Re: PG 14 release notes, first draft

Поиск
Список
Период
Сортировка
От Bruce Momjian
Тема Re: PG 14 release notes, first draft
Дата
Msg-id 20210517025102.GA24531@momjian.us
обсуждение исходный текст
Ответ на Re: PG 14 release notes, first draft  (Alvaro Herrera <alvherre@alvh.no-ip.org>)
Ответы Re: PG 14 release notes, first draft  (Alvaro Herrera <alvherre@alvh.no-ip.org>)
Список pgsql-hackers
Дерево обсуждения 
On Sat, May 15, 2021 at 07:05:35PM -0400, Álvaro Herrera wrote:
> On 2021-May-12, Bruce Momjian wrote:
> 
> > OK, updated text:
> > 
> >     <listitem>
> >     <!--
> >     Author: Peter Eisentraut <peter@eisentraut.org>
> >     2020-06-10 [c7eab0e97] Change default of password_encryption to scram-sha-256
> >     -->
> >     
> >     <para>
> >     Change the default of the password_encryption server parameter
> >     to scram-sha-256 (Peter Eisentraut)
> >     </para>
> >     
> >     <para>
> >     Previously it was md5.    All new passwords will be stored as SHA256
> >     unless this server variable is changed or the password is already
> >     md5-hashed.  Also, the legacy (and undocumented) boolean-like
> >     values which were previously synonyms of <literal>md5</literal>
> >     are no longer accepted.
> >     </para>
> >     </listitem>
> 
> Thanks, looks ok as far as what the original point was about.
> 
> I have to say that this sentence is a bit odd: "All new passwords will
> be stored as sha256 unless ... the password is already md5-hashed".
> Does this mean that if you change a password for a user whose password
> was md5, the new one is stored as md5 too even if the setting is
> scram-sha-256?  Or if "the password" means an old password, then why is
> it a new password?

OK, what I was trying to say was that if you dump/restore, and the old
password was md5, the newly-restored password will be md5, but it was
very unclear.  I changed it to this:

    <listitem>
    <!--
    Author: Peter Eisentraut <peter@eisentraut.org>
    2020-06-10 [c7eab0e97] Change default of password_encryption to scram-sha-256
    Author: Peter Eisentraut <peter@eisentraut.org>
    2020-06-10 [c7eab0e97] Change default of password_encryption to scram-sha-256
    -->
    
    <para>
    Change the default of the password_encryption server parameter to
    scram-sha-256 (Peter Eisentraut)
    </para>
    
    <para>
    Previously it was md5.    All new passwords will be stored as SHA256
    unless this server variable is changed or the password is specified
    in md5 format.    Also, the legacy (and undocumented) boolean-like
    values which were previously synonyms for <literal>md5</literal>
    are no longer accepted.
    </para>
    </listitem>

-- 
  Bruce Momjian  <bruce@momjian.us>        https://momjian.us
  EDB                                      https://enterprisedb.com

  If only the physical world exists, free will is an illusion.

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Michael Paquier
Дата:
Сообщение: Re: Rewriting the test of pg_upgrade as a TAP test - take three - remastered set
Следующее
От: Andy Fan
Дата:
Сообщение: Re: Condition pushdown: why (=) is pushed down into join, but BETWEEN or >= is not?