Re: [HACKERS] User authentication bug?

Bruce Momjian <maillist@candle.pha.pa.us>

From: Bruce Momjian <maillist@candle.pha.pa.us>
To: M.Boekhold@et.tudelft.nl
Cc: pgsql-hackers@postgreSQL.org
Date: 1998-07-31T19:53:25Z
Lists: pgsql-hackers
> Hi,
> 
> I was having trouble with user authentication, so I submerged myself in 
> the source (UTSL ie. Use The Source luke ;) to see if I could figure out 
> what I was doing wrong:
> 
> While using passwords stored in pg_shadow (pg_user), I cannot connect to 
> the backend using the 'password' authentication, I can connect using 'crypt'.
> 
> Now, I found from the source that the routines that do crypt checking 
> also seem to support plain passwords. But this code is never used, 
> because apparently uaCrypt is never set for 'password', while my 
> understanding is that this should be set when there is no password-file 
> specified in pg_hba.conf.
> 
> AlthoughcCheckPassword() seems to provide for this, it appears not to be 
> working.
> 
> Anybody knows what's going on here? I intent to fire up a debugger here 
> to see if I can figure out what's wrong, but thought asking first doesn't 
> do any harm.
> 
> btw. is there anywhere a good description on how control flows during 
> this phase of connecting? It all looks very difficult, with lots of 
> function pointer being passed around etc.

Yes, very confusing.  Only Tom Lane understands it, I think.  Maybe
Tatsuo too.

-- 
Bruce Momjian                          |  830 Blythe Avenue
maillist@candle.pha.pa.us              |  Drexel Hill, Pennsylvania 19026
  +  If your life is a hard drive,     |  (610) 353-9879(w)
  +  Christ can be your backup.        |  (610) 853-3000(h)