table of Contents
Due to network testing database must change password level, secondary modifications on the source plug-ins, some passwordcheck
1. use
- passwordcheck.c under alternate directory ../postgresql-11.4/contrib/passwordcheck
- Compile and install make && make install
- Modify (postgresql.conf) within postgresql profile
- shared_preload_libraries = 'passwordcheck'
- passwordcheck.level = 'true'
2. Effect
When the password is long enough, does not comply with the rules of the time, you can not create a new user
3. Modify the source code
https://github.com/Luckyness/passwordcheck
1. Reference pg_cron source increases a parameter in the configuration file
/* 引入扩展 */
#include "utils/guc.h"
……
……
/*
* 配置文件内passwordcheck.level='true' 为需要特殊字符
* passwordcheck.level='false' 为只需要英文和数字
*/
static bool passwordcheck_level = false;
……
……
void
_PG_init(void)
{
/* 定义密码级别参数 */
DefineCustomBoolVariable(
"passwordcheck.level",
gettext_noop("passwordcheck_level true: Password must contain leter, number, special characters;false : Password must contain leter, special characters"),
NULL,
&passwordcheck_level,
false,
PGC_POSTMASTER,
GUC_SUPERUSER_ONLY,
NULL, NULL, NULL);
/* activate password checks when the module is loaded */
check_password_hook = check_password;
}
2. Modify configuration checking digital source
if(passwordcheck_level)
{
/* check if the password contains both letters and number and specialchar */
pwd_has_number = false;
pwd_has_special = false;
pwd_has_letter = false;
for (i = 0; i < pwdlen; i++)
{
if (isalpha((unsigned char) password[i]))
pwd_has_letter = true;
else if (isdigit((unsigned char) password[i]))
pwd_has_number = true;
else
pwd_has_special = true;
}
if (!pwd_has_number || !pwd_has_letter || !pwd_has_special)
ereport(ERROR,
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
errmsg("password must contain both letters and number and specialchar")));
}
else
{
/* check if the password contains both letters and non-letters */
pwd_has_letter = false;
pwd_has_number = false;
for (i = 0; i < pwdlen; i++)
{
if (isalpha((unsigned char) password[i]))
pwd_has_letter = true;
else
pwd_has_number = true;
}
if (!pwd_has_letter || !pwd_has_number)
ereport(ERROR,
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
errmsg("password must contain both letters and nonletters")));
}