Re: [Fwd: [Zope-dev] Authentication Problem with Postgres]

Andre Schubert <andre.schubert@geyer.kabeljournal.de> writes:
> sometimes i have a curios problem with my Zope.
> My sysop has traced the protcols before and after the error.
> Zope sends some data and then a crypted password with the salt.
> If the error is occured the password that Zope sends is crypted wrong.
> After a restart of Zope the password is right crypted.

If you've determined that in fact the wrong password is being sent
from the client side, then it seems that there are only two
possibilities: one, Zope is handing the wrong password to libpq,
or two, there's something broken in the crypt library on your client
machine.  libpq's handling of the password is so trivial that I find
it hard to see how there could be such a problem inside libpq itself.

If you're not convinced, I'd suggest adding some debug logging printout
to libpq (look in fe-connect.c and fe-auth.c).  Try tracing the
arguments and result of the actual crypt() call in fe-auth.c, and
then work outwards if you need to.

You didn't say what platform you're on, but on some platforms I believe
that crypt() supports both traditional (DES variant) and MD5 encryption
styles.  Possibly the problem is somehow related to choosing the wrong
encryption style (where "wrong" = "not what the postmaster is using").

            regards, tom lane