diff -uNr postgresql-7.2.1.orig/src/interfaces/jdbc/org/postgresql/Connection.java postgresql-7.2.1/src/interfaces/jdbc/org/postgresql/Connection.java
--- postgresql-7.2.1.orig/src/interfaces/jdbc/org/postgresql/Connection.java	Tue Dec 11 13:44:23 2001
+++ postgresql-7.2.1/src/interfaces/jdbc/org/postgresql/Connection.java	Tue Aug 13 20:43:24 2002
@@ -67,6 +67,7 @@
 
 	// New for 6.3, salt value for crypt authorisation
 	private String salt;
+	private byte[] md5salt = new byte[4];
 
 	// These are used to cache oids, PGTypes and SQLTypes
 	private static Hashtable sqlTypeCache = new Hashtable();  // oid -> SQLType
@@ -194,12 +195,11 @@
 						// Or get the md5 password salt if there is one
 						if (areq == AUTH_REQ_MD5)
 						{
-							byte[] rst = new byte[4];
-							rst[0] = (byte)pg_stream.ReceiveChar();
-							rst[1] = (byte)pg_stream.ReceiveChar();
-							rst[2] = (byte)pg_stream.ReceiveChar();
-							rst[3] = (byte)pg_stream.ReceiveChar();
-							salt = new String(rst, 0, 4);
+							md5salt[0] = (byte)pg_stream.ReceiveChar();
+							md5salt[1] = (byte)pg_stream.ReceiveChar();
+							md5salt[2] = (byte)pg_stream.ReceiveChar();
+							md5salt[3] = (byte)pg_stream.ReceiveChar();
+							salt = new String(md5salt, 0, 4);
 							DriverManager.println("MD5 salt=" + salt);
 						}
 
@@ -236,7 +236,7 @@
 
 							case AUTH_REQ_MD5:
 								DriverManager.println("postgresql: MD5");
-								byte[] digest = MD5Digest.encode(PG_USER, PG_PASSWORD, salt);
+								byte[] digest = MD5Digest.encode(PG_USER, PG_PASSWORD, md5salt);
 								pg_stream.SendInteger(5 + digest.length, 4);
 								pg_stream.Send(digest);
 								pg_stream.SendInteger(0, 1);
diff -uNr postgresql-7.2.1.orig/src/interfaces/jdbc/org/postgresql/util/MD5Digest.java postgresql-7.2.1/src/interfaces/jdbc/org/postgresql/util/MD5Digest.java
--- postgresql-7.2.1.orig/src/interfaces/jdbc/org/postgresql/util/MD5Digest.java	Mon Nov 26 08:26:59 2001
+++ postgresql-7.2.1/src/interfaces/jdbc/org/postgresql/util/MD5Digest.java	Tue Aug 13 20:40:00 2002
@@ -21,11 +21,11 @@
 	 *
 	 * @param user		The connecting user.
 	 * @param password	The connecting user's password.
-	 * @param salt		A four-character string sent by the server.
+	 * @param salt		A four-byte salt sent by the server.
 	 *
 	 * @return	A 35-byte array, comprising the string "md5" and an MD5 digest.
 	 */
-	public static byte[] encode(String user, String password, String salt)
+	public static byte[] encode(String user, String password, byte[] salt)
 	{
 		MessageDigest md;
 		byte[] temp_digest, pass_digest;
@@ -41,7 +41,7 @@
 
 			bytesToHex(temp_digest, hex_digest, 0);
 			md.update(hex_digest, 0, 32);
-			md.update(salt.getBytes());
+			md.update(salt);
 			pass_digest = md.digest();
 
 			bytesToHex(pass_digest, hex_digest, 3);