Home > mailing lists

Re: [HACKERS] scram and \password - Mailing list pgsql-hackers

From	Robert Haas
Subject	Re: [HACKERS] scram and \password
Date	April 26, 2017 00:13:44
Msg-id	CA+Tgmob=P9zCS1Qrmane74m8q3EPnmY827o7OCZtotzrH-H2BQ@mail.gmail.com Whole thread Raw
In response to	Re: [HACKERS] scram and \password (Heikki Linnakangas <hlinnaka@iki.fi>)
Responses	Re: [HACKERS] scram and \password (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

On Tue, Apr 25, 2017 at 11:26 AM, Heikki Linnakangas <hlinnaka@iki.fi> wrote:
> algorithm as argument. But there are open decisions on what the old
> PQencryptPassword() function should do, and also what the new function
> should do by default, if you don't specify an algorithm:
>
> A) Have PQencryptPassword() return an md5 hash.
>
> B) Have PQencryptPassword() return a SCRAM verifier
>
> C) Have PQencryptPassword() return a SCRAM verifier if connected to a v10
> server, and an md5 hash otherwise. This is tricky, because PQencryptPassword
> doesn't take a PGconn argument. It could behave like PQescapeString() does,
> and choose md5/scram depending on the server version of the last connection
> that was established.

I vote for A - leave PQencryptPassword() as-is, and deprecate it.
Tell people to use the new function going forward.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

pgsql-hackers by date:

From: Petr Jelinek
Date: 26 April 2017, 00:12:05
Subject: Re: [HACKERS] PG 10 release notes

From: Peter Eisentraut
Date: 26 April 2017, 00:17:09
Subject: Re: [HACKERS] logical replication and PANIC during shutdowncheckpoint in publisher

Re: [HACKERS] scram and \password - Mailing list pgsql-hackers

Previous

Next