> But what I'm proposing will let ALL clients send an encrypted password
> over the wire and we can also store them encrypted. By comparing twice
> we can maintain backward compatibility. The backend would compare the
> password received with the stored md5 password and compare the received
> password after md5ing it in case it was sent clear-text.
But you can do that with our current system. Store them in pg_shadow
using unix password format. If a cleartext password comes in, crypt it
using the pg_shadow salt and compare them.
-- Bruce Momjian | http://www.op.net/~candle pgman@candle.pha.pa.us | (610)
853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill,
Pennsylvania19026