From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
---|---|
To: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
Cc: | Noah Misch <noah(at)leadboat(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Jeff Janes <jeff(dot)janes(at)gmail(dot)com>, Joe Conway <mail(at)joeconway(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: scram and \password |
Date: | 2017-04-26 00:46:10 |
Message-ID: | CAB7nPqQyabEE=MPUj_FO_-kdETeaoNB-W8xfhYykwUadyz2ghA@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Wed, Apr 26, 2017 at 12:26 AM, Heikki Linnakangas <hlinnaka(at)iki(dot)fi> wrote:
> Yeah, there is that. But we simply cannot change the signature of an
> existing function. It would not only produce compile-time errors when
> building old applications, which would arguably be a good thing, but it
> would also cause old binaries to segfault when dynamically linked with the
> new libpq.
Sure.
> I think it's clear that we should have a new function that takes the
> algorithm as argument. But there are open decisions on what the old
> PQencryptPassword() function should do, and also what the new function
> should do by default, if you don't specify an algorithm:
>
> A) Have PQencryptPassword() return an md5 hash.
>
> B) Have PQencryptPassword() return a SCRAM verifier
>
> C) Have PQencryptPassword() return a SCRAM verifier if connected to a v10
> server, and an md5 hash otherwise. This is tricky, because PQencryptPassword
> doesn't take a PGconn argument. It could behave like PQescapeString() does,
> and choose md5/scram depending on the server version of the last connection
> that was established.
Like the rest I vote for A, and document it as deprecated.
> ----
> char *
> PQencryptPasswordConn(PGconn *conn,
> const char *passwd,
> const char *user,
> const char *method,
> const char *options)
>
> [...]
Good for me, I was first thinking as well about having "default" as
keyword, NULL is fine as well.
Could it be possible to name the new function as PQhashPassword
instead of PQencryptPassword? From the previous threads we agreed that
encryption makes no sense in this context.
--
Michael
From | Date | Subject | |
---|---|---|---|
Next Message | Andres Freund | 2017-04-26 00:46:20 | Re: Separation walsender & normal backends |
Previous Message | Craig Ringer | 2017-04-26 00:41:46 | Re: Separation walsender & normal backends |