Thread: Frontend/backend protocol: authentication

Frontend/backend protocol: authentication

From
Peter Schuller
Date:
(resend; first one didn't seem to make it)

Hello,

I'm attempting to implement a PosrgreSQL client in Squeak. I'm sending
what I believe to be a correct StartupPacket, but PostgreSQL
responds with an ErrorResponse: "FATAL 1: Password auth. failed...".

But I never asked for password authentication! According to the protocol
docs on the site, I should first be getting an Authentication* packet (I
think, an AuthenticationUnencrpytedPassword - but that one is not
documented), to which I should send a PasswordPacket. But now it returns
error before I get a chance.

What might I be doing wrong?

And am I correct in expecting an AuthenticationUnencryptedPassword
packet? Postgresql is set to use the "password" authentication method,
and another exising PostgreSQL protocol implementation failed because it
receivd such a packet (instead of some other one it expected).

Thanks,

--
/ Peter Schuller, InfiDyne Technologies HB

PGP userID: 0xE9758B7D or 'Peter Schuller <peter.schuller@infidyne.com>'
Key retrival: Send an E-Mail to getpgpkey@scode.org
E-Mail: peter.schuller@infidyne.com Web: http://www.scode.org





Re: Frontend/backend protocol: authentication

From
ljb
Date:
peter.schuller@infidyne.com wrote:
> (resend; first one didn't seem to make it)
>
> Hello,
>
> I'm attempting to implement a PosrgreSQL client in Squeak. I'm sending
> what I believe to be a correct StartupPacket, but PostgreSQL
> responds with an ErrorResponse: "FATAL 1: Password auth. failed...".
>
> But I never asked for password authentication! According to the protocol
> docs on the site, I should first be getting an Authentication* packet (I
> think, an AuthenticationUnencrpytedPassword - but that one is not
> documented), to which I should send a PasswordPacket. But now it returns
> error before I get a chance.

It is documented. AuthenticationUnencryptedPassword is the pre-7.2 name
for AuthenticationCleartextPassword. They are the same message
(char 'R', int 3) but the name changed at 7.2.

> What might I be doing wrong?
>
> And am I correct in expecting an AuthenticationUnencryptedPassword
> packet? Postgresql is set to use the "password" authentication method,
> and another exising PostgreSQL protocol implementation failed because it
> receivd such a packet (instead of some other one it expected).

Sounds like you are doing it right, but you'll probably need to use
tcpdump or something similar to find out what is really going on.
I wrote a client in Tcl which talks right to the backend, and it does
what you said: send startup packet, get ('R',3) back, send password,
get AuthenticationOK ('R',0) back.