Home > mailing lists

Re: Re: Proposal for encrypting pg_shadow passwords - Mailing list pgsql-patches

From	Bruce Momjian
Subject	Re: Re: Proposal for encrypting pg_shadow passwords
Date	August 16, 2001 17:08:57
Msg-id	200108161656.f7GGucw04343@candle.pha.pa.us Whole thread Raw
In response to	Re: Re: Proposal for encrypting pg_shadow passwords (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Re: Proposal for encrypting pg_shadow passwords (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-patches

Tree view

> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> > Salt is currently defined as char[2].  Should I encode the rand() as
> > char[4] and send that, or skip null and still encode it as char[4].
>
> There's no need to avoid nulls here, AFAICS.  Making the salt a
> fixed-length binary string seems like the best bet.

We have to avoid NULL because we paste together the password and
username with the salt to MD5 encrypt.

Also, I now need two salts, one base62 for crypt and a new one for MD5.

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

pgsql-patches by date:

From: Bruce Momjian
Date: 16 August 2001, 17:05:58
Subject: Re: Re: Proposal for encrypting pg_shadow passwords

From: Tom Lane
Date: 16 August 2001, 17:09:09
Subject: Re: Re: Proposal for encrypting pg_shadow passwords

Re: Re: Proposal for encrypting pg_shadow passwords - Mailing list pgsql-patches

Previous

Next