Skip site navigation (1) Skip section navigation (2)

Re: Newbie confused about pg_hba/md5 and password field

From: Scott Dunbar <scott(at)xigole(dot)com>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: pgsql-interfaces(at)postgresql(dot)org
Subject: Re: Newbie confused about pg_hba/md5 and password field
Date: 2002-08-21 20:55:30
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-interfaces
Thanks for the information.  On further testing I indeed cannot 
reproduce the issue with a standalone program, only with the authlib 
that I'm trying to get to work.  I did learn that my thinking was wrong 
though.  I thought the AUTH_TYPE in pg_hba.conf was for transport only, 
having nothing to do with the encryption used to encrypt passwords in 
pg_shadow.  That does not appear to be the case as if you use md5 in 
your pg_shadow and just "password" in your pg_hba.conf file you'll get 
an error.

I'll keep digging.  I am confident that my is correct as this 
is a new installation of everything.

Thanks again for the feedback.

Bruce Momjian wrote:

>Sorry, this seems impossible: libpq's PQsetdbLogin() doesn't allow MD5
>passwords?  You shouldn't have to do anything special;  it should just
>accept the password.PQconnectdb() has the same handling as
>Is it possible your libpq version is older than 7.2.1?
>Scott Dunbar wrote:
>>I'm pretty new to PostgreSQL in general and even newer to libpq.  I am 
>>trying to get a C program working (the authpgsql module in courier-imap) 
>>that uses PQsetdbLogin().  I've got 7.2.1 installed and running and have 
>>had no problem accessing it via JDBC.  I have encrypted passwords in 
>>pg_shadow and have "md5" set for the AUTH_TYPE in pg_hba.conf.  However, 
>>when using PQsetdbLogin the only way I could get a login to work was to 
>>use unencrypted passwords in pg_shadow and change pg_hba.conf to use 
>>"password" instead of "md5" for the database I want access to through 
>>Why is this?  Do I somehow have to md5 the clear text password before 
>>calling PQsetdbLogin()?  Does PQconnectdb() handle this and I should 
>>update the code?  I feel that the client code should be unaware of the 
>>over the wire encryption method used and the encryption method of the 
>>password in pg_shadow but I may be way off base on the underlying issue.
>>Thanks in advance for any information.
>>---------------------------(end of broadcast)---------------------------
>>TIP 1: subscribe and unsubscribe commands go to majordomo(at)postgresql(dot)org

In response to


pgsql-interfaces by date

Next:From: Bruce MomjianDate: 2002-08-21 21:20:12
Subject: Re: Newbie confused about pg_hba/md5 and password field
Previous:From: Bruce MomjianDate: 2002-08-21 17:03:05
Subject: Re: Newbie confused about pg_hba/md5 and password field

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group