| From: | Japin Li <japinli(at)hotmail(dot)com> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> |
| Cc: | Bernd Helmle <mailings(at)oopsware(dot)de>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Modern SHA2- based password hashes for pgcrypto |
| Date: | 2025-01-27 04:28:16 |
| Message-ID: | ME0P300MB0445AB105D934CBB1F859D57B6EC2@ME0P300MB0445.AUSP300.PROD.OUTLOOK.COM |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, 24 Jan 2025 at 19:06, Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> wrote:
> On 2025-Jan-24, Bernd Helmle wrote:
>
>> So we behave exactly the same way as px_crypt_md5(): It stops after the
>> first '$' after the magic byte preamble. For shacrypt, this could be
>> the next '$' after the closing one of the non-mandatory 'rounds'
>> option, but with your example this doesn't happen since it gets never
>> parsed. The salt length will be set to 0.
>
> IMO silently using no salt or 0 iterations because the input is somewhat
> broken is bad security and should be rejected. If we did so in the past
> without noticing, that's bad already, but we should not replicate that
> behavior any further.
>
I agree with this point, so maybe we should fix this for px_crypt_md().
--
Regrads,
Japin Li
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Umar Hayat | 2025-01-27 04:40:37 | Re: New process of getting changes into the commitfest app |
| Previous Message | Michael Paquier | 2025-01-27 03:53:36 | Re: [PATCH] Optionally record Plan IDs to track plan changes for a query |