| From: | "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | pgsql-bugs(at)lists(dot)postgresql(dot)org, Stephen Frost <sfrost(at)snowman(dot)net> |
| Subject: | Re: Possible to store invalid SCRAM-SHA-256 Passwords |
| Date: | 2019-04-22 13:04:43 |
| Message-ID: | 17ed1a12-14df-a501-8b58-f4d1eba49e3f@postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On 4/21/19 9:50 PM, Michael Paquier wrote:
> On Sat, Apr 20, 2019 at 04:12:56PM -0400, Jonathan S. Katz wrote:
>> I modified the "get_password_type" function to perform a SCRAM
>> verification to see if it is a properly hashed SCRAM password. If it is,
>> we treat the password as a SCRAM hashed one. Otherwise, we proceed to
>> the next step, which is to treat it as a plainly stored one.
>
> Since v10, we don't allow the storage of plain verifiers so if a
> string does not match what we think is a correct SCRAM or MD5
> verifier, then it should be processed according to
> password_encryption when storing the verifier or processed according
> to the auth protocol with the HBA entry matching. Your patch looks
> fine to me, I would have just added a test case in password.sql (no
> need to send a new patch I can take care of it).
Thanks for verifying. I'm happy to add the test case -- I first wanted
to ensure I was on the right track.
> Any objections to back-patch that stuff to v10?
+1; I did not try it out, but am very confident that scenario #2 would
demonstrate the bug exists in 10 as well.
Thanks,
Jonathan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2019-04-22 13:42:34 | Re: Possible to store invalid SCRAM-SHA-256 Passwords |
| Previous Message | Michael Paquier | 2019-04-22 01:50:51 | Re: Possible to store invalid SCRAM-SHA-256 Passwords |