By the way,
I've already implemented this in phpPgAdmin trivially using the md5()
function. I can't be bothered using a C library function :D
Chris
Dave Page wrote:
>
>
>
>>-----Original Message-----
>>From: Tom Lane [mailto:tgl@sss.pgh.pa.us]
>>Sent: 19 December 2005 05:37
>>To: Christopher Kings-Lynne
>>Cc: Peter Eisentraut; pgsql-hackers@postgresql.org; Andreas
>>Pflug; Dave Page
>>Subject: Re: [HACKERS] [pgadmin-hackers] Client-side password
>>encryption
>>
>>Christopher Kings-Lynne <chriskl@familyhealth.com.au> writes:
>>
>>>>So it appears that pg_md5_encrypt is not officially
>>
>>exported from libpq.
>>
>>>>Does anyone see a problem with adding it to the export
>>
>>list and the
>>
>>>>header file?
>>
>>>Is it different to normal md5? How is this helpful to the
>>
>>phpPgAdmin
>>
>>>project?
>>
>>It would be better to export an API that is (a) less random (why one
>>input null-terminated and the other not?) and (b) less tightly tied
>>to MD5 --- the fact that the caller knows how long the result must be
>>is the main problem here.
>>
>>Something like
>> char *pg_gen_encrypted_passwd(const char *passwd, const
>>char *user)
>>with malloc'd result (or NULL on failure) seems more future-proof.
>
>
> Changing the API is likely to cause fun on Windows for new apps that
> find an old libpq.dll. Perhaps at this point it should become
> libpq82.dll?
>
> Regards, Dave.
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/docs/faq
