On Tue, Dec 13, 2016 at 10:43 AM, Michael Paquier <michael.paqu...@gmail.com> wrote: > On Mon, Dec 12, 2016 at 11:39 PM, Heikki Linnakangas <hlinn...@iki.fi> wrote: >> A few couple more things that caught my eye while hacking on this:
Looking at what we have now, in the branch... >> * Use SASLPrep for passwords. SASLPrep is defined here: https://tools.ietf.org/html/rfc4013 And stringprep is here: https://tools.ietf.org/html/rfc3454 So that's roughly applying a conversion from the mapping table, taking into account prohibited, bi-directional, mapping characters, etc. The spec says that the password should be in unicode. But we cannot be sure of that, right? Those mapping tables should be likely a separated thing.. (perl has Unicode::Stringprep::Mapping for example). >> * Check nonces, etc. to not contain invalid characters. Fixed this one. >> * Derive mock SCRAM verifier for non-existent users deterministically from >> username. You have put in place the facility to allow that. The only thing that comes in mind to generate something per-cluster is to have BootStrapXLOG() generate an "authentication secret identifier" with a uint64 and add that in the control file. Using pg_backend_random() would be a good idea here. >> * Allow plain 'password' authentication for users with a SCRAM verifier in >> rolpassword. Done. >> * Throw an error if an "authorization identity" is given. ATM, we just >> ignore it, but seems better to reject the attempt than do something that >> might not be what the client expects. Done. >> * Add "scram-sha-256" prefix to SCRAM verifiers stored in >> pg_authid.rolpassword. You did it. -- Michael -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
