On Wed, May 30, 2007 at 05:58:24PM +0100, Oliver Elphick wrote: > While experimenting just now, I seem to have found a weird problem with > passwords, in that _anything_ I type in is accepted as a valid password.
> # TYPE DATABASE USER CIDR-ADDRESS METHOD > # IPv4 local connections: > hostnossl junk olly 127.0.0.1/32 trust Looks to me you're matching this line ^^^ > 2. TCP/IP access: this uses SSL so it skips the hostnossl line and hits > the next host line, which specifies an md5 password. Whatever I type is > accepted. When SSL fails, it retries as non-SSL. > In the log I have: > 2007-05-30 17:54:59 BST LOG: could not receive data from client: Connection > res > et by peer > 2007-05-30 17:55:02 BST FATAL: password authentication failed for user "olly" Those lines are the failure of the SSL connection, the successful connection is just fine. Have a nice day, -- Martijn van Oosterhout <[EMAIL PROTECTED]> http://svana.org/kleptog/ > From each according to his ability. To each according to his ability to > litigate.
signature.asc
Description: Digital signature
