Indeed Craig, I would like to smack the guy as well, for this and many many other creepy crawlers in my everyday job!
Violence aside, thanks for your answer. The C module is what I was planning to do, but was not sure if there is another
way.Of course using crypt would be the right thing to do, but I cannot afford it, as users from our system can barely
remembertheir password, let alone collect them and recreate them! Of course I could reset their pwds, but that's gonna
bea hard sell to my boss.
Cheers and thanks again!
On 11/01/2011, at 07:29, Craig Ringer <craig@postnewspapers.com.au> wrote:
> On 01/11/2011 03:02 PM, nicolas.garfinkiel@genesis-manlab.com.ar wrote:
>
>> well, what i mean is that hashname() function would return a different value
>> depending the pgsql version.
>
> Yep. It seems to be an undocumented function with no particular defined behaviour. This isn't especially surprising.
Ipersonally wish such functions were in a different schema or were prefixed with something like "pg_int_" ... but
they'renot.
>
>> SELECT password FROM user WHERE password = hashname('AZALEA')
>
> !!WTF!!
>
> I hope you're not trying to use this as a secure one-way hash function. If so, find whoever decided to do so, and
smackthem. This function is intended for fast hashing for clustering things into random buckets, and isn't in any way
intendedto be even vaguely suitable for security use.
>
> See:
>
> http://www.postgresql.org/docs/current/static/pgcrypto.html
>
> Unlike the hashname() function, crypt() etc are well-defined functions with well-understood, stable results
compatiblenot only between Pg versions but also between Pg and other software.
>
>> Just a side note: our goal with this upgrade is to improve our system's performance
>> and stability (which 8.1 is not) while not embarking in any kind of refactoring,
>> as plans are underway to develop a new system. what we are looking for is
>> just a quick fix, if there's such thing out there!
>
> Fix your app to use pgcrypto. Use a digest function from pgcrypto, storing both password digest and password salt.
Forthat matter even unsalted use of md5() would be better, or crypt() with hardcoded salt, though both are pretty
shocking.
>
>
> Failing that, extract hashname() from 8.1 and bundle it into a loadable C function module compatible with 8.1 and
8.4.Call your function "myhash()" or something, and use it instead of hashname() in both versions.
>
> A look at at hashname() in 9.0 shows it living in src/backend/access/hash/hashfunc.c . It calls hash_any(...) in the
samefile to do the real work. As it seems pretty well contained, assuming the 8.1 implementation is similar it should
beeasy to adapt to use as a loadable module. I haven't checked 8.1's code to check.
>
> See the tutorial for help on how to implement C extension modules.
>
> Personally I think you're way better off fixing your app to use pgcrypto and a decent hash function.
>
> --
> Craig Ringer