The SCRAM protocol documentation (https://www.postgresql.org/docs/devel/static/sasl-authentication.html) states
"To avoid confusion, the client should use pg_same_as_startup_message as the username in the client-first-message." However, the client implementation in libpq doesn't actually do that, it sends an empty string for the user name. I find no other reference to "pg_same_as_startup_message" in the sources. Should the documentation be updated? Relatedly, the SCRAM specification doesn't appear to allow omitting the user name in this manner. Why don't we just send the actual user name, even though it's redundant with the startup message? -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
