RE: ODBC and crypted passwords

> Magnus Hagander <mha(at)sollentuna(dot)net> writes:
> >>>> Is there something which makes a 'crypt' implementation hard?
> >>
> >> I imagine the problem is that he doesn't want to depend on
> the 'crypt'
> >> library, which is standard on Unixen but not (AFAIK) on Windows.
> >> Otherwise it'd be easy to transpose libpq's code into the
> odbc driver.
> >> (OTOH, I believe there are ports of libpq for Windows, so
> >> maybe crypt() is available there? Anyone know?)
>
> > Actually, the crypt()ed authentication is not supported on
> libpq for Win32.
> > I meant to do this, but I had completely forgotten...
>
> Hmm. Can we find a freely-distributable version of libcrypt anywhere?
>
> (Actually, now that I think about it, I'm not entirely sure
> that crypt()
> implements exactly the same transformation on every Unix platform.
> It may be that you have to have a version of crypt() that matches the
> one on your server's platform. That would be a pain in the neck ...
> but if we did find an open-source libcrypt, maybe we could standardize
> on using it in preference to vendor crypts...)

There is one in FreeBSD at least (since we want BSD license, right?) I don't
know how portable it is - but it shuold be Ok if it's in FreeBSD.
And I beleive it's not the same on different platforms, so we'd probably
want to include it (at least optionally) in the server.

It's in the FreeBSD CVS (I found it through the cvsweb interface) in
/src/secure/lib/libcrypt/crypt-des.c, I think.

//Magnus