On Thu, Aug 17, 2017 at 9:21 AM, Heikki Linnakangas <hlinn...@iki.fi> wrote: > Different thing. That was the nonce length, now we're talking about salt > length.
Actually that commit (0557a5dc2cf845639d384801b6861ebbd35dc7ee) changed both: -#define SCRAM_RAW_NONCE_LEN 10 +#define SCRAM_RAW_NONCE_LEN 18 /* length of salt when generating new verifiers */ -#define SCRAM_DEFAULT_SALT_LEN 10 +#define SCRAM_DEFAULT_SALT_LEN 12 I don't think I understand exactly how they're different; especially, I don't quite understand how the nonce is used. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
