我可以将md5身份验证与psycopg2一起使用吗? [英] Can I use md5 authentication with psycopg2?
问题描述
在阅读了两个小时的文档,源代码和帮助线程后,我放弃了.我无法让psycopg2使用md5字符串进行身份验证.根据此线程,除了启用md5-之外,我不需要任何其他操作在pg_hba.conf中进行身份验证.
After two hours of reading documentation, source code and help-threads, I'm giving up. I can't get psycopg2 to authenticate with a md5-string. According to this thread I don't have to anything besides enabling md5-auth in pg_hba.conf.
这是我当前的pg_hba.conf:
# TYPE DATABASE USER CIDR-ADDRESS METHOD
local all all md5
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
host all all 0.0.0.0/0 md5
我像这样使用psycopg2:
And I use psycopg2 like this:
psycopg2.connect(host='localhost', port=5433, user='me', password='md5xxxx').cursor()
哪个给:
psycopg2.OperationalError: FATAL: password authentication failed for user "me"
自然,给定的密码与pg_authid.rolpassword匹配.
Naturally, the given password matches with pg_authid.rolpassword.
根据pg_hba.conf,我只能使用md5-auth登录(对吗?).尽管如此,我未加密的密码仍然可以正常工作(并且不能使用散列符),而且我无法在其源代码中找到任何对psycopg2对其进行散列的引用.
According to pg_hba.conf I can only login using md5-auth (right?). Still, my unhashed password works fine (and hashed doesn't) and I'm unable to find any references to psycopg2 hashing it in its source code.
帮助?
谢谢!
推荐答案
Psycopg2是libpq的包装,即Postgres客户端库,该库已经实现了该功能.无需对您的密码进行哈希处理.在通过网络发送之前,将对其进行哈希处理(通过libpq).
Psycopg2 is a wrapper around libpq, that is, the Postgres client library, which implements this already. No need to hash you password. It will be hashed (by libpq) before being sent over the wire.
值得注意的是,libpq实际上发送了密码的MD5总和(使用用户名),以及该MD5总和的MD5总和(使用共享的连接常量)(请参阅
It's worth noting that libpq actually sends the MD5 sum of your password salted with your user name as well as the MD5 sum of that MD5 sum salted with a shared connection constant (see the source here). Replicating that behavior would require a bit of work.
这篇关于我可以将md5身份验证与psycopg2一起使用吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
