I think it would better to add an explicit "isencrypted" parameter to the check_password_hook function, rather than require the module to do isMD5 on the password. Any imaginable check hook will need to know if the password is in MD5 format, and the backend already knows it (because it already did that check), it seems good to let the hook function know. Besides, if we introduce explicit syntax for saying that the supplied password is plaintext or md5 one day, calling isMD5 in the module will no longer be appropriate.
-- Heikki Linnakangas EnterpriseDB http://www.enterprisedb.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers