Postgres 10 highlight - Password file paths as libpq connection parameter
Here is a feature for Postgres 10 that a couple of people will find useful regarding the handling of password files:commit: ba005f193d88a8404e81db3df223cf689d64d75e author: Tom Lane...
View ArticlePostgres 10 highlight - SCRAM authentication
Password are hashed by default in PostgreSQL using MD5, more and more voices show up to mention that this is bad, particularly because it is possible to log into a server by just knowing the contents...
View ArticlePostgres 10 highlight - Tracking of current logfiles
The following feature has landed in Postgres 10 to help system administrators:commit: 19dc233c32f2900e57b8da4f41c0f662ab42e080 author: Robert Haas <rhaas@postgresql.org> date: Fri, 3 Mar 2017...
View ArticlePostgres 10 highlight - SASLprep in SCRAM-SHA-256
An important step in the SCRAM authentication is called SASLprep, a mandatory feature to be sure about the equivalence of two strings encoded with UTF-8. A first commit has added support for...
View ArticlePostgres 10 highlight - Incompatible changes
Postgres 10 will be released in a couple of months, with its beta 1 to be out very soon, and for this release many small, incompatible changes have been introduced during its development to help with...
View ArticleSupport for SCRAM in PostgreSQL drivers
The addition of SCRAM-SHA-256 is proving to have many benefits in PostgreSQL over MD5, but it has required an extension of the authentication protocol so as message exchanges for SASL authentication...
View ArticleChannel binding with OpenSSL and Postgres
With the SCRAM implementation done in Postgres 10, it is time to move on with other things in this area. The next, and perhaps last, area of focus in the implementation of channel binding, on which a...
View Articlepg_rewind and large file handling
The last round of minor releases of PostgreSQL has been released on the 10th of August with a couple of security problem addressed and many more bugs.One item of the release notes refers to pg_rewind...
View ArticlePostgres 11 highlight - pg_receivewal --endpos
A couple of days back a new feature has landed in the PostgreSQL world for the development of version 11, in the shape of the following commit:commit: 6d9fa52645e71711410a66b5349df3be0dd49608 author:...
View ArticlePostgres 11 highlight - Removal of secondary checkpoint
It has been a long time since the last post. Today here is a post about the following feature that will land in Postgres 11:commit: 4b0d28de06b28e57c540fca458e4853854fbeaf8 author: Simon Riggs...
View ArticleGetting more Information about Partitions
A couple of days back a thread has showed up on pgsql-hackers to discuss about the possibility of a function scanning all the partitions of a chain to get its size. The thread is here.Without waiting...
View ArticleEven stronger SCRAM verifiers
As designed by RFC 7677 and RFC 5802, SCRAM verifiers (please take this term as a password if you want, which means a proof of authentication) are defined with default parameters which make the...
View ArticlePostgres 11 highlight - Channel Binding for SCRAM
This post is about a new feature of PostgreSQL 11 I have been working on for the last couple of months, which has finally been merged into the upstream repository. So if nothing goes wrong, we will...
View ArticleAdvanced Password Checks
passwordcheck is a PostgreSQL contrib module able to check if raw password strings are able to respect some policies. For encrypted password, which is what should be used in most cases to avoid passing...
View ArticlePostgres 11 highlight - Indexes and Partitions
Postgres 10 has introduced a lot of basic infrastructure for table partitioning with the presence of mainly a new syntax, and a lot of work happens in this area lately with many new features added in...
View ArticlePostgres 11 highlight - Channel Binding for SCRAM
This post is about a new feature of PostgreSQL 11 I have been working on for the last couple of months, which has finally been merged into the upstream repository. So if nothing goes wrong, we will...
View ArticleAdvanced Password Checks
passwordcheck is a PostgreSQL contrib module able to check if raw password strings are able to respect some policies. For encrypted password, which is what should be used in most cases to avoid passing...
View ArticlePostgres 11 highlight - Indexes and Partitions
Postgres 10 has introduced a lot of basic infrastructure for table partitioning with the presence of mainly a new syntax, and a lot of work happens in this area lately with many new features added in...
View ArticlePostgres 11 highlight - Improvements of PQhost for libpq
As the week ends, here is an explanation behind the following commit which has changed a bit the way the libpq routine called PQhost behaves:commit: 1944cdc98273dbb8439ad9b387ca2858531afcf0 author:...
View ArticlePostgres 11 highlight - Covering Indexes
INCLUDE clause for indexes (as known as covering indexes), is a new feature of PostgreSQL 11 which has been committed recently:commit: 8224de4f42ccf98e08db07b43d52fed72f962ebb author: Teodor Sigaev...
View Article