On 5/25/20 5:45 AM, Peter Eisentraut wrote:
> On 2020-05-22 23:23, Jonathan S. Katz wrote:
>>> Yeah. But there's still something to Jonathan's argument, because 9.6
>>> will go EOL in November 2021, which is pretty close to when v14 will
>>> reach public release (assuming we can hold to the typical schedule).
>>> If we do it in v13, there'll be a full year where still-supported
>>> versions of PG can't do SCRAM, implying that clients would likely
>>> fail to connect to an up-to-date server.
>>
>> ^ that's what I meant.
>
> Here is a proposed patch for PG14 then.
This makes me happy :D
I took a look over, it looks good. One question on the initdb.c diff:
- if (strcmp(authmethodlocal, "scram-sha-256") == 0 ||
- strcmp(authmethodhost, "scram-sha-256") == 0)
- {
- conflines = replace_token(conflines,
- "#password_encryption = md5",
- "password_encryption = scram-sha-256");
- }
-
Would we reverse this, i.e. if someone chooses authmethodlocal to be
"md5", we would then set "password_encryption = md5"?
Thanks,
Jonathan