On 9/15/17 6:52 PM, Michael Paquier wrote:
> On Sat, Sep 16, 2017 at 5:15 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>>
>> Noting that mandrill is showing yet a different failure, one that I think
>> is inherent to chkpass:
>>
>> CREATE TABLE test (i int, p chkpass);
>> INSERT INTO test VALUES (1, 'hello'), (2, 'goodbye');
>> + WARNING: type chkpass has unstable input conversion for "hello"
>> + LINE 1: INSERT INTO test VALUES (1, 'hello'), (2, 'goodbye');
>> + ^
>> + WARNING: type chkpass has unstable input conversion for "goodbye"
>> + LINE 1: INSERT INTO test VALUES (1, 'hello'), (2, 'goodbye');
>> + ^
>>
>> I'm starting to think that (4) might be the best avenue. Or we could
>> consider
>>
>> (5) drop contrib/chkpass altogether, on the grounds that it's too badly
>> designed, and too obsolete crypto-wise, to be useful or supportable.
>
> crypt() uses the 7 lowest characters, which makes for 7.2e16 values,
> so I would be fine with (5), then (4) as the test suite is not
> portable.
I'd prefer 5, but can go with 4.
I get that users need to store their own passwords, but we have support
for SHA1 via the crypto module which seems by far the better choice.
--
-David
david@pgmasters.net
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers