postgres

History

Tom Lane b09c248bdd Fix PGXS conventions so that extensions can be built against Postgres installations whose pg_config program does not appear first in the PATH. Per gripe from Eddie Stanley and subsequent discussions with Fabien Coelho and others.		18 years ago
..
Makefile	Fix PGXS conventions so that extensions can be built against Postgres	18 years ago
README.chkpass	Document that chkpass ignores password characters after the eighth.	20 years ago
chkpass.c	Replace direct assignments to VARATT_SIZEP(x) with SET_VARSIZE(x, len).	19 years ago
chkpass.sql.in	Make sure contrib C functions are marked strict where needed.	21 years ago
uninstall_chkpass.sql	Fix a number of syntax errors in contrib modules' uninstall scripts.	20 years ago

README.chkpass

$PostgreSQL: pgsql/contrib/chkpass/README.chkpass,v 1.3 2005/09/23 15:05:04 tgl Exp $

Chkpass is a password type that is automatically checked and converted upon
entry.  It is stored encrypted.  To compare, simply compare agains a clear
text password and the comparison function will encrypt it before comparing.
It also returns an error if the code determines that the password is easily
crackable.  This is currently a stub that does nothing.

I haven't worried about making this type indexable.  I doubt that anyone
would ever need to sort a file in order of encrypted password.

If you precede the string with a colon, the encryption and checking are
skipped so that you can enter existing passwords into the field.

On output, a colon is prepended.  This makes it possible to dump and reload
passwords without re-encrypting them.  If you want the password (encrypted)
without the colon then use the raw() function.  This allows you to use the
type with things like Apache's Auth_PostgreSQL module.

The encryption uses the standard Unix function crypt(), and so it suffers
from all the usual limitations of that function; notably that only the
first eight characters of a password are considered.

D'Arcy J.M. Cain
darcy@druid.net