Quick Links

Re: Re: Proposal for encrypting pg_shadow passwords

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc:	Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>
Subject:	Re: Re: Proposal for encrypting pg_shadow passwords
Date:	2001-08-16 16:49:30
Message-ID:	10221.997980570@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-patches

Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> Salt is currently defined as char[2]. Should I encode the rand() as
> char[4] and send that, or skip null and still encode it as char[4].

There's no need to avoid nulls here, AFAICS. Making the salt a
fixed-length binary string seems like the best bet.

regards, tom lane

In response to

Re: Re: Proposal for encrypting pg_shadow passwords at 2001-08-16 15:45:45 from Bruce Momjian

Responses

Re: Re: Proposal for encrypting pg_shadow passwords at 2001-08-16 16:56:37 from Bruce Momjian
Re: Re: Proposal for encrypting pg_shadow passwords at 2001-08-16 17:39:22 from Bruce Momjian

Browse pgsql-patches by date

	From	Date	Subject
Next Message	Bruce Momjian	2001-08-16 16:56:37	Re: Re: Proposal for encrypting pg_shadow passwords
Previous Message	Bruce Momjian	2001-08-16 16:37:32	Re: Re: Proposal for encrypting pg_shadow passwords