Re: MD5 salt

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "M(dot) Bastin" <marcbastin(at)mindspring(dot)com>
Cc: pgsql-novice <pgsql-novice(at)postgresql(dot)org>
Subject: Re: MD5 salt
Date: 2003-05-29 15:06:26
Message-ID: 17789.1054220786@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-novice

"M. Bastin" <marcbastin(at)mindspring(dot)com> writes:
> However I must be doing something wrong. This is what I do:
> "md5" + MD5( MD5(Password + UserName) + Salt)
> Is this a correct interpretation of your explanation?

Looks right to me. Do you have the MD5 algorithm correct?

> (To this I
> still need to add the zero byte for termination, isn't it?

Yeah, IIRC the contents of the Password message are a zero-terminated
string. Check the protocol document.

You might try testing with plain-text password auth method to make sure
you have the basic Password-message mechanics down, before you go on
with MD5.

regards, tom lane

In response to

Responses

Browse pgsql-novice by date

  From Date Subject
Next Message M. Bastin 2003-05-29 15:40:30 Re: MD5 salt
Previous Message Tom Lane 2003-05-29 14:52:35 Re: OIDs of data types