On 06/11/2009, at 8:48, Raimon Fernandez wrote:
> I'm blocked .......
>
>
> On 06/11/2009, at 6:27, John DeSoi wrote:
>
>>
>> On Nov 5, 2009, at 12:35 PM, Raimon Fernandez wrote:
>>
>>> at least, my first md5 (psw+user) is the same as the pg_shadow
>>> (wihtout the 'md5') ...
>>>
>>> should I md5 the first md5 as I get it as string (like username)
>>> or byte by byte ?
>>
>> As far as I know, a string. But it is unclear to me what happens
>> when the user or database name has non-ascii characters. The client
>> encoding is not established until after authentication.
>>
>> I asked about that a while ago but did not get any responses.
>
> After reading all the emails about it, I'm blocked, maybe someone
> can see where the error is and shade some light on it ...
>
> user: postgres (test values)
> psw:postgres (test values)
>
> first md5("postgrepostgres") ==> 44965A835F81EC252D83961D2CC9F3E1
>
> salt: A6B76060
>
>
> second md5("44965A835F81EC252D83961D2CC9F3E1"+"A6B76060") ==>
> 34F74BEF877202D4399092F97EFE8712
>
>
> send to server: header + length +
> "md5"+"34F74BEF877202D4399092F97EFE8712" ==> Fatal error, password
> Authentication failed for user postgres ...
I've created a tcpdump with all information:
server =>
52 (R)
00 00 00 0C (12 length)
00 00 00 05 (5 => md5)
C8 C3 57 17 (token)
psql sends =>
70 00 00 00 28 6D 64 35 33 38 38 35 30 37 37 39 31 39 64 38 30 63 39
35 62 33 32 34 65 39 63 36 38 65 39 64 37 66 64 63 00 => binary
p
