I'm trying to whack this into the final shape that it could actually be committed. The previous thread on SCRAM authentication has grown ridiculously long and meandered into all kinds of details, so I thought it's best to start afresh with a new thread.
So, if you haven't paid attention on this for a while, now would be a good time to have another look at the patch. I believe all the basic functionality, documentation, and tests are there, and there are no known bugs. Please review! I'll start reading through these myself again tomorrow.
One thing that's missing, that we need to address before the release, is the use of SASLPrep to "normalize" the password. We discussed that in the previous thread, and I think we have a good path forward on it. I'd be happy to leave that for a follow-up commit, after these other patches have been committed, so we can discuss that work separately.
These are also available on Michael's github repository, at https://github.com/michaelpq/postgres/tree/scram.
- Heikki
0001-Refactor-SHA2-functions-and-move-them-to-src-common.patch.gz
Description: application/gzip
0002-Add-encoding-routines-for-base64-without-whitespace-.patch.gz
Description: application/gzip
0003-Add-clause-PASSWORD-val-USING-protocol-to-CREATE-ALT.patch.gz
Description: application/gzip
0004-Support-for-SCRAM-SHA-256-authentication-RFC-5802-an.patch.gz
Description: application/gzip
0005-Add-regression-tests-for-passwords.patch.gz
Description: application/gzip
0006-Add-TAP-tests-for-authentication-methods.patch.gz
Description: application/gzip
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers