From 4f5a337f55954966cb00c6d889cdd7ae8f47d9d4 Mon Sep 17 00:00:00 2001 From: Bill Erickson Date: Wed, 22 Jul 2015 10:36:09 -0400 Subject: [PATCH] LP#1468422 comment repairs Signed-off-by: Bill Erickson --- .../src/sql/Pg/upgrade/XXXX.schema.password-storage.sql | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.password-storage.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.password-storage.sql index 0d4129b661..24d2179e07 100644 --- a/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.password-storage.sql +++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.password-storage.sql @@ -54,14 +54,17 @@ END; $$ LANGUAGE PLPGSQL; -/* TODO: when a user changes their password in the application, the - app layer has access to the bare password. At that point, we - have the opportunity to store the new password without the MD5(MD5()) +/* + TODO: when a user changes their password in the application, the + app layer has access to the bare password. At that point, we have + the opportunity to store the new password without the MD5(MD5()) intermediate hashing. Do we care? We would need a way to indicate - which passwords have the legacy intermediate hashing and which don't. - In either event, with the exception of migrate_passwd(), the DB - functions know or care nothing about intermediate hashing. Every - password is just a value that may or may not be internally crypt'ed. */ + which passwords have the legacy intermediate hashing and which don't + so the app layer would know whether it should perform the intermediate + hashing. In either event, with the exception of migrate_passwd(), the + DB functions know or care nothing about intermediate hashing. Every + password is just a value that may or may not be internally crypt'ed. +*/ CREATE OR REPLACE FUNCTION actor.set_passwd( pw_usr INTEGER, pw_type TEXT, new_pass TEXT, new_salt TEXT DEFAULT NULL) -- 2.11.0