The pgprotocol overloads 'p' messages with PasswordMessage,
SASLInitialResponse, SASLResponse, and GSSResponse. This patch allows
contextual identification of the message by setting the authType in the
frontend and then setting this value in the backend when a
AuthenticationResponseMessage is received.
Per the PG documentation [0], an AuthenticationSASLContinue message has:
AuthenticationSASLContinue (B)
Byte1('R')
Identifies the message as an authentication request.
Int32
Length of message contents in bytes, including self.
Int32(11)
Specifies that this message contains a SASL challenge.
Byten
SASL data, specific to the SASL mechanism being used.
The current implementation was mistakenly adding the lengh of msg bytes
in between the Int32(11) and Byten. There was a similar issue for
AuthenticationSASLFinal.
[0] https://www.postgresql.org/docs/current/protocol-message-formats.html
Yuli Khodorkovskiy
Henrique Vicente
Jack Christensen