Fix use of term "verifier"

Within the context of SCRAM, "verifier" has a specific meaning in the protocol, per RFCs. The existing code used "verifier" differently, to mean whatever is or would be stored in pg_auth.rolpassword. Fix this by using the term "secret" for this, following RFC 5803. Reviewed-by: Michael Paquier <michael@paquier.xyz> Discussion: https://www.postgresql.org/message-id/flat/be397b06-6e4b-ba71-c7fb-54cae84a7e18%402ndquadrant.com
2025-06-29 10:41:53 +03:00 · 2019-10-12 21:17:34 +02:00
parent 5f3d271d03
commit b4675a8ae2
13 changed files with 85 additions and 85 deletions
--- a/src/common/scram-common.c
+++ b/src/common/scram-common.c
@ -181,7 +181,7 @@ scram_ServerKey(const uint8 *salted_password, uint8 *result)


 /*
- * Construct a verifier string for SCRAM, stored in pg_authid.rolpassword.
+ * Construct a SCRAM secret, for storing in pg_authid.rolpassword.
 *
 * The password should already have been processed with SASLprep, if necessary!
 *
@ -189,7 +189,7 @@ scram_ServerKey(const uint8 *salted_password, uint8 *result)
 * palloc'd or malloc'd, so caller is responsible for freeing it.
 */
 char *
-scram_build_verifier(const char *salt, int saltlen, int iterations,
+scram_build_secret(const char *salt, int saltlen, int iterations,
 					 const char *password)
 {
 	uint8		salted_password[SCRAM_KEY_LEN];