Re: Password identifiers, protocol aging and SCRAM protocol

Heikki Linnakangas <hlinnaka@iki.fi>

From: Heikki Linnakangas <hlinnaka@iki.fi>
To: Michael Paquier <michael.paquier@gmail.com>, David Steele <david@pgmasters.net>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Robert Haas <robertmhaas@gmail.com>, David Fetter <david@fetter.org>, Alvaro Herrera <alvherre@2ndquadrant.com>, Magnus Hagander <magnus@hagander.net>, Peter Eisentraut <peter.eisentraut@2ndquadrant.com>, Julian Markwort <julian.markwort@uni-muenster.de>, Stephen Frost <sfrost@snowman.net>, PostgreSQL mailing lists <pgsql-hackers@postgresql.org>, Valery Popov <v.popov@postgrespro.ru>
Date: 2016-09-28T09:25:43Z
Lists: pgsql-hackers
On 09/26/2016 09:02 AM, Michael Paquier wrote:
> On Mon, Sep 26, 2016 at 2:15 AM, David Steele <david@pgmasters.net> wrote:
>> * [PATCH 3/8] Switch password_encryption to a enum
>>
>> Does not apply on HEAD (98c2d3332):
>
> Interesting, it works for me on da6c4f6.
>
>> For here on I used 39b691f251 for review and testing.
>> I seems you are keeping on/off for backwards compatibility, shouldn't
>> the default now be "md5"?
>>
>> -#password_encryption = on
>> +#password_encryption = on              # on, off, md5 or plain
>
> That sounds like a good idea, so switched this way.

Committed this patch in the series, to turn password_encryption GUC into 
an enum.

There was one bug in the patch: if a plaintext password was given with 
CREATE/ALTER USER foo PASSWORD 'bar', but password_encryption was 'md5', 
it would incorrectly pass PASSWORD_TYPE_MD5 to the check-password hook. 
That would limit the amount of checking that the hook can do. Fixed 
that. Also edited the docs and comments a little bit, hopefully for the 
better.

Once we get the main SCRAM patch in, we may want to remove the "on" 
alias altogether. We don't promise backwards-compatibility of config 
files or GUC values, and not many people set password_encryption=on 
explicitly anyway, since it's the default. But I kept it now, as there's 
no ambiguity on what "on" means, yet.

- Heikki



Commits

  1. Support SCRAM-SHA-256 authentication (RFC 5802 and 7677).

  2. Refactor SHA2 functions and move them to src/common/.

  3. Replace isMD5() with a more future-proof way to check if pw is encrypted.

  4. Remove bogus notice that older clients might not work with MD5 passwords.

  5. Refactor the code for verifying user's password.

  6. Replace PostmasterRandom() with a stronger source, second attempt.

  7. Remove support for (insecure) crypt authentication.