Look at this from the BSD/OS crypt() manual page:
The crypt function performs password encryption. It is derived from the NBS Data Encryption Standard.
Additionalcode has been added to deter key search attempts. The first argument to crypt is a NUL-terminated
string(normally a password typed by a user). The second is a character array, 9 bytes in length, consisting of an
underscore(``_'') followed by 4 bytes of iteration count and 4 bytes of salt. Both the iteration count and the
saltare encoded with 6 bits per character, least significant bits first. The values 0 to 63 are encoded by the
characters``./0-9A- Za-z'', respectively.
...
For compatibility with historical versions of crypt(3), the setting may consist of 2 bytes of salt, encoded as
above,in which case an iteration count of 25 is used, fewer perturbations of DES are available, at most 8
charactersof key are used, and the returned value is a NUL-terminated string 13 bytes in length.
It seems to say that the salt passed to crypt should be null-terminated, but
we call crypt from libpq as:
crypt_pwd = crypt(password, conn->salt);
and conn.salt is char[2]. Isn't this a problem?
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill,
Pennsylvania19026