[HACKERS] WIP: AuthenticationMD5 protocol documentation clarification

Mon, 06 Jun 2011 00:23:49 -0700 

This is my first patch, so I hope I've got the process right for submitting
patches.

I'm building a driver to talk version 3.0 of the protocol, and generally
I've found the documentation to be excellent.  One are I had trouble with
was responding to the AuthenticationMD5Password challenge.  After receiving
help on IRC, I've attached a patch to the protocol documentation attempting
to clarify what is expected by the backend, basically:

concat(
    'md5',
    hex_encode(
        md5(
            concat(
                hex_encode(
                    md5(
                        concat(password, username)
                    )
                ),
                salt
            )
        )
    )
)

My technical writing skills were not up to wording that in plain english,
and it seems like the rest of the documentation for the protocol steers
clear of anything that looks like code.  Is this policy in this area or is
the code-esque description ok?

No code is changed, only documentation, so I've left out the code-relevant
patch info fields

Patch info:

Project name: postgresql
Branch: master

Cyan

diff --git a/doc/src/sgml/protocol.sgml b/doc/src/sgml/protocol.sgml
new file mode 100644
index d3de330..ba95241
*** a/doc/src/sgml/protocol.sgml
--- b/doc/src/sgml/protocol.sgml
***************
*** 294,303 ****
        <listitem>
         <para>
          The frontend must now send a PasswordMessage containing the
!         password encrypted via MD5, using the 4-character salt
!         specified in the AuthenticationMD5Password message.  If
!         this is the correct password, the server responds with an
!         AuthenticationOk, otherwise it responds with an ErrorResponse.
         </para>
        </listitem>
       </varlistentry>
--- 294,306 ----
        <listitem>
         <para>
          The frontend must now send a PasswordMessage containing the
!         result of concat('md5',
!         hex_encode(md5(concat(hex_encode(md5(concat(password, username))),
!         salt)))), where salt is the 4-character salt specified in
!         the AuthenticationMD5Password message.  Username and password do not
!         include the trailing null byte.  If this is the correct password, the
!         server responds with an AuthenticationOk, otherwise it responds with
!         an ErrorResponse.
         </para>
        </listitem>
       </varlistentry>

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to