Home > mailing lists

Re: Rejecting weak passwords - Mailing list pgsql-hackers

From	Heikki Linnakangas
Subject	Re: Rejecting weak passwords
Date	November 17, 2009 10:41:01
Msg-id	4B028BDA.9080005@enterprisedb.com Whole thread Raw
In response to	Re: Rejecting weak passwords ("Albe Laurenz" <laurenz.albe@wien.gv.at>)
Responses	Re: Rejecting weak passwords
List	pgsql-hackers

Tree view

I think it would better to add an explicit "isencrypted" parameter to
the check_password_hook function, rather than require the module to do
isMD5 on the password. Any imaginable check hook will need to know if
the password is in MD5 format, and the backend already knows it (because
it already did that check), it seems good to let the hook function know.
Besides, if we introduce explicit syntax for saying that the supplied
password is plaintext or md5 one day, calling isMD5 in the module will
no longer be appropriate.

--  Heikki Linnakangas EnterpriseDB   http://www.enterprisedb.com

pgsql-hackers by date:

From: Dimitri Fontaine
Date: 17 November 2009, 10:01:33
Subject: Re: actualised funcs typmod patch

From: "Albe Laurenz"
Date: 17 November 2009, 11:28:16
Subject: Re: Rejecting weak passwords

Re: Rejecting weak passwords - Mailing list pgsql-hackers

Previous

Next