On Tue, Apr 25, 2017 at 11:26 AM, Heikki Linnakangas <hlinn...@iki.fi> wrote:
> algorithm as argument. But there are open decisions on what the old
> PQencryptPassword() function should do, and also what the new function
> should do by default, if you don't specify an algorithm:
> A) Have PQencryptPassword() return an md5 hash.
> B) Have PQencryptPassword() return a SCRAM verifier
> C) Have PQencryptPassword() return a SCRAM verifier if connected to a v10
> server, and an md5 hash otherwise. This is tricky, because PQencryptPassword
> doesn't take a PGconn argument. It could behave like PQescapeString() does,
> and choose md5/scram depending on the server version of the last connection
> that was established.

I vote for A - leave PQencryptPassword() as-is, and deprecate it.
Tell people to use the new function going forward.

Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to