Re: Possible to store invalid SCRAM-SHA-256 Passwords

Michael Paquier <michael@paquier.xyz>

From: Michael Paquier <michael@paquier.xyz>
To: "Jonathan S. Katz" <jkatz@postgresql.org>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, pgsql-bugs@lists.postgresql.org, Stephen Frost <sfrost@snowman.net>
Date: 2019-04-23T06:57:01Z
Lists: pgsql-bugs

Attachments

On Tue, Apr 23, 2019 at 11:10:18AM +0900, Michael Paquier wrote:
> That's a hard morning...  Yes you are right and I can see the failure.
> By the way, grouping everything in one patch looks more adapted to me
> as this tightens all the checks for the different verifier types.

The afternoon has been better.  I have double-checked your patch and
committed it down to v10.  Now, there are two things which may need
extra handling:
- Do we add a note in the release notes about that with a SQL query
checking the state of pg_authid?
- In ~9.6 we include in md5.h a macro which does not care about hex
characters in the MD5 hash.  I think that we should fix that as well,
or perhaps that's not worth caring per the lack of complaints?
Attached is what would be needed.
--
Michael

Commits

  1. Fix detection of passwords hashed with MD5

  2. Fix detection of passwords hashed with MD5 or SCRAM-SHA-256