Re: WIP: AuthenticationMD5 protocol documentation clarification

Bruce Momjian <bruce@momjian.us>

From: Bruce Momjian <bruce@momjian.us>
To: Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>
Cc: Robert Haas <robertmhaas@gmail.com>, Cyan Ogilvie <cyan.ogilvie@gmail.com>, pgsql-hackers@postgresql.org
Date: 2011-10-14T00:50:05Z
Lists: pgsql-hackers

Attachments

Heikki Linnakangas wrote:
> On 06.06.2011 16:58, Robert Haas wrote:
> > On Sun, Jun 5, 2011 at 11:26 AM, Cyan Ogilvie<cyan.ogilvie@gmail.com>  wrote:
> >> This is my first patch, so I hope I've got the process right for submitting
> >> patches.
> >
> > You're doing great.  I suspect we do want to either (1) reword what
> > you've done in English, rather than writing it as code, or at least
> > (2) add some SGML markup to the code.  Our next CommitFest starts in
> > just over a week, so you should receive some more specific feedback
> > pretty soon.
> 
> That is quite complicated to explain in plain English, so some sort of 
> pseudo-code is probably a good idea. I would recommend not to formulate 
> it as a SQL expression, though. It makes you think you could execute it 
> from psql or something. Even if you know that's not how to do it, it 
> feels confusing. Maybe something like:
> 
> <literal>md5</literal> hex_encode(md5(hex_encode(md5(password username) 
> salt)
> 
> with some extra markup to make it look pretty.

I have applied the attached doc patch to document this.  Thanks for the
report --- it was something we certainly needed to document.

-- 
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + It's impossible for everything to be true. +