On 06/11/2009, at 14:56, Albe Laurenz wrote:
> Raimon Fernandez wrote:
>>> user: postgres (test values)
>>> psw:postgres (test values)
>
> You mean, "psw: postgre", right?
yes ...
>> Now we have to MD5 this one with the token:
>>
>> 1. 44965a835f81ec252d83961d2cc9f3e1c8c35717C8C35717 (uppercase and
>> lowercase)
>> 2. 44965a835f81ec252d83961d2cc9f3e1c8c35717c8c35717 (lowercase)
>> 3. 44965a835f81ec252d83961d2cc9f3e1c8c35717 + &HC8 + &HC3 +
>> &H57 + &H17
>> 4. ??????????
>
> I think you got confused.
>
> This is the password, MD5-hashed:
>
> SELECT 'md5' || md5('postgrepostgres'::bytea) AS md5pwd;
>
> md5pwd
> -------------------------------------
> md544965a835f81ec252d83961d2cc9f3e1
> (1 row)
>
> Now let's encrypt the part without "md5" it with the four bytes "C8
> C3 57 17" appended:
>
> SELECT 'md5' || md5(E'44965a835f81ec252d83961d2cc9f3e1\\310\\303\
> \127\\027'::bytea) AS double_md5;
>
> double_md5
> -------------------------------------
> md53885077919d80c95b324e9c68e9d7fdc
> (1 row)
>
> That is what psql sends.
>
> You can see all that by looking at the code:
>
> http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/interfaces/libpq/fe-auth.c?rev=1.142
> (function pg_password_sendauth)
thanks for the info, it's working now ...
regards,
raimon
