Re: Implementation of SASLprep for SCRAM-SHA-256

Поиск
Список
Период
Сортировка
От Michael Paquier
Тема Re: Implementation of SASLprep for SCRAM-SHA-256
Дата
Msg-id CAB7nPqS1ZToxhUU=9oxpo4J_My9+DM6LiP4KhEFQBw5DW6ywxQ@mail.gmail.com
обсуждение исходный текст
Ответ на Re: [HACKERS] Implementation of SASLprep for SCRAM-SHA-256  (Robert Haas <robertmhaas@gmail.com>)
Ответы Re: Implementation of SASLprep for SCRAM-SHA-256  (Heikki Linnakangas <hlinnaka@iki.fi>)
Список pgsql-hackers
On Wed, Mar 8, 2017 at 10:39 PM, Robert Haas <robertmhaas@gmail.com> wrote:
> On Tue, Mar 7, 2017 at 10:01 PM, Michael Paquier
> <michael.paquier@gmail.com> wrote:
>> This way, we can be sure that two UTf-8 strings are considered as
>> equivalent in a SASL exchange, in our case we care about the password
>> string (we should care about the username as well). Without SASLprep,
>> our implementation of SCRAM may fail with other third-part tools if
>> passwords are not made only of ASCII characters. And that sucks.
>
> Agreed.  I am not sure this quite rises to the level of a stop-ship
> issue; we could document the restriction.

I am not sure about that, what we have now on HEAD is still useful and
better than MD5.

> However, that's pretty ugly; it would be a whole lot better to get this fixed.

Agreed.

> I kinda hope Heikki is going to step up to the plate here, because I
> think he understands most of it already.

The second person who knows a good deal about NFKC is Ishii-san.

Attached is a rebased patch.
-- 
Michael

Вложения

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Dilip Kumar
Дата:
Сообщение: Re: Patch: Write Amplification Reduction Method (WARM)
Следующее
От: "Tsunakawa, Takayuki"
Дата:
Сообщение: [bug fix] Savepoint-related statements terminates connection