LP#1468422 comment repairs

Signed-off-by: Bill Erickson <berickxx@gmail.com>

diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.password-storage.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.password-storage.sql
index 0d4129b..24d2179 100644 (file)
--- a/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.password-storage.sql
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.password-storage.sql
@@ -54,14 +54,17 @@ END;
 $$ LANGUAGE PLPGSQL;
 
 
-/*  TODO: when a user changes their password in the application, the
-    app layer has access to the bare password.  At that point, we
-    have the opportunity to store the new password without the MD5(MD5())
+/* 
+    TODO: when a user changes their password in the application, the
+    app layer has access to the bare password.  At that point, we have
+    the opportunity to store the new password without the MD5(MD5())
     intermediate hashing.  Do we care?  We would need a way to indicate
-    which passwords have the legacy intermediate hashing and which don't.
-    In either event, with the exception of migrate_passwd(), the DB 
-    functions know or care nothing about intermediate hashing.  Every 
-    password is just a value that may or may not be internally crypt'ed. */
+    which passwords have the legacy intermediate hashing and which don't
+    so the app layer would know whether it should perform the intermediate
+    hashing.  In either event, with the exception of migrate_passwd(), the
+    DB functions know or care nothing about intermediate hashing.  Every
+    password is just a value that may or may not be internally crypt'ed. 
+*/
 
 CREATE OR REPLACE FUNCTION actor.set_passwd(
     pw_usr INTEGER, pw_type TEXT, new_pass TEXT, new_salt TEXT DEFAULT NULL)