Bruce Momjian <pgman@candle.pha.pa.us> writes:
>> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> Also, I now need two salts, one base62 for crypt and a new one for MD5.
>>
>> They're carried in two different messages, so I don't see the problem.
> But the salt is configured on startup, before you know your auth method,
> right? Do I need to move that?
Oh, I see what you're looking at: the salt is computed at ConnCreate
time in the postmaster. Hmm. You cannot move the call into the later
auth process, because it needs to happen before the postmaster forks.
(Else, every forked child would start with the same random() state and
compute the same salt ... good security eh?)
Yes, I think initializing two salt fields in ConnCreate is fine. That's
probably actually a little more secure in itself, because it ensures
that would-be sniffers cannot see every random() result in the
postmaster's random() sequence, only some of them. IIRC, that makes it
a lot harder to guess the underlying seed.
regards, tom lane