Hi all, As discussed here: https://www.postgresql.org/message-id/98cafcd0-5557-0bdf-4837-0f2b7782d...@joeconway.com We are using in documentation and code comments "encryption" to define what actually is hashing, which is confusing.
Attached is a patch for HEAD to change the documentation to match hashing. There are a couple of things I noticed on the way: 1) There is the user-visible PQencryptPassword in libpq, which actually hashes the password, and not encrypts it :) 2) There is as well pg_md5_encrypt() in the code, as well as there is pg_md5_hash(). Those may be better if renamed, at least I would think that pg_md5_encrypt should be pg_md5_password_hash, because a salt is used as well, and the routine is dedicated to work on passwords. Thoughts? 3) createuser also has --encrypt and --unencrypted, perhaps those should be renamed? Honestly I don't really think that this is worth a breakage and the option names match with the SQL commands. I did not bother about those things in the attached, which works only documentation and comment changes. An open item has been added on the wiki. Thanks, -- Michael
hashed-passwords-doc.patch
Description: Binary data
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
