On Thu, Aug 17, 2017 at 10:21 PM, Heikki Linnakangas <hlinn...@iki.fi> wrote:
> On 08/17/2017 05:42 AM, Michael Paquier wrote:
>> That's now or never.
> Not really. That constant is just the default to use when creating new
> password verifiers, but the code can handle any salt length, and different
> verifiers can have different lengths.

Indeed, fuzzy memory here. I thought that parse_scram_verifier()
checked the salt length with the default value, but that's not the
case. Perhaps at some point in the development there was a check of
this kind..

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to