mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-12-03 08:00:21 +08:00
.. | ||
chkpass.c | ||
chkpass.sql.in | ||
Makefile | ||
README.chkpass | ||
uninstall_chkpass.sql |
$PostgreSQL: pgsql/contrib/chkpass/README.chkpass,v 1.5 2007/10/01 19:06:48 darcy Exp $ Chkpass is a password type that is automatically checked and converted upon entry. It is stored encrypted. To compare, simply compare against a clear text password and the comparison function will encrypt it before comparing. It also returns an error if the code determines that the password is easily crackable. This is currently a stub that does nothing. I haven't worried about making this type indexable. I doubt that anyone would ever need to sort a file in order of encrypted password. If you precede the string with a colon, the encryption and checking are skipped so that you can enter existing passwords into the field. On output, a colon is prepended. This makes it possible to dump and reload passwords without re-encrypting them. If you want the password (encrypted) without the colon then use the raw() function. This allows you to use the type with things like Apache's Auth_PostgreSQL module. The encryption uses the standard Unix function crypt(), and so it suffers from all the usual limitations of that function; notably that only the first eight characters of a password are considered. Here is some sample usage: test=# create table test (p chkpass); CREATE TABLE test=# insert into test values ('hello'); INSERT 0 1 test=# select * from test; p ---------------- :dVGkpXdOrE3ko (1 row) test=# select raw(p) from test; raw --------------- dVGkpXdOrE3ko (1 row) test=# select p = 'hello' from test; ?column? ---------- t (1 row) test=# select p = 'goodbye' from test; ?column? ---------- f (1 row) D'Arcy J.M. Cain darcy@druid.net