Home > mailing lists

Re: Possible to store invalid SCRAM-SHA-256 Passwords - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: Possible to store invalid SCRAM-SHA-256 Passwords
Date	April 23, 2019 04:28:19
Msg-id	11304.1555982899@sss.pgh.pa.us Whole thread Raw
In response to	Re: Possible to store invalid SCRAM-SHA-256 Passwords ("Jonathan S. Katz" <jkatz@postgresql.org>)
List	pgsql-bugs

Tree view

"Jonathan S. Katz" <jkatz@postgresql.org> writes:
> I did purposely keep the SCRAM + MD5 changes as separate patches as I
> felt they were both atomic, but I have no strong opinions on that.

FWIW, it looks like one patch to me: tighten our checks on whether
supposedly-encoded passwords fit the encoding rules.

            regards, tom lane

pgsql-bugs by date:

From: "Jonathan S. Katz"
Date: 23 April 2019, 04:26:01
Subject: Re: Possible to store invalid SCRAM-SHA-256 Passwords

From: Michael Paquier
Date: 23 April 2019, 05:10:18
Subject: Re: Possible to store invalid SCRAM-SHA-256 Passwords

Re: Possible to store invalid SCRAM-SHA-256 Passwords - Mailing list pgsql-bugs

Previous

Next