Quick Links

Re: Possible to store invalid SCRAM-SHA-256 Passwords

From:	"Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org>
To:	Michael Paquier <michael(at)paquier(dot)xyz>
Cc:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-bugs(at)lists(dot)postgresql(dot)org, Stephen Frost <sfrost(at)snowman(dot)net>
Subject:	Re: Possible to store invalid SCRAM-SHA-256 Passwords
Date:	2019-04-23 01:26:01
Message-ID:	9ce16763-836c-041e-06aa-af3e955444cd@postgresql.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

On 4/22/19 9:01 PM, Michael Paquier wrote:

>
> Also, the extra SELECT query with regexp_replace() is a bit overkill
> for the purpose, and copying again a copy of the regexp around is no
> fun.
>
> In short, I would simplify things as the attached. What do you think?

Outside of the strlen comments, I do like the changes to the tests, +1

I did purposely keep the SCRAM + MD5 changes as separate patches as I
felt they were both atomic, but I have no strong opinions on that.

Thanks,

Jonathan

In response to

Re: Possible to store invalid SCRAM-SHA-256 Passwords at 2019-04-23 01:01:42 from Michael Paquier

Responses

Re: Possible to store invalid SCRAM-SHA-256 Passwords at 2019-04-23 01:28:19 from Tom Lane

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Tom Lane	2019-04-23 01:28:19	Re: Possible to store invalid SCRAM-SHA-256 Passwords
Previous Message	Jonathan S. Katz	2019-04-23 01:16:49	Re: Possible to store invalid SCRAM-SHA-256 Passwords