Tag Archives: PostgreSQL

mod_auth_pgsql: Support for salted md5 password hashes

Recently I created a patch against the Apache httpd authentication module mod_auth_pgsql 2.0.3 for adding support for salted md5 password hashes. In a scenario I wanted to authenticate users against the PostgreSQL user database. However, mod_auth_pgsql only could handle crypted, md5 and base64 encoded passwords. There was no support for salted MD5 passwords (username+password concatenated) like in pg_shadow-table.

Just apply the patch mod_auth_pgsql-pgsql-saltedmd5.patch and use
Auth_PG_encrypted ON
Auth_PG_hash_type MD5PGSQL

as new configuration parameters.

Update 2013-05-01: Patch accepted upstream.