On Wed, Mar 2, 2016 at 4:05 AM, Dmitry Dolgov <9erthalion6@gmail.com> wrote:
> [...]
Thanks for the review.
> The default value contains "scram". Shouldn't be here also:
>
>> Specifies a comma-separated list of supported password formats by
>> the server. Supported formats are currently <literal>plain</>,
>> <literal>md5</> and <literal>scram</>.
>
> Or I missed something?
Ah, I see. That's in the documentation of password_protocols. Yes
scram should be listed there as well. That should be fixed in 0009.
>> <para>
>> <varname>db_user_namespace</> causes the client's and
>> server's user name representation to differ.
>> Authentication checks are always done with the server's user name
>> so authentication methods must be configured for the
>> server's user name, not the client's. Because
>> <literal>md5</> uses the user name as salt on both the
>> client and server, <literal>md5</> cannot be used with
>> <varname>db_user_namespace</>.
>> </para>
>
> Looks like the same (pls, correct me if I'm wrong) is applicable for "scram"
> as I see from the code below. Shouldn't be "scram" mentioned here also?
Oops. Good catch. Yes it should be mentioned as part of the SCRAM patch (0009).
--
Michael