Re: Password identifiers, protocol aging and SCRAM protocol
Heikki Linnakangas <hlinnaka@iki.fi>
From: Heikki Linnakangas <hlinnaka@iki.fi>
To: Michael Paquier <michael.paquier@gmail.com>
Cc: David Steele <david@pgmasters.net>, Tom Lane <tgl@sss.pgh.pa.us>,
Robert Haas <robertmhaas@gmail.com>, David Fetter <david@fetter.org>,
Alvaro Herrera <alvherre@2ndquadrant.com>,
Magnus Hagander <magnus@hagander.net>,
Peter Eisentraut <peter.eisentraut@2ndquadrant.com>,
Julian Markwort <julian.markwort@uni-muenster.de>,
Stephen Frost <sfrost@snowman.net>,
PostgreSQL mailing lists <pgsql-hackers@postgresql.org>,
Valery Popov <v.popov@postgrespro.ru>
Date: 2016-09-28T09:53:52Z
Lists: pgsql-hackers
On 09/26/2016 09:02 AM, Michael Paquier wrote: >> * [PATCH 2/8] Move encoding routines to src/common/ >> > >> > I wonder if it is confusing to have two of encode.h/encode.c. Perhaps >> > they should be renamed to make them distinct? > Yes it may be a good idea to rename that, like encode_utils.[c|h] for > the new files. Looking at these encoding functions, the SCRAM protocol actually uses base64 for everything. The hex encoding is only used in the server, to encode the StoredKey and ServerKey in pg_authid. So we don't need that in the client. It would actually make sense to use base64 for the fields in pg_authid, too. Takes less space, and seems more natural for SCRAM anyway. libpq actually has its own implementation of hex encoding and decoding already, in fe-exec.c. So if we wanted to use hex-encoding for something, we could use that, or if we moved the routines from src/backend/utils/encode.c, then we should try to reuse them for the purposes of fe-exec.c, too. And libpq already has an implementation of the 'escape' encoding, too, in fe-exec.c. But as I said above, I don't think we need to touch any of that. In summary, I think we only need to move the base64 routines to src/common. I'd prefer to be quite surgical in what we put in src/common, and avoid moving stuff that's not strictly required by both the server and the client. - Heikki
Commits
-
Support SCRAM-SHA-256 authentication (RFC 5802 and 7677).
- 818fd4a67d61 10.0 landed
-
Refactor SHA2 functions and move them to src/common/.
- 273c458a2b3a 10.0 landed
-
Replace isMD5() with a more future-proof way to check if pw is encrypted.
- dbd69118c05d 10.0 landed
-
Remove bogus notice that older clients might not work with MD5 passwords.
- 7e3ae5455948 9.2.20 landed
- 470af1f41c8b 9.3.16 landed
- ada2cdb61015 9.4.11 landed
- 65a7f190b253 9.5.6 landed
- 7546c135dc30 9.6.2 landed
- 31c54096a18f 10.0 landed
-
Refactor the code for verifying user's password.
- e7f051b8f9a6 10.0 landed
-
Replace PostmasterRandom() with a stronger source, second attempt.
- fe0a0b5993df 10.0 landed
-
Remove support for (insecure) crypt authentication.
- 53a5026b5cb3 8.4.0 cited