intentional.
Jira: DB-17738

Test Plan: Jenkins: all tests

Reviewers: skumar, mkumar, asrinivasan, arpit.saxena, jason

Reviewed By: arpit.saxena

Subscribers: jason, yql

Differential Revision: https://phorge.dev.yugabyte.com/D45834

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Uh oh!