Re: pgcrypto support for bcrypt $2b$ hashes

From: Daniel Fone <daniel(at)fone(dot)net(dot)nz>
To: Daniel Gustafsson <daniel(at)yesql(dot)se>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: pgcrypto support for bcrypt $2b$ hashes
Date: 2021-09-28 21:58:49
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

> On 29/09/2021, at 2:33 AM, Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
>> On 28 Sep 2021, at 05:15, Daniel Fone <daniel(at)fone(dot)net(dot)nz> wrote:
>>> On 26/09/2021, at 12:09 AM, Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
>>> Upgrading our crypt_blowfish.c to the upstream 1.3 version would be the correct
>>> fix IMO, but since we have a few local modifications it's not a drop-in. I
>>> don't think it would be too hairy, but one needs to be very careful when
>>> dealing with crypto.
>> My C experience is limited, but I can make an initial attempt if the effort would be worthwhile. Is this realistically a patch that a newcomer to the codebase should attempt?
> I don't see why not, the best first patches are those scratching an itch. If
> you feel up for it then give it a go, I - and the rest of pgsql-hackers - can
> help if you need to bounce ideas.

I’m glad you said that. I couldn’t resist trying and have attached a patch. By referencing the respective git logs, I didn’t have too much difficulty identifying the material changes in each codebase. I’ve documented all the postgres-specific changes to upstream in the header comment for each file.


Attachment Content-Type Size
0001-Merge-upstream-crypt_blowfish-1.3.patch application/octet-stream 25.3 KB

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2021-09-28 22:17:08 Some thoughts about the TAP tests' wait_for_catchup()
Previous Message Tom Lane 2021-09-28 20:15:14 Re: statement_timeout vs DECLARE CURSOR