Home > mailing lists

Re: password_encryption default - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: password_encryption default
Date	May 26, 2020 11:25:25
Msg-id	52ebc049-d2eb-dfe0-0ae2-6e166f16f280@2ndquadrant.com Whole thread Raw
In response to	Re: password_encryption default ("Jonathan S. Katz" <jkatz@postgresql.org>)
Responses	Re: password_encryption default (Michael Paquier <michael@paquier.xyz>) Re: password_encryption default ("Jonathan S. Katz" <jkatz@postgresql.org>)
List	pgsql-hackers

Tree view

On 2020-05-25 17:57, Jonathan S. Katz wrote:
> I took a look over, it looks good. One question on the initdb.c diff:
> 
> -    if (strcmp(authmethodlocal, "scram-sha-256") == 0 ||
> -        strcmp(authmethodhost, "scram-sha-256") == 0)
> -    {
> -        conflines = replace_token(conflines,
> -                                  "#password_encryption = md5",
> -                                  "password_encryption = scram-sha-256");
> -    }
> -
> 
> Would we reverse this, i.e. if someone chooses authmethodlocal to be
> "md5", we would then set "password_encryption = md5"?

Yeah, I was too enthusiastic about removing that.  Here is a better patch.

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

Attachment

v2-0001-Change-default-of-password_encryption-to-scram-sh.patch

pgsql-hackers by date:

From: Andy Fan
Date: 26 May 2020, 11:22:01
Subject: Make the qual cost on index Filter slightly higher than qual cost onindex Cond.

From: Peter Eisentraut
Date: 26 May 2020, 11:28:42
Subject: Re: some grammar refactoring

Re: password_encryption default - Mailing list pgsql-hackers

Attachment

Previous

Next