| From: | Scott Dunbar <scott(at)xigole(dot)com> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | pgsql-interfaces(at)postgresql(dot)org |
| Subject: | Re: Newbie confused about pg_hba/md5 and password field |
| Date: | 2002-08-21 20:55:30 |
| Message-ID: | 3D63FE42.9080108@xigole.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-interfaces |
Bruce,
Thanks for the information. On further testing I indeed cannot
reproduce the issue with a standalone program, only with the authlib
that I'm trying to get to work. I did learn that my thinking was wrong
though. I thought the AUTH_TYPE in pg_hba.conf was for transport only,
having nothing to do with the encryption used to encrypt passwords in
pg_shadow. That does not appear to be the case as if you use md5 in
your pg_shadow and just "password" in your pg_hba.conf file you'll get
an error.
I'll keep digging. I am confident that my libpg.so is correct as this
is a new installation of everything.
Thanks again for the feedback.
Bruce Momjian wrote:
>Sorry, this seems impossible: libpq's PQsetdbLogin() doesn't allow MD5
>passwords? You shouldn't have to do anything special; it should just
>accept the password.PQconnectdb() has the same handling as
>PQsetdbLogin().
>
>Is it possible your libpq version is older than 7.2.1?
>
>---------------------------------------------------------------------------
>
>Scott Dunbar wrote:
>
>
>>Hello,
>>I'm pretty new to PostgreSQL in general and even newer to libpq. I am
>>trying to get a C program working (the authpgsql module in courier-imap)
>>that uses PQsetdbLogin(). I've got 7.2.1 installed and running and have
>>had no problem accessing it via JDBC. I have encrypted passwords in
>>pg_shadow and have "md5" set for the AUTH_TYPE in pg_hba.conf. However,
>>when using PQsetdbLogin the only way I could get a login to work was to
>>use unencrypted passwords in pg_shadow and change pg_hba.conf to use
>>"password" instead of "md5" for the database I want access to through
>>authpgsql.
>>
>>Why is this? Do I somehow have to md5 the clear text password before
>>calling PQsetdbLogin()? Does PQconnectdb() handle this and I should
>>update the code? I feel that the client code should be unaware of the
>>over the wire encryption method used and the encryption method of the
>>password in pg_shadow but I may be way off base on the underlying issue.
>>
>>Thanks in advance for any information.
>>
>>
>>
>>---------------------------(end of broadcast)---------------------------
>>TIP 1: subscribe and unsubscribe commands go to majordomo(at)postgresql(dot)org
>>
>>
>>
>
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2002-08-21 21:20:12 | Re: Newbie confused about pg_hba/md5 and password field |
| Previous Message | Bruce Momjian | 2002-08-21 17:03:05 | Re: Newbie confused about pg_hba/md5 and password field |