Re: Possible to store invalid SCRAM-SHA-256 Passwords
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Stephen Frost <sfrost@snowman.net>
Cc: raf@raf.org, pgsql-bugs@lists.postgresql.org
Date: 2019-04-23T14:55:28Z
Lists: pgsql-bugs
Stephen Frost <sfrost@snowman.net> writes: > * raf@raf.org (raf@raf.org) wrote: >> I don't think there's anything wrong with prefixing a >> password hash with an identifier for the password >> hashing scheme (and any parameters for that scheme). >> This is done all the time in many systems. It just has >> to be unambiguoous. > There isn't a way to make it unambiguous given that we accept > more-or-less anything as a plaintext password though, that would be the > issue here.. In practice, particularly with the extra validation we just added, it seems vanishingly unlikely that anyone would choose a password that just happened to look like one of the hashed formats. If somebody intentionally chooses such a password, well, it's on their heads whether the outcome is what they want. regards, tom lane
Commits
-
Fix detection of passwords hashed with MD5
- a82c06f4001d 9.4.22 landed
- 20dbc84bd002 9.5.17 landed
- af298f00a1e8 9.6.13 landed
-
Fix detection of passwords hashed with MD5 or SCRAM-SHA-256
- 15fe91e70ec6 10.8 landed
- 7f56d43663dd 11.3 landed
- ccae190b916f 12.0 landed