Re: MD5 salt - Mailing list pgsql-novice

From Tom Lane
Subject Re: MD5 salt
Date
Msg-id 17789.1054220786@sss.pgh.pa.us
Whole thread Raw
In response to Re: MD5 salt  ("M. Bastin" <marcbastin@mindspring.com>)
Responses Re: MD5 salt
List pgsql-novice
"M. Bastin" <marcbastin@mindspring.com> writes:
> However I must be doing something wrong.  This is what I do:
> "md5" + MD5( MD5(Password + UserName) + Salt)
> Is this a correct interpretation of your explanation?

Looks right to me.  Do you have the MD5 algorithm correct?

> (To this I
> still need to add the zero byte for termination, isn't it?

Yeah, IIRC the contents of the Password message are a zero-terminated
string.  Check the protocol document.

You might try testing with plain-text password auth method to make sure
you have the basic Password-message mechanics down, before you go on
with MD5.

            regards, tom lane

pgsql-novice by date:

Previous
From: Tom Lane
Date:
Subject: Re: OIDs of data types
Next
From: "M. Bastin"
Date:
Subject: Re: MD5 salt