Re: [pgadmin-hackers] Client-side password encryption

Christopher Kings-Lynne <chriskl@familyhealth.com.au>

From: Christopher Kings-Lynne <chriskl@familyhealth.com.au>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Andrew Dunstan <andrew@dunslane.net>, Peter Eisentraut <peter_e@gmx.net>, pgsql-hackers@postgresql.org, Andreas Pflug <pgadmin@pse-consulting.de>, Dave Page <dpage@vale-housing.co.uk>
Date: 2005-12-23T02:06:24Z
Lists: pgsql-hackers
>>Where are we on this? In general I agree with Tom, but I have no time to 
>>do the work. Unless someone has an immediate implementation, I suggest 
>>that pro tem we add pg_md5_encrypt to src/interfaces/libpq/exports.txt, 
>>which is the minimum needed to unbreak Windows builds, while this gets 
>>sorted out properly.
> 
> 
> I had forgotten that the Windows build is broken.  I'll see what I can
> do with throwing together the cleaner-API function.

Another question about these encrypted passwords.  phpPgAdmin needs to 
connect to databases that are sometimes on other servers.

I use the pg_connect() function to do this.  This is passed down to 
PQconenct() I presume.

So, can I specify the password to pg_connect() as 
'md5127349123742342344234'?

ie. Can I CONNECT using an md5'd password?

Also, does this work for non-md5 host lines on the server, and how can I 
avoid doing it on older (pre-7.2) PostgreSQL??

Chris