Dave Page <dp...@pgadmin.org> writes: > On Wed, Oct 14, 2009 at 5:25 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: >> So you can use a plugin that does it that way, or if you want you >> can use a plugin that throws error on a pre-md5'd password.
> My only concern with that idea is having some way for the client to > know when to not hash the password. Figuring that out from a specific > error code and then retrying would be inefficient, ugly, and in the > case of pgAdmin, quite hard to do given the way that SQL is generated > and then executed. I don't actually *want* client software deciding on its own hook to not hash the password. The only reason we have special client-side support for this command at all is to pre-hash the password, and people are accustomed to that behavior. If psql or pgAdmin takes a password and then sends it in the clear without telling me, that's a breach of trust with potentially serious consequences. I might not trust the DBA, for example, or I might be less confident of the network infrastructure than he is. Fix pgAdmin so that this is a user-controlled switch and let the user read the plugin's error message and decide if he wants to retry with a non-encrypted password. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers