The following bug has been logged on the website: Bug reference: 6434 Logged by: Christian Hammers Email address: c...@lathspell.de PostgreSQL version: 9.1.2 Operating system: Debian GNU/Linux Description:
The crypt() function from the pgcrypto extension is great to store and check passwords in a format that can also be used by Linux PAM and all programming languages that support the libc crypt() function. Recent Linux versions started to use a crypt algorithm that is based on SHA-512 and stores hashes in the form "$6$xxsaltxx$....." but Postgres can only hash/verify password hashes in the old DES or the "$1$xxsaltxx$..." MD5 based format. It would be nice if the pgcrypt extension would be extendet to support the new SHA-256 and SHA-512 algorithms. Further documentation on the libc implementation can be found on http://www.akkadia.org/drepper/SHA-crypt.txt but you can probably copy it from the OpenBSD source like you did with crypt-md5.c. Testcase in SQL: SELECT crypt('geheim', '$6$xxxxxxxx$'); Does give "$6C0C9PsKORBQ" but should lead to "$6$xxxxxxxx$wuSdyeOvQXjj/nNoWnjjo.6OxUWrQFRIj019kh1cDpun6l6cpr3ywSrBprYRYZXcm4Kv9lboCEFI3GzBkdNAz/" -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
