On Thu, Aug 17, 2017 at 9:21 AM, Heikki Linnakangas <hlinn...@iki.fi> wrote:
> Different thing. That was the nonce length, now we're talking about salt
> length.

Actually that commit (0557a5dc2cf845639d384801b6861ebbd35dc7ee) changed both:

-#define SCRAM_RAW_NONCE_LEN         10
+#define SCRAM_RAW_NONCE_LEN         18

 /* length of salt when generating new verifiers */
-#define SCRAM_DEFAULT_SALT_LEN      10
+#define SCRAM_DEFAULT_SALT_LEN      12

I don't think I understand exactly how they're different; especially,
I don't quite understand how the nonce is used.

Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to