On Fri, Mar 03, 2023 at 11:13:36PM +0100, Daniel Gustafsson wrote: > That would indeed be nice, but is there a way to do this without a complicated > pump TAP expression? I was unable to think of a way but I might be missing > something?
A SET command refreshes immediately the cache information of the connection in pqSaveParameterStatus()@libpq, so a test in password.sql with \password would be enough to check the computation happens in pg_fe_scram_build_secret() with the correct iteration number. Say like: =# SET scram_iterations = 234; SET =# \password Enter new password for user "postgres": TYPEME Enter it again: TYPEME =# select substr(rolpassword, 1, 18) from pg_authid where oid::regrole::name = current_role; substr -------------------- SCRAM-SHA-256$234: (1 row) Or perhaps I am missing something? Thanks, -- Michael
signature.asc
Description: PGP signature