Home > mailing lists

Re: Possible to store invalid SCRAM-SHA-256 Passwords - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: Possible to store invalid SCRAM-SHA-256 Passwords
Date	April 23, 2019 02:55:34
Msg-id	434.1555977334@sss.pgh.pa.us Whole thread Raw
In response to	Re: Possible to store invalid SCRAM-SHA-256 Passwords ("Jonathan S. Katz" <jkatz@postgresql.org>)
List	pgsql-bugs

Tree view

"Jonathan S. Katz" <jkatz@postgresql.org> writes:
> I debated adding a test...without being able to simulate a log in, I
> don't know if it tests much other than "yes, you can store an invalid
> md5 hash and it treats it as plaintext."

You could probably build something using TAP testing, cf
src/test/authentication/t/001_password.pl

But I really doubt it's worth the trouble ...

            regards, tom lane

pgsql-bugs by date:

From: "Jonathan S. Katz"
Date: 23 April 2019, 02:36:45
Subject: Re: Possible to store invalid SCRAM-SHA-256 Passwords

From: Michael Paquier
Date: 23 April 2019, 03:06:19
Subject: Re: Possible to store invalid SCRAM-SHA-256 Passwords

Re: Possible to store invalid SCRAM-SHA-256 Passwords - Mailing list pgsql-bugs

Previous

Next