On Tue, Apr 25, 2017 at 11:26 AM, Heikki Linnakangas <hlinn...@iki.fi> wrote: > algorithm as argument. But there are open decisions on what the old > PQencryptPassword() function should do, and also what the new function > should do by default, if you don't specify an algorithm: > > A) Have PQencryptPassword() return an md5 hash. > > B) Have PQencryptPassword() return a SCRAM verifier > > C) Have PQencryptPassword() return a SCRAM verifier if connected to a v10 > server, and an md5 hash otherwise. This is tricky, because PQencryptPassword > doesn't take a PGconn argument. It could behave like PQescapeString() does, > and choose md5/scram depending on the server version of the last connection > that was established.
I vote for A - leave PQencryptPassword() as-is, and deprecate it. Tell people to use the new function going forward. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (email@example.com) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers