> Okay, my understanding was that the protocol would work as follows:
>
> - client requests login
> - server sends stored salt c1, and random salt c2.
> - client performs hash_c2(hash_c1(password)) and sends result to server.
> - server performs hash_c2(stored_pg_shadow) and compares with client
> submission.
> - if there's a match, there's successful login.
>
> This protocol will truly create a challenge-response where the communication
> is different at each login, and where sniffing one
> hash_c2(hash_c1(password)) doesn't give you any way to log in with a
> different c2.
Yes.
-- Bruce Momjian | http://www.op.net/~candle pgman@candle.pha.pa.us | (610)
853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill,
Pennsylvania19026