一、PG用戶的密碼如何通過md5加密，并且是否加了salt？本文將從源碼角度跟蹤分析。

創(chuàng)新互聯(lián)是一家集網(wǎng)站建設(shè),大姚企業(yè)網(wǎng)站建設(shè),大姚品牌網(wǎng)站建設(shè),網(wǎng)站定制,大姚網(wǎng)站建設(shè)報價,網(wǎng)絡(luò)營銷,網(wǎng)絡(luò)優(yōu)化,大姚網(wǎng)站推廣為一體的創(chuàng)新建站企業(yè)，幫助傳統(tǒng)企業(yè)提升企業(yè)形象加強企業(yè)競爭力。可充分滿足這一群體相比中小企業(yè)更為豐富、高端、多元的互聯(lián)網(wǎng)需求。同時我們時刻保持專業(yè)、時尚、前沿，時刻以成就客戶成長自我，堅持不斷學(xué)習(xí)、思考、沉淀、凈化自己，讓我們?yōu)楦嗟钠髽I(yè)打造出實用型網(wǎng)站。

PG用戶通過md5加密時，加了salt，而這個salt是用戶名字符串。

二、源碼分析

CreateRole：
    shadow_pass = encrypt_password(Password_encryption, stmt->role,password);
    |-- pg_md5_encrypt(password, role, strlen(role),encrypted_password);
    |   |-- memcpy(crypt_buf, passwd, passwd_len);
    |   |   memcpy(crypt_buf + passwd_len, role, strlen(role));
    |   |   strcpy(buf, "md5");
    |-- |-- pg_md5_hash(crypt_buf, passwd_len + salt_len, buf + 3);
    new_record[Anum_pg_authid_rolpassword - 1] =CStringGetTextDatum(shadow_pass);

三、gdb跟蹤

1、在函數(shù)encrypt_password上打斷點，然后客戶端執(zhí)行：create user yzs with password '123456';創(chuàng)建帶密碼的用戶，觀察是否默認(rèn)使用md5。

postgres=# create user yzs with password '123456';

2、堆棧信息

Breakpoint 1, encrypt_password (target_type=PASSWORD_TYPE_MD5, role=0x99c3b3c "yzs", password=0x99c3b4c "123456") at crypt.c:111
111     PasswordType guessed_type = get_password_type(password);
(gdb) bt
#0  encrypt_password (target_type=PASSWORD_TYPE_MD5, role=0x99c3b3c "yzs", password=0x99c3b4c "123456") at crypt.c:111
#1  0x0827b7a2 in CreateRole (pstate=0x9a0d804, stmt=0x99c3bbc) at user.c:412
#2  0x0840fc18 in standard_ProcessUtility (pstmt=0x99c3c14, queryString=0x99c31dc "create user yzs with password '123456';", context=PROCESS_UTILITY_TOPLEVEL, params=0x0, queryEnv=0x0, 
    dest=0x99c3d74, completionTag=0xbf9119e6 "") at utility.c:722
#3  0x0840f42a in ProcessUtility (pstmt=0x99c3c14, queryString=0x99c31dc "create user yzs with password '123456';", context=PROCESS_UTILITY_TOPLEVEL, params=0x0, queryEnv=0x0, 
    dest=0x99c3d74, completionTag=0xbf9119e6 "") at utility.c:357
#4  0x0840e6ea in PortalRunUtility (portal=0x9a20634, pstmt=0x99c3c14, isTopLevel=1 '\001', setHoldSnapshot=0 '\000', dest=0x99c3d74, completionTag=0xbf9119e6 "") at pquery.c:1178
#5  0x0840e8b7 in PortalRunMulti (portal=0x9a20634, isTopLevel=1 '\001', setHoldSnapshot=0 '\000', dest=0x99c3d74, altdest=0x99c3d74, completionTag=0xbf9119e6 "") at pquery.c:1324
#6  0x0840ded2 in PortalRun (portal=0x9a20634, count=2147483647, isTopLevel=1 '\001', run_once=1 '\001', dest=0x99c3d74, altdest=0x99c3d74, completionTag=0xbf9119e6 "") at pquery.c:799
#7  0x08408692 in exec_simple_query (query_string=0x99c31dc "create user yzs with password '123456';") at postgres.c:1099
#8  0x0840c5d4 in PostgresMain (argc=1, argv=0x997edc4, dbname=0x997ecf4 "postgres", username=0x99558cc "postgres") at postgres.c:4088
#9  0x083864e6 in BackendRun (port=0x9978038) at postmaster.c:4409
#10 0x08385c5d in BackendStartup (port=0x9978038) at postmaster.c:4081
#11 0x083822d9 in ServerLoop () at postmaster.c:1755
#12 0x083819d6 in PostmasterMain (argc=3, argv=0x9953810) at postmaster.c:1363
#13 0x082dfb60 in main (argc=3, argv=0x9953810) at main.c:228
(gdb) n
114     if (guessed_type != PASSWORD_TYPE_PLAINTEXT)
(gdb) 
123     switch (target_type)
(gdb) 
126             encrypted_password = palloc(MD5_PASSWD_LEN + 1);
(gdb) 
128             if (!pg_md5_encrypt(password, role, strlen(role),
(gdb) s
pg_md5_encrypt (passwd=0x99c3b4c "123456", salt=0x99c3b3c "yzs", salt_len=3, buf=0x9a0d984 "") at md5.c:326
326     size_t      passwd_len = strlen(passwd);
(gdb) n
329     char       *crypt_buf = malloc(passwd_len + salt_len + 1);
(gdb) 
332     if (!crypt_buf)
(gdb) 
339     memcpy(crypt_buf, passwd, passwd_len);
(gdb) 
340     memcpy(crypt_buf + passwd_len, salt, salt_len);
(gdb) p crypt_buf
$1 = 0x9979e68 "123456A"
(gdb) n
342     strcpy(buf, "md5");
(gdb) p crypt_buf
$2 = 0x9979e68 "123456yzs?\tQ"
(gdb) n
343     ret = pg_md5_hash(crypt_buf, passwd_len + salt_len, buf + 3);
(gdb) p crypt_buf
$3 = 0x9979e68 "123456yzs?\tQ"
(gdb) n
345     free(crypt_buf);
(gdb) p crypt_buf
$4 = 0x9979e68 "123456yzs?\tQ"
(gdb) n
347     return ret;
(gdb) 
348 }
(gdb) p ret
$5 = 1 '\001'
(gdb) n
encrypt_password (target_type=PASSWORD_TYPE_MD5, role=0x99c3b3c "yzs", password=0x99c3b4c "123456") at crypt.c:131
131             return encrypted_password;
(gdb) 
146 }
(gdb) 
CreateRole (pstate=0x9a0d804, stmt=0x99c3bbc) at user.c:415
415                 CStringGetTextDatum(shadow_pass);
(gdb) p shadow_pass
$6 = 0x9a0d984 "md5aed8080c314507e15542d5e9519723a8"

