Re: [pgadmin-hackers] Client-side password encryption
Christopher Kings-Lynne <chriskl@familyhealth.com.au>
From: Christopher Kings-Lynne <chriskl@familyhealth.com.au>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Andrew Dunstan <andrew@dunslane.net>, Peter Eisentraut <peter_e@gmx.net>, pgsql-hackers@postgresql.org, Andreas Pflug <pgadmin@pse-consulting.de>, Dave Page <dpage@vale-housing.co.uk>
Date: 2005-12-23T02:06:24Z
Lists: pgsql-hackers
>>Where are we on this? In general I agree with Tom, but I have no time to >>do the work. Unless someone has an immediate implementation, I suggest >>that pro tem we add pg_md5_encrypt to src/interfaces/libpq/exports.txt, >>which is the minimum needed to unbreak Windows builds, while this gets >>sorted out properly. > > > I had forgotten that the Windows build is broken. I'll see what I can > do with throwing together the cleaner-API function. Another question about these encrypted passwords. phpPgAdmin needs to connect to databases that are sometimes on other servers. I use the pg_connect() function to do this. This is passed down to PQconenct() I presume. So, can I specify the password to pg_connect() as 'md5127349123742342344234'? ie. Can I CONNECT using an md5'd password? Also, does this work for non-md5 host lines on the server, and how can I avoid doing it on older (pre-7.2) PostgreSQL?? Chris