Skip site navigation (1) Skip section navigation (2)

libpq / crypt / md5 question

From: Mitch Vincent <mitch(at)doot(dot)org>
To: pgsql-interfaces(at)postgresql(dot)org
Subject: libpq / crypt / md5 question
Date: 2002-11-29 17:57:19
Message-ID: 01345636-03C4-11D7-A869-0003938024CA@doot.org (view raw or flat)
Thread:
Lists: pgsql-interfaces
I have a mail server using a PostgreSQL database for virtual lookups 
and I'm using Courier IMAP with the pgsql hooks for mailbox access.. 
First, this setup is working beautifully, that's not the problem..

It seems that courier can only connect to the PG database when the auth 
type is set to crypt in the pg_hba.conf file. This is somewhat strange 
but brings me to my question..

On the client side, am I responsible for making the password an MD5 
hash, or does libpq take care of that on it's own? In courier's pgsql 
code I see :

pgconn = PQsetdbLogin(server, server_port, server_opt, NULL , 
database,userid,password);

..... Which is pretty straight-forward, but that password is always 
going to be passed to pqsetdblogin() as plain text.. So where does the 
MD5'ing or DES crypt'ing come into the connection? I've honestly never 
paid any attention to the auth type until now as I've *always* used 
just a local socket for access to PG, or the trust auth type (none of 
my servers were public and accessible by more than a controlled group 
of users until now)..

If I missed any of this in the documentation, please feel free to smack 
me with a RTFM stick. :-)

Thanks guys!

-Mitch

There are three kinds of people in this world. Those that can count and 
those that can't.


Responses

pgsql-interfaces by date

Next:From: Tom LaneDate: 2002-11-29 18:42:57
Subject: Re: libpq / crypt / md5 question
Previous:From: UdayDate: 2002-11-29 12:15:31
Subject: Re: PGLOG problem

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group