Re: Client-side password encryption

Andreas Pflug <pgadmin@pse-consulting.de>

From: Andreas Pflug <pgadmin@pse-consulting.de>
To: Dave Page <dpage@vale-housing.co.uk>
Cc: Peter Eisentraut <peter_e@gmx.net>, pgadmin-hackers@postgresql.org
Date: 2005-12-18T16:07:04Z
Lists: pgsql-hackers
Dave Page wrote:
> 
> 
> -----Original Message----- From: pgadmin-hackers-owner@postgresql.org
> on behalf of Peter Eisentraut Sent: Sun 12/18/2005 2:25 AM To:
> pgadmin-hackers@postgresql.org Subject: [pgadmin-hackers] Client-side
> password encryption
> 
> 
>> Commands like CREATE USER foo PASSWORD 'bar' transmit the password
>> in cleartext and possibly save the password in various client or
>> server log files.  I have just fixed this for psql and createuser
>> to encrypt the password on the client side.  A quick check of the
>> pgadmin3 source code shows that you are also affected by this
>> issue.  I ask you to check where you paste cleartext passwords into
>> SQL commands and change those to encrypt the password before
>> sending or storing it anywhere. The required function
>> pg_md5_encrypt() is contained in libpq.
> 
> 
> So did you just rip it from there into psql? I don't see it in the
> list of libpq exports so if thats not the case, on Windows at least
> we'll need to change the api, and possibly the dll name as well to
> avoid any compatibility issues.

And a prototype in libpq-fe.h wouldn't hurt either... And a macro, to 
enable distinguishing md5-enabled libpq versions from older versions.


Regards,
Andreas