Re: Re: Proposal for encrypting pg_shadow passwords

> Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> > Also, I didn't use palloc because the same C code is used in the backend
> > and libpq.
>
> "#define palloc(x) malloc(x)" has been our traditional solution to that.

OK, I copied ifdef's from pg_wchar.h. That should fix it. However,
Peter wants the pgcrypto md5 version, so that file is going away as soon
as I figure out how to use pgcrypto's md5 in its place.

> What I'm more concerned about here is the blithe assumption that a
> 64-bit-int datatype is available. I'm going through major pushups right
> now to ensure that int8 sequences don't break machines without 64-bit
> ints, and I'd like to see at least some minimal attention paid to the
> issue in this code.

Again, going to be removed.

> BTW, a protocol version bump for this is a horrid idea. That will
> create lots of compatibility problems for people, whether they use
> the new auth mode or not.

I thought protocol bumps were the way to handle such things. The SCM
patch does it as well. How should I tell if I am talking to a >=7.2
client?

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026