SCRAM authentication, take three

From: Heikki Linnakangas <hlinnaka(at)iki(dot)fi>
To: pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Cc: Michael Paquier <michael(dot)paquier(at)gmail(dot)com>
Subject: SCRAM authentication, take three
Date: 2017-02-06 12:55:08
Message-ID: 243d8c11-6149-a4bb-0909-136992f74b23@iki.fi
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

I rebased the SCRAM authentication patches over current master. Here you
are.

I'm trying to whack this into the final shape that it could actually be
committed. The previous thread on SCRAM authentication has grown
ridiculously long and meandered into all kinds of details, so I thought
it's best to start afresh with a new thread.

So, if you haven't paid attention on this for a while, now would be a
good time to have another look at the patch. I believe all the basic
functionality, documentation, and tests are there, and there are no
known bugs. Please review! I'll start reading through these myself again
tomorrow.

One thing that's missing, that we need to address before the release, is
the use of SASLPrep to "normalize" the password. We discussed that in
the previous thread, and I think we have a good path forward on it. I'd
be happy to leave that for a follow-up commit, after these other patches
have been committed, so we can discuss that work separately.

These are also available on Michael's github repository, at
https://github.com/michaelpq/postgres/tree/scram.

- Heikki

Attachment Content-Type Size
0001-Refactor-SHA2-functions-and-move-them-to-src-common.patch.gz application/gzip 7.6 KB
0002-Add-encoding-routines-for-base64-without-whitespace-.patch.gz application/gzip 2.5 KB
0003-Add-clause-PASSWORD-val-USING-protocol-to-CREATE-ALT.patch.gz application/gzip 2.5 KB
0004-Support-for-SCRAM-SHA-256-authentication-RFC-5802-an.patch.gz application/gzip 28.6 KB
0005-Add-regression-tests-for-passwords.patch.gz application/gzip 2.2 KB
0006-Add-TAP-tests-for-authentication-methods.patch.gz application/gzip 1.3 KB

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Alvaro Herrera 2017-02-06 13:16:45 Re: Possible spelling fixes
Previous Message Alvaro Herrera 2017-02-06 12:32:28 Re: Index corruption with CREATE INDEX CONCURRENTLY