On 5/25/20 5:45 AM, Peter Eisentraut wrote: > On 2020-05-22 23:23, Jonathan S. Katz wrote: >>> Yeah. But there's still something to Jonathan's argument, because 9.6 >>> will go EOL in November 2021, which is pretty close to when v14 will >>> reach public release (assuming we can hold to the typical schedule). >>> If we do it in v13, there'll be a full year where still-supported >>> versions of PG can't do SCRAM, implying that clients would likely >>> fail to connect to an up-to-date server. >> >> ^ that's what I meant. > > Here is a proposed patch for PG14 then.
This makes me happy :D
I took a look over, it looks good. One question on the initdb.c diff:
- if (strcmp(authmethodlocal, "scram-sha-256") == 0 ||
- strcmp(authmethodhost, "scram-sha-256") == 0)
- {
- conflines = replace_token(conflines,
-
"#password_encryption = md5",
-
"password_encryption = scram-sha-256");
- }
-
Would we reverse this, i.e. if someone chooses authmethodlocal to be
"md5", we would then set "password_encryption = md5"?
Thanks,
Jonathan
signature.asc
Description: OpenPGP digital signature
