Re: protocol, md5 authentication

From: James William Pye <pgsql(at)jwp(dot)name>
To: Josh Close <narshe(at)gmail(dot)com>
Cc: pgsql-interfaces(at)postgresql(dot)org
Subject: Re: protocol, md5 authentication
Date: 2006-02-22 16:30:10
Message-ID: 20060222163010.GA13550@lit.jwp.name
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-interfaces

On Wed, Feb 22, 2006 at 08:22:51AM -0600, Josh Close wrote:
> What is the correct way of MD5 authenticating?

libpq implements it properly. I'd suggest looking at the client source.

Also, I *think* I have this working correctly in my PQueue module, so if you
don't mind a little Python:

import md5
pw = md5.new(self.password + self.keywords['user']).hexdigest()
pw = 'md5' + md5.new(pw + authmsg.salt).hexdigest()

self.password is the password given by the user.
self.keywords['user'] is the user name.
authmsg.salt is the salt given by the server.

Where 'pw' is sent back to the server in a Password message.
(mrm, can't remember if/when I tested this.. =\)
--
Regards, James William Pye

In response to

Responses

Browse pgsql-interfaces by date

  From Date Subject
Next Message Ibrahim Noorzaie 2006-02-22 16:47:59 unsubscribe
Previous Message Tom Lane 2006-02-22 14:28:01 Re: Finding the pqlib version