On Tue, Apr 11, 2017 at 10:07:12PM +0300, Heikki Linnakangas wrote: > On 04/10/2017 08:42 AM, Michael Paquier wrote: > >As there have been some conflicts because of the commit of SASLprep, > >here is a rebased set of patches. A couple of things worth noting: > >- SASLprep does an allocation of the prepared password string. It is > >definitely better to do all the ground work in pg_saslprep but this > >costs a free() call with a #ifdef FRONTEND at the end of > >scram_build_verifier(). > >- Patch 0005 does that: > >+ /* > >+ * Hash password using SCRAM-SHA-256 when connecting to servers > >+ * newer than Postgres 10, and hash with MD5 otherwise. > >+ */ > >+ if (pset.sversion < 100000) > >+ encrypted_password = PQencryptPassword(pw1, user, "md5"); > >+ else > >+ encrypted_password = PQencryptPassword(pw1, user, "scram"); > >Actually I am thinking that guessing the hashing function according to > >the value of password_encryption would make the most sense. Thoughts? > > Thanks! I've been busy on the other thread on future-proofing the protocol > with negotiating the SASL mechanism, I'll come back to this once we get that > settled. By the end of the week, I presume.
This PostgreSQL 10 open item is past due for your status update. Kindly send a status update within 24 hours, and include a date for your subsequent status update. Refer to the policy on open item ownership: https://www.postgresql.org/message-id/20170404140717.GA2675809%40tornado.leadboat.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers