Home > mailing lists

Re: [HACKERS] SCRAM salt length - Mailing list pgsql-hackers

From	Michael Paquier
Subject	Re: [HACKERS] SCRAM salt length
Date	August 17, 2017 20:28:23
Msg-id	CAB7nPqR63o2Xvr7LqYXE6HyfKRKQ3KqMg7z0Zh5EbeiKKSfa2w@mail.gmail.com Whole thread Raw
In response to	Re: [HACKERS] SCRAM salt length (Heikki Linnakangas <hlinnaka@iki.fi>)
List	pgsql-hackers

Tree view

On Thu, Aug 17, 2017 at 10:21 PM, Heikki Linnakangas <hlinnaka@iki.fi> wrote:
> On 08/17/2017 05:42 AM, Michael Paquier wrote:
>> That's now or never.
>
> Not really. That constant is just the default to use when creating new
> password verifiers, but the code can handle any salt length, and different
> verifiers can have different lengths.

Indeed, fuzzy memory here. I thought that parse_scram_verifier()
checked the salt length with the default value, but that's not the
case. Perhaps at some point in the development there was a check of
this kind..
-- 
Michael

pgsql-hackers by date:

From: Peter Eisentraut
Date: 17 August 2017, 20:23:46
Subject: Re: [HACKERS] SCRAM salt length

From: Amit Kapila
Date: 17 August 2017, 20:38:09
Subject: Re: [HACKERS] [BUGS] [postgresql 10 beta3] unrecognized node type: 90

Re: [HACKERS] SCRAM salt length - Mailing list pgsql-hackers

Previous

Next