Re: [pgadmin-hackers] Client-side password encryption
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Christopher Kings-Lynne <chriskl@familyhealth.com.au>
Cc: Peter Eisentraut <peter_e@gmx.net>, pgsql-hackers@postgresql.org, Andreas Pflug <pgadmin@pse-consulting.de>, Dave Page <dpage@vale-housing.co.uk>
Date: 2005-12-19T05:37:22Z
Lists: pgsql-hackers
Christopher Kings-Lynne <chriskl@familyhealth.com.au> writes: >> So it appears that pg_md5_encrypt is not officially exported from libpq. >> Does anyone see a problem with adding it to the export list and the >> header file? > Is it different to normal md5? How is this helpful to the phpPgAdmin > project? It would be better to export an API that is (a) less random (why one input null-terminated and the other not?) and (b) less tightly tied to MD5 --- the fact that the caller knows how long the result must be is the main problem here. Something like char *pg_gen_encrypted_passwd(const char *passwd, const char *user) with malloc'd result (or NULL on failure) seems more future-proof. regards, tom lane