| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Aleksander Alekseev <a(dot)alekseev(at)postgrespro(dot)ru>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: SCRAM salt length |
| Date: | 2017-08-17 14:28:23 |
| Message-ID: | CAB7nPqR63o2Xvr7LqYXE6HyfKRKQ3KqMg7z0Zh5EbeiKKSfa2w@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Aug 17, 2017 at 10:21 PM, Heikki Linnakangas <hlinnaka(at)iki(dot)fi> wrote:
> On 08/17/2017 05:42 AM, Michael Paquier wrote:
>> That's now or never.
>
> Not really. That constant is just the default to use when creating new
> password verifiers, but the code can handle any salt length, and different
> verifiers can have different lengths.
Indeed, fuzzy memory here. I thought that parse_scram_verifier()
checked the salt length with the default value, but that's not the
case. Perhaps at some point in the development there was a check of
this kind..
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2017-08-17 14:38:09 | Re: [HACKERS] [postgresql 10 beta3] unrecognized node type: 90 |
| Previous Message | Peter Eisentraut | 2017-08-17 14:23:46 | Re: SCRAM salt length |