Re: MD5 salt
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: "M. Bastin" <marcbastin@mindspring.com>
Cc: pgsql-novice <pgsql-novice@postgresql.org>
Date: 2003-05-29T15:06:26Z
Lists: pgsql-novice
"M. Bastin" <marcbastin@mindspring.com> writes: > However I must be doing something wrong. This is what I do: > "md5" + MD5( MD5(Password + UserName) + Salt) > Is this a correct interpretation of your explanation? Looks right to me. Do you have the MD5 algorithm correct? > (To this I > still need to add the zero byte for termination, isn't it? Yeah, IIRC the contents of the Password message are a zero-terminated string. Check the protocol document. You might try testing with plain-text password auth method to make sure you have the basic Password-message mechanics down, before you go on with MD5. regards, tom lane