Tom Lane wrote:
> Applied with some minor modifications. Aside from the added valuntil
> parameter, I changed the "isencrypted" parameter to an int with some
> #define'd values. It seems easily foreseeable that we'll replace the
> MD5 encryption scheme someday, and it'd be good to ensure that this
> API is extendable when that happens. Also, I got rid of the bool
> return value and made the hook responsible for throwing its
> own errors.
> I don't know about you guys, but I would cheerfully kill anybody who
> tried to make me use a password checker that didn't tell me anything
> about why it thinks my password is too weak. (The CrackLib API we
> are using is lamentably badly designed on this score --- does it have
> another call that provides a more useful error report?) Even if you
> think "weak password" is adequate for that class of complaints, the
> single error message would certainly not do for complaints about the
> valuntil date being too far away.
Thank you.
I agree on all points.
I did not know that contrib modules get translated too, else I would
have thrown the error messages there.
Yours,
Laurenz Albe
