Home > mailing lists

Re: MD5 salt - Mailing list pgsql-novice

From	Tom Lane
Subject	Re: MD5 salt
Date	May 29, 2003 13:04:55
Msg-id	17314.1054217090@sss.pgh.pa.us Whole thread Raw
In response to	MD5 salt ("M. Bastin" <marcbastin@mindspring.com>)
Responses	Re: MD5 salt
List	pgsql-novice

Tree view

"M. Bastin" <marcbastin@mindspring.com> writes:
> How do I send an MD5 password to pgsql?  (I'm programming my own front-end)
> Pgsql provides a 4-byte 'salt', that you must somehow use with your
> password for MD5.  The trouble is, I don't know how.

Step 1: compute 32-byte MD5 checksum of cleartext password concatenated
with username.  (BTW this checksum, with "md5" on the front, is what is
actually stored in pg_shadow.)

Step 2: compute 32-byte MD5 checksum of the 32-byte result of step 1
concatenated with the 4-byte salt from the server.  Stick "md5" on the
front and send it to the server.

            regards, tom lane

pgsql-novice by date:

From: Bruno Wolff III
Date: 29 May 2003, 10:14:47
Subject: Re: + operator with a possible NULL operand

From: "M. Bastin"
Date: 29 May 2003, 13:12:02
Subject: OIDs of data types

Re: MD5 salt - Mailing list pgsql-novice

Previous

Next