Commitad30d36

committed

Document actual string that has to be returned by the client for MD5

authentication.Report and pseudo code by Cyan Ogilvie

1 parent0180bd6 commitad30d36Copy full SHA for ad30d36

File tree

-4

lines changed

-4

lines changed

Lines changed: 9 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -293,10 +293,15 @@`
`293`	`293`	`<listitem>`
`294`	`294`	`<para>`
`295`	`295`	`The frontend must now send a PasswordMessage containing the`
`296`		`- password encrypted via MD5, using the 4-character salt`
`297`		`- specified in the AuthenticationMD5Password message. If`
`298`		`- this is the correct password, the server responds with an`
`299`		`- AuthenticationOk, otherwise it responds with an ErrorResponse.`
	`296`	`+ password (with username) encrypted via MD5, then encrypted`
	`297`	`+ again using the 4-byte random salt specified in the`
	`298`	`+ AuthenticationMD5Password message. If this is the correct`
	`299`	`+ password, the server responds with an AuthenticationOk,`
	`300`	`+ otherwise it responds with an ErrorResponse. The actual`
	`301`	`+ PasswordMessage can be computed in SQL as <literal>concat('md5',`
	`302`	`+ md5(concat(md5(concat(password, username)), random-salt)))</>.`
	`303`	`+ (Keep in mind the <function>md5()</> function returns its`
	`304`	`+ result as a hex string.)`
`300`	`305`	`</para>`
`301`	`306`	`</listitem>`
`302`	`307`	`</varlistentry>`

Comments

(0)