3、從pg_authid表中觀察該用戶經(jīng)過md5加過密的密碼值，可以看出和堆棧信息中看到的一樣

postgres=# select *from pg_authid where rolname='yzs';
 rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypa***ls | rolconnlimit |             rolpassword             | rolvaliduntil 
---------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------------------------------+---------------
 yzs     | f        | t          | f             | f           | t           | f              | f            |           -1 | md5aed8080c314507e15542d5e9519723a8 | 
(1 row)

另外有需要云服務(wù)器可以了解下創(chuàng)新互聯(lián)cdcxhl.cn，海內(nèi)外云服務(wù)器15元起步，三天無理由+7*72小時售后在線，公司持有idc許可證，提供“云服務(wù)器、裸金屬服務(wù)器、高防服務(wù)器、香港服務(wù)器、美國服務(wù)器、虛擬主機、免備案服務(wù)器”等云主機租用服務(wù)以及企業(yè)上云的綜合解決方案，具有“安全穩(wěn)定、簡單易用、服務(wù)可用性高、性價比高”等特點與優(yōu)勢，專為企業(yè)上云打造定制，能夠滿足用戶豐富、多元化的應(yīng)用場景需求。

本文名稱：PostgreSQL用戶密碼如何通過md5加密存儲，是否加了salt-創(chuàng)新互聯(lián)
URL地址：http://m.newbst.com/article36/ceggpg.html

成都網(wǎng)站建設(shè)公司_創(chuàng)新互聯(lián)，為您提供App開發(fā)、Google、自適應(yīng)網(wǎng)站、做網(wǎng)站、用戶體驗、域名注冊

廣告

聲明：本網(wǎng)站發(fā)布的內(nèi)容（圖片、視頻和文字）以用戶投稿、用戶轉(zhuǎn)載內(nèi)容為主，如果涉及侵權(quán)請盡快告知，我們將會在第一時間刪除。文章觀點不代表本網(wǎng)站立場，如需處理請聯(lián)系客服。電話：028-86922220；郵箱：631063699@qq.com。內(nèi)容未經(jīng)允許不得轉(zhuǎn)載，或轉(zhuǎn)載時需注明來源： 創(chuàng)新互聯(lián)