postgres/contrib/chkpass
2007-10-01 19:06:48 +00:00
..
chkpass.c Replace direct assignments to VARATT_SIZEP(x) with SET_VARSIZE(x, len). 2007-02-27 23:48:10 +00:00
chkpass.sql.in Remove bogus commutator marking --- the module doesn't actually supply 2007-09-29 23:32:42 +00:00
Makefile Fix PGXS conventions so that extensions can be built against Postgres 2007-06-26 22:05:04 +00:00
README.chkpass Add some examples. 2007-10-01 19:06:48 +00:00
uninstall_chkpass.sql Remove bogus commutator marking --- the module doesn't actually supply 2007-09-29 23:32:42 +00:00

$PostgreSQL: pgsql/contrib/chkpass/README.chkpass,v 1.5 2007/10/01 19:06:48 darcy Exp $

Chkpass is a password type that is automatically checked and converted upon
entry.  It is stored encrypted.  To compare, simply compare against a clear
text password and the comparison function will encrypt it before comparing.
It also returns an error if the code determines that the password is easily
crackable.  This is currently a stub that does nothing.

I haven't worried about making this type indexable.  I doubt that anyone
would ever need to sort a file in order of encrypted password.

If you precede the string with a colon, the encryption and checking are
skipped so that you can enter existing passwords into the field.

On output, a colon is prepended.  This makes it possible to dump and reload
passwords without re-encrypting them.  If you want the password (encrypted)
without the colon then use the raw() function.  This allows you to use the
type with things like Apache's Auth_PostgreSQL module.

The encryption uses the standard Unix function crypt(), and so it suffers
from all the usual limitations of that function; notably that only the
first eight characters of a password are considered.

Here is some sample usage:

test=# create table test (p chkpass);
CREATE TABLE
test=# insert into test values ('hello');
INSERT 0 1
test=# select * from test;
       p
----------------
 :dVGkpXdOrE3ko
(1 row)

test=# select raw(p) from test;
      raw
---------------
 dVGkpXdOrE3ko
(1 row)

test=# select p = 'hello' from test;
 ?column?
----------
 t
(1 row)

test=# select p = 'goodbye' from test;
 ?column?
----------
 f
(1 row)

D'Arcy J.M. Cain
darcy@druid.net