diff options
| author | Peter Eisentraut | 2019-10-12 19:17:34 +0000 |
|---|---|---|
| committer | Peter Eisentraut | 2019-10-12 19:41:59 +0000 |
| commit | b4675a8ae2d0aaafeb136c46c92bb56eaf018d32 (patch) | |
| tree | bb1219cbd64f0498e13c5485736870cfc171d79a /src/interfaces | |
| parent | 5f3d271d03b249f5c80e3d3ca946f62a33d7862f (diff) | |
Fix use of term "verifier"
Within the context of SCRAM, "verifier" has a specific meaning in the
protocol, per RFCs. The existing code used "verifier" differently, to
mean whatever is or would be stored in pg_auth.rolpassword.
Fix this by using the term "secret" for this, following RFC 5803.
Reviewed-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://www.postgresql.org/message-id/flat/be397b06-6e4b-ba71-c7fb-54cae84a7e18%402ndquadrant.com
Diffstat (limited to 'src/interfaces')
| -rw-r--r-- | src/interfaces/libpq/fe-auth-scram.c | 6 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-auth.c | 2 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-auth.h | 2 |
3 files changed, 5 insertions, 5 deletions
diff --git a/src/interfaces/libpq/fe-auth-scram.c b/src/interfaces/libpq/fe-auth-scram.c index 693739c5442..741f566a724 100644 --- a/src/interfaces/libpq/fe-auth-scram.c +++ b/src/interfaces/libpq/fe-auth-scram.c @@ -822,10 +822,10 @@ verify_server_signature(fe_scram_state *state) } /* - * Build a new SCRAM verifier. + * Build a new SCRAM secret. */ char * -pg_fe_scram_build_verifier(const char *password) +pg_fe_scram_build_secret(const char *password) { char *prep_password; pg_saslprep_rc rc; @@ -851,7 +851,7 @@ pg_fe_scram_build_verifier(const char *password) return NULL; } - result = scram_build_verifier(saltbuf, SCRAM_DEFAULT_SALT_LEN, + result = scram_build_secret(saltbuf, SCRAM_DEFAULT_SALT_LEN, SCRAM_DEFAULT_ITERATIONS, password); if (prep_password) diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c index 8ca7b393264..a690f3ba3ad 100644 --- a/src/interfaces/libpq/fe-auth.c +++ b/src/interfaces/libpq/fe-auth.c @@ -1251,7 +1251,7 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user, */ if (strcmp(algorithm, "scram-sha-256") == 0) { - crypt_pwd = pg_fe_scram_build_verifier(passwd); + crypt_pwd = pg_fe_scram_build_secret(passwd); } else if (strcmp(algorithm, "md5") == 0) { diff --git a/src/interfaces/libpq/fe-auth.h b/src/interfaces/libpq/fe-auth.h index 2f1af53fb08..3d3db41f8c0 100644 --- a/src/interfaces/libpq/fe-auth.h +++ b/src/interfaces/libpq/fe-auth.h @@ -31,6 +31,6 @@ extern void pg_fe_scram_free(void *opaq); extern void pg_fe_scram_exchange(void *opaq, char *input, int inputlen, char **output, int *outputlen, bool *done, bool *success); -extern char *pg_fe_scram_build_verifier(const char *password); +extern char *pg_fe_scram_build_secret(const char *password); #endif /* FE_AUTH_H */ |