Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Header And Logo
|
Site Navigation
Re: [pgadmin-hackers] Client-side password encryption
- From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
- To: Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>
- Cc: Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org, Andreas Pflug <pgadmin(at)pse-consulting(dot)de>, Dave Page <dpage(at)vale-housing(dot)co(dot)uk>
- Subject: Re: [pgadmin-hackers] Client-side password encryption
- Date: Mon, 19 Dec 2005 00:37:22 -0500
- Message-id: <20023(dot)1134970642(at)sss(dot)pgh(dot)pa(dot)us>
Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au> writes: >> So it appears that pg_md5_encrypt is not officially exported from libpq. >> Does anyone see a problem with adding it to the export list and the >> header file? > Is it different to normal md5? How is this helpful to the phpPgAdmin > project? It would be better to export an API that is (a) less random (why one input null-terminated and the other not?) and (b) less tightly tied to MD5 --- the fact that the caller knows how long the result must be is the main problem here. Something like char *pg_gen_encrypted_passwd(const char *passwd, const char *user) with malloc'd result (or NULL on failure) seems more future-proof. regards, tom lane
- Follow-Ups:
- Re: [pgadmin-hackers] Client-side password encryption
- From: Andrew Dunstan
- Re: [pgadmin-hackers] Client-side password encryption
- References:
- Re: [pgadmin-hackers] Client-side password encryption
- From: Peter Eisentraut
- Re: [pgadmin-hackers] Client-side password encryption
- From: Christopher Kings-Lynne
- Re: [pgadmin-hackers] Client-side password encryption
- Prev by Date: Re: Recovery from multi trouble
- Next by Date: Re: Recovery from multi trouble
- Previous by thread: Re: [pgadmin-hackers] Client-side password encryption
- Next by thread: Re: [pgadmin-hackers] Client-side password encryption
- Indexes: