From b4675a8ae2d0aaafeb136c46c92bb56eaf018d32 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Sat, 12 Oct 2019 21:17:34 +0200 Subject: Fix use of term "verifier" Within the context of SCRAM, "verifier" has a specific meaning in the protocol, per RFCs. The existing code used "verifier" differently, to mean whatever is or would be stored in pg_auth.rolpassword. Fix this by using the term "secret" for this, following RFC 5803. Reviewed-by: Michael Paquier Discussion: https://www.postgresql.org/message-id/flat/be397b06-6e4b-ba71-c7fb-54cae84a7e18%402ndquadrant.com --- src/backend/libpq/auth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/backend/libpq/auth.c') diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index 3ef0171192f..0cf65ba5de7 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -818,7 +818,7 @@ CheckPWChallengeAuth(Port *port, char **logdetail) * If 'md5' authentication is allowed, decide whether to perform 'md5' or * 'scram-sha-256' authentication based on the type of password the user * has. If it's an MD5 hash, we must do MD5 authentication, and if it's a - * SCRAM verifier, we must do SCRAM authentication. + * SCRAM secret, we must do SCRAM authentication. * * If MD5 authentication is not allowed, always use SCRAM. If the user * had an MD5 password, CheckSCRAMAuth() will fail. -- cgit v1.2.3