Thread: PQconnectdb question and md5 password

PQconnectdb question and md5 password

From
Guy Deleeuw
Date:
Hello,

I don't know how can I pass a md5 password to the password field ?
example :
connInfo = "host=localhost port=5432 dbname=db_stats user=postgres
password=secret";
  pConn = PQconnectdb(connInfo);

I try to replace the string 'secret' by the content of /etc/shadow but
without succès.

Thanks in advance

Guy

Re: PQconnectdb question and md5 password

From
Marcelo Martins
Date:
How do you have your pg_hba.conf file setup ?

If on the shell as the postgres user, you can login into the
"db_stats" database without a password being asked for than you should
not need one.
Try out:

postgres$> psql db_stats

and see if you can login without asking for a PW.. check your
pg_hba.conf first though.


On May 6, 2008, at 5:07 AM, Guy Deleeuw wrote:

> Hello,
>
> I don't know how can I pass a md5 password to the password field ?
> example :
> connInfo = "host=localhost port=5432 dbname=db_stats user=postgres
> password=secret";
> pConn = PQconnectdb(connInfo);
>
> I try to replace the string 'secret' by the content of /etc/shadow
> but without succès.
>
> Thanks in advance
>
> Guy
>
> --
> Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-admin


Re: PQconnectdb question and md5 password

From
Marcelo Martins
Date:
Hi Gus,

You should be able to, I'm not a C guru but on perl I can without any
issues.
Did you setup a password for the postgres user account in postgreSQL
itself ?
I found strange that you were trying out the password from /etc/shadow
file though.

 > ALTER USER postgres WITH ENCRYPTED PASSWORD 'secret';

What error the postgres log gives you ?


On May 6, 2008, at 12:58 PM, Guy Deleeuw wrote:

> Hello Marcelo,
> Thanks for your respons
>
> I have a password and is what I need.
> My pg_hba.conf have 'md5' :
> host    all         all         127.0.0.1/32          md5
>
> My question are just how I can connect from the C api with an md5
> password or it's not possible ?
>
> Regards
> Guy
>
> Marcelo Martins a écrit :
>> How do you have your pg_hba.conf file setup ?
>>
>> If on the shell as the postgres user, you can login into the
>> "db_stats" database without a password being asked for than you
>> should not need one.
>> Try out:
>>
>> postgres$> psql db_stats
>>
>> and see if you can login without asking for a PW.. check your
>> pg_hba.conf first though.
>>
>>
>> On May 6, 2008, at 5:07 AM, Guy Deleeuw wrote:
>>
>>> Hello,
>>>
>>> I don't know how can I pass a md5 password to the password field ?
>>> example :
>>> connInfo = "host=localhost port=5432 dbname=db_stats user=postgres
>>> password=secret";
>>> pConn = PQconnectdb(connInfo);
>>>
>>> I try to replace the string 'secret' by the content of /etc/shadow
>>> but without succès.
>>>
>>> Thanks in advance
>>>
>>> Guy
>>>
>>> --
>>> Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
>>> To make changes to your subscription:
>>> http://www.postgresql.org/mailpref/pgsql-admin
>>
>>
>
> --
> Guy De Leeuw
> IT Manager
> Eurofer
> 5, avenue Ariane
> Building "Integrale" (3rd floor)
> 1200, Bruxelles
> Belgium
> Phone : +32 (2) 738 79 40
> Mobile : 00 32 498 93 65 00
> Fax : +32 (2) 736 28 22
> E-Mail : mailto:G.De_Leeuw@eurofer.be
> www : http://www.eurofer.org
>
>


Re: PQconnectdb question and md5 password

From
Guy Deleeuw
Date:
Hello Marcelo,
Thanks for your respons

I have a password and is what I need.
My pg_hba.conf have 'md5' :
host    all         all         127.0.0.1/32          md5

My question are just how I can connect from the C api with an md5
password or it's not possible ?

Regards
Guy

Marcelo Martins a écrit :
> How do you have your pg_hba.conf file setup ?
>
> If on the shell as the postgres user, you can login into the
> "db_stats" database without a password being asked for than you should
> not need one.
> Try out:
>
> postgres$> psql db_stats
>
> and see if you can login without asking for a PW.. check your
> pg_hba.conf first though.
>
>
> On May 6, 2008, at 5:07 AM, Guy Deleeuw wrote:
>
>> Hello,
>>
>> I don't know how can I pass a md5 password to the password field ?
>> example :
>> connInfo = "host=localhost port=5432 dbname=db_stats user=postgres
>> password=secret";
>> pConn = PQconnectdb(connInfo);
>>
>> I try to replace the string 'secret' by the content of /etc/shadow
>> but without succès.
>>
>> Thanks in advance
>>
>> Guy
>>
>> --
>> Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
>> To make changes to your subscription:
>> http://www.postgresql.org/mailpref/pgsql-admin
>
>

--
Guy De Leeuw
IT Manager
Eurofer
5, avenue Ariane
Building "Integrale" (3rd floor)
1200, Bruxelles
Belgium
Phone : +32 (2) 738 79 40
Mobile : 00 32 498 93 65 00
Fax : +32 (2) 736 28 22
E-Mail : mailto:G.De_Leeuw@eurofer.be
www : http://www.eurofer.org



Re: PQconnectdb question and md5 password

From
Guy Deleeuw
Date:
Gus ? :-)

No I need to put the md5 string into the connInfo, just that.
the other parts work fine

Guy
Marcelo Martins a écrit :
> Hi Gus,
>
> You should be able to, I'm not a C guru but on perl I can without any
> issues.
> Did you setup a password for the postgres user account in postgreSQL
> itself ?
> I found strange that you were trying out the password from /etc/shadow
> file though.
>
> > ALTER USER postgres WITH ENCRYPTED PASSWORD 'secret';
>
> What error the postgres log gives you ?
>
>
> On May 6, 2008, at 12:58 PM, Guy Deleeuw wrote:


Re: PQconnectdb question and md5 password

From
Tom Lane
Date:
Guy Deleeuw <G.De_Leeuw@eurofer.be> writes:
> No I need to put the md5 string into the connInfo, just that.

No, you need to put the plain text of the password into the connInfo.
Knowing the md5 doesn't prove you know the password.

            regards, tom lane

Re: PQconnectdb question and md5 password

From
Guy Deleeuw
Date:
Hello Tom


> No, you need to put the plain text of the password into the connInfo.
> Knowing the md5 doesn't prove you know the password.
>
>             regards, tom lane
>
I just try to cancel the easy way to "string" the binary and extract the
password from my app.
A solution are to put the md5 string and not the clear password.
but if it's not possible, a follow another way.

Thanks for your respons.

Regards
Guy