From: | "Fernando Carello" <fcarello(at)srd(dot)it> |
---|---|
To: | Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us> |
Subject: | Re: [BUGS] Possible password authentication bug in 6.3.1 |
Date: | 1998-04-04 16:08:35 |
Message-ID: | 199804041303.PAA09515@shadow.srd.it |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> Try adding another host line to the end of the file, and let me know if
> that fixes it.
Added:
host users 192.168.0.1 255.255.255.255 password
at the end of pg_hba.conf, but the error is still there.
Please note that I don't make use of Unix sockets for the connection,
I use TCP/IP instead (" -i ").
I've also commented out the (original) last two lines that allowed
restrictless connections from the localhost.
I'm not very familiar with Postgres internals, but it *seems* to me
that the variable "areq" is not getting the right value: it should be
"3" ( = AUTH_REQ_PASSWORD) for plain-password authentication, while
it gets "13824".
----
Now I'm at home, and I'm playing a little with libpq sources: here
I've got Postgres 6.3 (not 6.3.1) and I get a value of areq = 14336
(and the same error, of course).
So I printed out areq value in "fe-connect.c", just after the
pqGetInt call: I get areq = "14336d", that is quite strange; of
course, shortly after, the call to fe_sendauth fails.
Then I tried to force areq=3 just before calling fe_sendauth (we are
near the middle of fe-connect.c), and it happens that the error
becomes:
FATAL 1: Socket command option.
Don't know if that helps in some way ! :-)
Please let me know if I can do something useful (btw, I'm in trouble
with that authentication stuff: for now I'm not able to protect my
data, so I shutted down the SQL server), and as always thanks to all
you people.
Fernando Carello
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 1998-04-04 21:07:12 | Re: [HACKERS] Everything leaks; How it mm suppose to work? |
Previous Message | Bruce Momjian | 1998-04-04 15:54:04 | Re: [BUGS] Possible password authentication bug in 6.3.1 (fwd) |