Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit38bb1ab

Browse files
committed
Use MD5 for wire protocol encryption for >= 7.2 client/server.
Allow pg_shadow to be MD5 encrypted.Add ENCRYPTED/UNENCRYPTED option to CREATE/ALTER user.Add password_encryption postgresql.conf option.Update wire protocol version to 2.1.
1 parent397f65d commit38bb1ab

27 files changed

+357
-192
lines changed

‎doc/src/sgml/client-auth.sgml

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<!-- $Header: /cvsroot/pgsql/doc/src/sgml/client-auth.sgml,v 1.15 2001/08/01 23:25:39 tgl Exp $ -->
1+
<!-- $Header: /cvsroot/pgsql/doc/src/sgml/client-auth.sgml,v 1.16 2001/08/15 18:42:14 momjian Exp $ -->
22

33
<chapter id="client-authentication">
44
<title>Client Authentication</title>
@@ -205,11 +205,10 @@ hostssl <replaceable>database</replaceable> <replaceable>IP-address</replaceable
205205
<para>
206206
Like the <literal>password</literal> method, but the password
207207
is sent over the wire encrypted using a simple
208-
challenge-response protocol. This is still not
209-
cryptographically secure but it protects against incidental
208+
challenge-response protocol. This protects against incidental
210209
wire-sniffing. The name of a file may follow the
211-
<literal>crypt</literal> keyword that contains a list of users
212-
that this record pertains to.
210+
<literal>crypt</literal> keyword. It contains a list of users
211+
for this record.
213212
</para>
214213
</listitem>
215214
</varlistentry>

‎doc/src/sgml/protocol.sgml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<!-- $Header: /cvsroot/pgsql/doc/src/sgml/protocol.sgml,v 1.18 2001/06/22 23:27:48 petere Exp $ -->
1+
<!-- $Header: /cvsroot/pgsql/doc/src/sgml/protocol.sgml,v 1.19 2001/08/15 18:42:14 momjian Exp $ -->
22

33
<chapter id="protocol">
44
<title>Frontend/Backend Protocol</title>
@@ -1295,7 +1295,7 @@ EncryptedPasswordPacket (F)
12951295
</Term>
12961296
<ListItem>
12971297
<Para>
1298-
The encrypted (using crypt()) password.
1298+
The encrypted (usingMD5 orcrypt()) password.
12991299
</Para>
13001300
</ListItem>
13011301
</VarListEntry>

‎doc/src/sgml/ref/alter_user.sgml

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$Header: /cvsroot/pgsql/doc/src/sgml/ref/alter_user.sgml,v 1.14 2001/07/10 22:09:27 tgl Exp $
2+
$Header: /cvsroot/pgsql/doc/src/sgml/ref/alter_user.sgml,v 1.15 2001/08/15 18:42:14 momjian Exp $
33
Postgres documentation
44
-->
55

@@ -27,7 +27,7 @@ ALTER USER <replaceable class="PARAMETER">username</replaceable> [ [ WITH ] <rep
2727

2828
where <replaceable class="PARAMETER">option</replaceable> can be:
2929

30-
PASSWORD '<replaceable class="PARAMETER">password</replaceable>'
30+
[ ENCRYPTED | UNENCRYPTED ]PASSWORD '<replaceable class="PARAMETER">password</replaceable>'
3131
| CREATEDB | NOCREATEDB
3232
| CREATEUSER | NOCREATEUSER
3333
| VALID UNTIL '<replaceable class="PARAMETER">abstime</replaceable>'
@@ -53,10 +53,13 @@ where <replaceable class="PARAMETER">option</replaceable> can be:
5353
</varlistentry>
5454

5555
<varlistentry>
56-
<term><replaceable class="PARAMETER">password</replaceable></term>
56+
<term><replaceable class="PARAMETER">[ encrypted | unencrypted ]password</replaceable></term>
5757
<listitem>
5858
<para>
5959
The new password to be used for this account.
60+
<literal>Encrypted</literal>/ <literal>unencrypted</literal>
61+
controls whether the password is stored encrypted in the
62+
database.
6063
</para>
6164
</listitem>
6265
</varlistentry>

