"M. Bastin" <marcbastin@mindspring.com> writes:
>> Looks right to me. Do you have the MD5 algorithm correct?
> I'm using the one provided with my development tool. Is there some
> way I could calculate a MD5 digest with a known good tool and compare
> it with my result?
Well, you could compute just MD5(Password + User) and compare that to
what's stored in pg_shadow. Another possibility is to add some
debugging printouts to libpq and see what it computes (look at
pg_password_sendauth() in src/interfaces/libpq/fe-auth.c).
It could be something silly like including trailing nulls into what's
processed by MD5 --- I'm pretty sure you should *not* do that, for
either password or user name.
regards, tom lane
