Skip site navigation (1) Skip section navigation (2)

Re: Rejecting weak passwords

From: Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>
To: "Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at>
Cc: "pgsql-hackers" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Rejecting weak passwords
Date: 2009-11-16 04:24:14
Message-ID: 20091116132413.7D62.52131E4D@oss.ntt.co.jp (view raw or flat)
Thread:
Lists: pgsql-hackers
"Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at> wrote:

> I wrote:
> > Following the discussions in
> > http://archives.postgresql.org/pgsql-hackers/2009-09/msg01766.php
> > and
> > http://archives.postgresql.org/pgsql-hackers/2009-10/msg00025.php ,
> > here are patches for
> > 
> > a) a hook in backend/commands/user.c that allows one to add
> >    password checking functions
> > b) a contrib module that makes use of the hook and
> > c) documentation for the contrib module.
> 
> I found a small but embarrassing bug - here is another version.

I've reviewed your patch. The rough approach looks fine,
but I have some comments about function declarations and coding style.

The hook in core is declared as:
  typedef int(*check_password_hook_type)(char * const username, char * const password);

but result type is actually  treated as a boolean. So, it also should
declared as bool. Also, the type of arguments should be "const char *".


There several comments in contrib/passwordcheck.

 - We don't need #ifdef PG_MODULE_MAGIC because the module works
   only on 8.5 or later; PG_MODULE_MAGIC is always defined there.

 - _PG_fini() is never called in HEAD anymore. Please remove it.

 - The function declaration of _PG_init() should be _PG_init(void).

 - isalpha() should be called as isalpha((unsigned char) c)
   because it could be crashed by multi-byte characters.

 - "8 characters long" would be better if it is configurable easily.
   I don't think it is to be a GUC varable, but #define should be used.

 - The logic in "check if the password contains only letters" should be
   "check if the password contains both upper-case, lower-case and
   non-alphabet letters". Passwords like "12345678' are not enough.

 - Coding style should more follow postgres. For example, posisions
   of '{', usage of spaces and linebreaks.


Regards,
---
ITAGAKI Takahiro
NTT Open Source Software Center



In response to

Responses

pgsql-hackers by date

Next:From: Itagaki TakahiroDate: 2009-11-16 04:37:33
Subject: Re: New VACUUM FULL
Previous:From: Tatsuo IshiiDate: 2009-11-16 04:23:21
Subject: Re: Summary and Plan for Hot Standby

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group