‎doc/src/sgml/ref/create_user.sgml

Lines changed: 10 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_user.sgml,v 1.17 2001/07/10 22:09:27 tgl Exp $
2+
$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_user.sgml,v 1.18 2001/08/15 18:42:14 momjian Exp $
33
Postgres documentation
44
-->
55

@@ -28,7 +28,7 @@ CREATE USER <replaceable class="PARAMETER">username</replaceable> [ [ WITH ] <re
2828
where <replaceable class="PARAMETER">option</replaceable> can be:
2929

3030
SYSID <replaceable class="PARAMETER">uid</replaceable>
31-
| PASSWORD '<replaceable class="PARAMETER">password</replaceable>'
31+
|[ ENCRYPTED | UNENCRYPTED ]PASSWORD '<replaceable class="PARAMETER">password</replaceable>'
3232
| CREATEDB | NOCREATEDB
3333
| CREATEUSER | NOCREATEUSER
3434
| IN GROUP <replaceable class="PARAMETER">groupname</replaceable> [, ...]
@@ -72,12 +72,19 @@ where <replaceable class="PARAMETER">option</replaceable> can be:
7272
</varlistentry>
7373

7474
<varlistentry>
75-
<term><replaceable class="parameter">password</replaceable></term>
75+
<term><replaceable class="parameter">[ encrypted | unencrypted ]password</replaceable></term>
7676
<listitem>
7777
<para>
7878
Sets the user's password. If you do not plan to use password
7979
authentication you can omit this option, otherwise the user
8080
won't be able to connect to a password-authenticated server.
81+
</para>
82+
<para>
83+
<literal>ENCRYPTED/UNENCRYPTED</literal> controls whether the
84+
password is stored encrypted in the database. Older clients may
85+
have trouble communicating using encrypted password storage.
86+
</para>
87+
<para>
8188
See the chapter on client authentication in the
8289
<citetitle>Administrator's Guide</citetitle> for details on
8390
how to set up authentication mechanisms.

‎doc/src/sgml/runtime.sgml

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$Header: /cvsroot/pgsql/doc/src/sgml/runtime.sgml,v 1.74 2001/08/09 16:20:43 petere Exp $
2+
$Header: /cvsroot/pgsql/doc/src/sgml/runtime.sgml,v 1.75 2001/08/15 18:42:14 momjian Exp $
33
-->
44

55
<Chapter Id="runtime">
@@ -967,6 +967,18 @@ env PGOPTIONS='-c geqo=off' psql
967967

968968
<para>
969969
<variablelist>
970+
<varlistentry>
971+
<term>AUSTRALIAN_TIMEZONES (<type>bool</type>)</term>
972+
<listitem>
973+
<para>
974+
If set to true, <literal>CST</literal>, <literal>EST</literal>,
975+
and <literal>SAT</literal> are interpreted as Australian
976+
timezones rather than as North American Central/Eastern
977+
Timezones and Saturday. The default is false.
978+
</para>
979+
</listitem>
980+
</varlistentry>
981+
970982
<varlistentry>
971983
<indexterm>
972984
<primary>deadlock</primary>
@@ -1260,18 +1272,6 @@ dynamic_library_path = '/usr/local/lib:/home/my_project/lib:$libdir:$libdir/cont
12601272
</listitem>
12611273
</varlistentry>
12621274

1263-
<varlistentry>
1264-
<term>AUSTRALIAN_TIMEZONES (<type>bool</type>)</term>
1265-
<listitem>
1266-
<para>
1267-
If set to true, <literal>CST</literal>, <literal>EST</literal>,
1268-
and <literal>SAT</literal> are interpreted as Australian
1269-
timezones rather than as North American Central/Eastern
1270-
Timezones and Saturday. The default is false.
1271-
</para>
1272-
</listitem>
1273-
</varlistentry>
1274-
12751275
<varlistentry>
12761276
<indexterm>
12771277
<primary>SSL</primary>

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp