| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: Re: Proposal for encrypting pg_shadow passwords |
| Date: | 2001-08-16 17:01:27 |
| Message-ID: | 10264.997981287@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> Can someone look at our use of port->salt in the code. The call to
> crypt() assumes port->salt is null-terminated, doesn't it.
I have not looked at the new patch, but the EncryptMD5 routine at the
bottom of the original patch's md5.c definitely does think that the
salt is null-terminated. It'd be a trivial change to pass the salt
as buffer pointer and length, however, avoiding any assumptions about
nullness.
BTW, it occurs to me that the day may come when a 4-byte salt space
looks too small too. Perhaps we should define the MD5 protocol as using
an 8-binary-byte salt. For the moment, you'd fill it with two calls to
random(), which'd not add any more security than using only one call;
but if we ever need a bigger salt space, we don't have to change the
protocol and clients to do it.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2001-08-16 17:04:46 | Re: Re: Proposal for encrypting pg_shadow passwords |
| Previous Message | Bruce Momjian | 2001-08-16 16:56:37 | Re: Re: Proposal for encrypting pg_shadow passwords |