SASL has been around for a long time, but it's now become the default in common postgresql 14 distributions, and we don't support it.
122 Turned a hang into a clear error, but it sucks that pgx won't work out of the box going forward until we fix this. It puts extra requirements on the server config to have to switch back to MD5, and it might conflict with user security requirements.
SASL has been around for a long time, but it's now become the default in common postgresql 14 distributions, and we don't support it.
122 Turned a hang into a clear error, but it sucks that pgx won't work out of the box going forward until we fix this. It puts extra requirements on the server config to have to switch back to MD5, and it might conflict with user security requirements.
Here is a reference implementation of how to do the password handshake: https://github.com/porsager/postgres/blob/master/src/connection.js#L659
I think we could bring in nocrypto or hacl* for this, but I'm not sure how involved it is. We probably would need to use C bindings, but we wouldn't want to add a dependency to the OS for this. pbkdf: https://github.com/abeaumont/ocaml-pbkdf sha256: https://ocaml.org/p/hacl-star/0.4.1/doc/Hacl_star/Hacl/index.html https://docs.mirage.io/nocrypto/Nocrypto/Hash/SHA256/index.html