| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org>, Andres Freund <andres(at)anarazel(dot)de>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Raising the SCRAM iteration count |
| Date: | 2023-03-07 08:26:41 |
| Message-ID: | 66B5757A-43E7-4824-97D8-AD0B028282DC@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On 7 Mar 2023, at 05:53, Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>
> On Fri, Mar 03, 2023 at 11:13:36PM +0100, Daniel Gustafsson wrote:
>> That would indeed be nice, but is there a way to do this without a complicated
>> pump TAP expression? I was unable to think of a way but I might be missing
>> something?
>
> A SET command refreshes immediately the cache information of the
> connection in pqSaveParameterStatus()@libpq, so a test in password.sql
> with \password would be enough to check the computation happens in
> pg_fe_scram_build_secret() with the correct iteration number. Say
> like:
> =# SET scram_iterations = 234;
> SET
> =# \password
> Enter new password for user "postgres": TYPEME
> Enter it again: TYPEME
> =# select substr(rolpassword, 1, 18) from pg_authid
> where oid::regrole::name = current_role;
> substr
> --------------------
> SCRAM-SHA-256$234:
> (1 row)
>
> Or perhaps I am missing something?
Right, what I meant was: can a pg_regress sql/expected test drive a psql
interactive prompt? Your comments suggested using password.sql so I was
curious if I was missing a neat trick for doing this.
--
Daniel Gustafsson
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Damir Belyalov | 2023-03-07 08:35:32 | Re: POC PATCH: copy from ... exceptions to: (was Re: VLDB Features) |
| Previous Message | Pavel Stehule | 2023-03-07 08:08:43 | Re: using memoize in in paralel query decreases performance |