Rename "scram" to "scram-sha-256" in pg_hba.conf and password_encryption.

Per discussion, plain "scram" is confusing because we actually implement SCRAM-SHA-256 rather than the original SCRAM that uses SHA-1 as the hash algorithm. If we add support for SCRAM-SHA-512 or some other mechanism in the SCRAM family in the future, that would become even more confusing. Most of the internal files and functions still use just "scram" as a shorthand for SCRMA-SHA-256, but I did change PASSWORD_TYPE_SCRAM to PASSWORD_TYPE_SCRAM_SHA_256, as that could potentially be used by 3rd party extensions that hook into the password-check hook. Michael Paquier did this in an earlier version of the SCRAM patch set already, but I didn't include that in the version that was committed. Discussion: https://www.postgresql.org/message-id/fde71ff1-5858-90c8-99a9-1c2427e7bafb@iki.fi
2025-08-19 23:22:23 +03:00 · 2017-04-18 14:50:50 +03:00
parent 123aaffb5b
commit c727f120ff
15 changed files with 60 additions and 59 deletions
--- a/src/backend/libpq/auth-scram.c
+++ b/src/backend/libpq/auth-scram.c
@@ -183,7 +183,7 @@ pg_be_scram_init(const char *username, const char *shadow_pass)
 	{
 		int			password_type = get_password_type(shadow_pass);

-		if (password_type == PASSWORD_TYPE_SCRAM)
+		if (password_type == PASSWORD_TYPE_SCRAM_SHA_256)
 		{
 			if (parse_scram_verifier(shadow_pass, &state->salt, &state->iterations,
 									 state->StoredKey, state->ServerKey))