database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-15 19:21:59 +03:00
Code Activity
Files
1c9b6e818f047e07f1de62b4d11e0c5db2d55ab7
postgres/src
History
Heikki Linnakangas 1c9b6e818f Verify that the server constructed the SCRAM nonce correctly. 
The nonce consists of client and server nonces concatenated together. The
client checks the nonce contained the client nonce, but it would get fooled
if the server sent a truncated or even empty nonce.

Reported by Steven Fackler to security@postgresql.org. Neither me or Steven
are sure what harm a malicious server could do with this, but let's fix it.
2017-05-23 05:55:19 -04:00
..
backend
Fix typo in comment
2017-05-22 09:10:02 +02:00
bin
pg_upgrade: Handle hash index upgrades more smoothly.
2017-05-19 16:49:38 -04:00
common
Post-PG 10 beta1 pgperltidy run
2017-05-17 19:01:23 -04:00
fe_utils
Allow psql variable substitution to occur in backtick command strings.
2017-04-01 21:44:54 -04:00
include
Post-PG 10 beta1 pgindent run
2017-05-17 16:31:56 -04:00
interfaces
Verify that the server constructed the SCRAM nonce correctly.
2017-05-23 05:55:19 -04:00
makefiles
Try to fix non-MSVC Windows builds in the wake of logical replication.
2017-01-20 12:51:31 -05:00
pl
Post-PG 10 beta1 pgperltidy run
2017-05-17 19:01:23 -04:00
port
Post-PG 10 beta1 pgindent run
2017-05-17 16:31:56 -04:00
template
Remove "sco" and "unixware" ports.
2016-10-11 11:26:04 -04:00
test
Fix precision and rounding issues in money multiplication and division.
2017-05-21 13:05:16 -04:00
timezone
Guard against null t->tm_zone in strftime.c.
2017-05-07 12:33:12 -04:00
tools
Post-PG 10 beta1 pgperltidy run
2017-05-17 19:01:23 -04:00
tutorial
Recommend wrappers of PG_DETOAST_DATUM_PACKED().
2017-03-12 19:35:33 -04:00
.gitignore
DEVELOPERS
Makefile
Remove redundant coverage target
2017-02-17 08:56:57 -05:00
Makefile.global.in
Specify --outputdir for isolation install check, not just plain check.
2017-05-13 15:13:17 -07:00
Makefile.shlib
Remove support for bcc and msvc standalone libpq builds
2017-04-11 15:22:21 +02:00
nls-global.mk
nls-global.mk: search build dir for source files, too
2016-06-07 18:55:18 -04:00