Skip site navigation (1) Skip section navigation (2)

Re: ODBC and crypted passwords

From: Patrick Welche <prlw1(at)newn(dot)cam(dot)ac(dot)uk>
To: pgsql-interfaces(at)postgresql(dot)org
Subject: Re: ODBC and crypted passwords
Date: 2000-04-10 09:36:13
Message-ID: 20000410103613.D1005@quartz.newn.cam.ac.uk (view raw or flat)
Thread:
Lists: pgsql-interfaces
On Sun, Apr 09, 2000 at 04:22:58PM -0400, Alex Verstak wrote:
> 
> Tom Lane wrote:
> > Hmm.  Can we find a freely-distributable version of libcrypt anywhere?
> > 
> > (Actually, now that I think about it, I'm not entirely sure that crypt()
> > implements exactly the same transformation on every Unix platform.
> > It may be that you have to have a version of crypt() that matches the
> > one on your server's platform.  That would be a pain in the neck ...
> > but if we did find an open-source libcrypt, maybe we could standardize
> > on using it in preference to vendor crypts...)
> 
>   I have no problem running the PostgreSQL server on Solaris and
>   using a FreeBSD client with crypt authentication.  Both systems
>   use DES.  Problems arise when systems try to work around the US
>   export restrictions and supply MD5 or other weak encryption.
>   
>   For the same reason, you cannot make strong authentication code
>   available on your website.  The best you can do is provide
>   a pointer to some DES implementation outside the US and instruct
>   users to download and use this one if their systems do not work
>   together.  Another alternative is to include MD5 in the distribution,
>   but use the system crypt by default, with a configuration option
>   to switch to MD5.

I wonder whether SASL http://asg.web.cmu.edu/sasl/ is worth considering.
AFAICT postgresql would say authenticate userid,password,mechanism, and
sasl replies yes or no, and different mechanisms seem to plug in reasonably
cleanly.

Cheers,

Patrick

In response to

pgsql-interfaces by date

Next:From: Magnus HaganderDate: 2000-04-10 18:19:59
Subject: RE: ODBC and crypted passwords
Previous:From: Stephen DaviesDate: 2000-04-09 22:57:47
Subject: Re: ODBC and crypted passwords

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group