database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-15 19:21:59 +03:00
Code Activity

Fix use of term "verifier"

Browse Source 
Within the context of SCRAM, "verifier" has a specific meaning in the
protocol, per RFCs.  The existing code used "verifier" differently, to
mean whatever is or would be stored in pg_auth.rolpassword.

Fix this by using the term "secret" for this, following RFC 5803.

Reviewed-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://www.postgresql.org/message-id/flat/be397b06-6e4b-ba71-c7fb-54cae84a7e18%402ndquadrant.com
This commit is contained in:
Peter Eisentraut
2019-10-12 21:17:34 +02:00
parent 5f3d271d03
commit b4675a8ae2
13 changed files with 85 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/interfaces/libpq/fe-auth.c
View File

@ -1251,7 +1251,7 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
*/
if (strcmp(algorithm, "scram-sha-256") == 0)
{
crypt_pwd = pg_fe_scram_build_verifier(passwd);
crypt_pwd = pg_fe_scram_build_secret(passwd);
}
else if (strcmp(algorithm, "md5") == 0)
{