Documentation
¶
Overview ¶
Package auth implements the small bits of PostgreSQL's authentication flow that we support: cleartext password and MD5. SCRAM is intentionally stubbed out; see scram_todo.go.
Index ¶
Constants ¶
const ( MechSCRAMSHA256 = "SCRAM-SHA-256" MechSCRAMSHA256Plus = "SCRAM-SHA-256-PLUS" // channel binding; not implemented )
Variables ¶
This section is empty.
Functions ¶
func MD5Password ¶
MD5Password returns the "md5"+hex(md5(hex(md5(password+user))+salt)) form expected by the server for AuthRequestMD5. See the comment in src/backend/libpq/crypt.c for the canonical recipe.
func PickMechanism ¶
PickMechanism scans the NUL-terminated mechanism list from the server's AuthSASL message and picks the strongest one we support.
Types ¶
type SCRAM ¶
type SCRAM struct {
// contains filtered or unexported fields
}
SCRAM holds the per-handshake state.
func (*SCRAM) ClientFinal ¶
ClientFinal consumes the server-first-message and returns the client-final-message. After this, Verify() must be called with the server-final-message body.
func (*SCRAM) ClientFirst ¶
ClientFirst returns the client-first-message body (no GS2 channel binding).