Re: You're on SecurityFocus.com for the cleartext passwords.

Vince Vielhaber <vev@michvhf.com> writes:
> How about ODBC?  This is from the ODBC driver source connection.c:
>    self->errormsg = "Password crypt authentication not supported";
> Is that because of the platform it's running on or what it's talking
> to?

I think the ODBC authors didn't want to assume that libcrypt() is
available on the client side (which is probably right for Windows and
Mac at least).  Standardizing on our own implementation of MD5 would
sidestep that problem quite neatly.

Depending on libcrypt is pretty painful even in Unix environments;
have you seen what we have to do to get it to work in shared-library
contexts, on machines where libcrypt is a separate shlib and not part of
libc?  Yech.  We could get rid of a bunch of cruft in the makefiles by
abandoning crypt() ...
        regards, tom lane