| From: | Patrick McPhee <pmcphee(at)givex(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Cc: | Andrew Dunstan <andrew(at)dunslane(dot)net>, "D'Arcy J(dot)M(dot) Cain" <darcy(at)druid(dot)net>, "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com> |
| Subject: | Re: Password policy |
| Date: | 2008-01-22 17:00:42 |
| Message-ID: | 200801221200.42748.pmcphee@givex.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wednesday 16 January 2008 08:32, Andrew Dunstan wrote:
> ( Slightly OT - chkpass uses crypt(). Maybe that should be upgraded to
> use md5 or some more modern hashing function. )
Some versions of crypt() will generate md5 hashes if you start the salt with
$1$<salt>$. I know this to work on FreeBSD, NetBSD, and Fedora core, and I
believe it also works on other Linux distributions and Solaris. I have a
patch to chkpass.c which will do this based on a custom GUC. The nice thing
about this is that it continues to work with mod_auth_pgsql. I did have to
change the on-disk representation to fit in the extra data.
D'Arcy, if you're interested I'll send you a patch.
--
Patrick TJ McPhee <pmcphee(at)givex(dot)com>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | mac_man2005 | 2008-01-22 17:44:57 | Re: Polyphase Merge |
| Previous Message | Roberts, Jon | 2008-01-22 16:02:44 | autonomous transactions |