Re: [PATCH] Add CHECK_FOR_INTERRUPTS in scram_SaltedPassword loop.
Bowen Shi <zxwsbg12138@gmail.com>
From: Bowen Shi <zxwsbg12138@gmail.com>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Aleksander Alekseev <aleksander@timescale.com>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2023-11-23T04:05:34Z
Lists: pgsql-hackers
Attachments
- v2_0001-Add-CHECK_FOR_INTERRUPTS-in-scram_SaltedPassword-loo.patch (application/x-patch) patch v2-0001
> I don't think it would be useful to limit this at an arbitrary point, iteration > count can be set per password and if someone wants a specific password to be > super-hard to brute force then why should we limit that? I agree with that. Maybe some users do want a super-hard password. RFC 7677 and RFC 5802 don't specify the maximum number of iterations. > If we want to add CHECK_FOR_INTERRUPTS inside the loop I think a brief > comment would be appropriate. This has been completed in patch v2 and it's ready for review. Regards Bowen Shi
Commits
-
Add CHECK_FOR_INTERRUPTS() in scram_SaltedPassword() for the backend
- 07cb7bc1c7a8 16.2 landed
- 14f2f9eb1a15 17.0 landed