Fix use of term "verifier"

Within the context of SCRAM, "verifier" has a specific meaning in the
protocol, per RFCs.  The existing code used "verifier" differently, to
mean whatever is or would be stored in pg_auth.rolpassword.

Fix this by using the term "secret" for this, following RFC 5803.

Reviewed-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://www.postgresql.org/message-id/flat/be397b06-6e4b-ba71-c7fb-54cae84a7e18%402ndquadrant.com

1 files changed, 3 insertions, 3 deletions

diff --git a/src/include/common/scram-common.h b/src/include/common/scram-common.h
index d52df67ec8b..1c46dee58cd 100644
--- a/src/include/common/scram-common.h
+++ b/src/include/common/scram-common.h
@@ -33,14 +33,14 @@
 #define SCRAM_RAW_NONCE_LEN			18
 
 /*
- * Length of salt when generating new verifiers, in bytes.  (It will be stored
+ * Length of salt when generating new secrets, in bytes.  (It will be stored
  * and sent over the wire encoded in Base64.)  16 bytes is what the example in
  * RFC 7677 uses.
  */
 #define SCRAM_DEFAULT_SALT_LEN		16
 
 /*
- * Default number of iterations when generating verifier.  Should be at least
+ * Default number of iterations when generating secret.  Should be at least
  * 4096 per RFC 7677.
  */
 #define SCRAM_DEFAULT_ITERATIONS	4096
@@ -64,7 +64,7 @@ extern void scram_H(const uint8 *str, int len, uint8 *result);
 extern void scram_ClientKey(const uint8 *salted_password, uint8 *result);
 extern void scram_ServerKey(const uint8 *salted_password, uint8 *result);
 
-extern char *scram_build_verifier(const char *salt, int saltlen, int iterations,
+extern char *scram_build_secret(const char *salt, int saltlen, int iterations,
 								  const char *password);
 
 #endif							/* SCRAM_COMMON_H */