On Wed, May 30, 2007 at 05:58:24PM +0100, Oliver Elphick wrote:
> While experimenting just now, I seem to have found a weird problem with
> passwords, in that _anything_ I type in is accepted as a valid password.
> # TYPE DATABASE USER CIDR-ADDRESS METHOD
> # IPv4 local connections:
> hostnossl junk olly 127.0.0.1/32 trust
Looks to me you're matching this line ^^^
> 2. TCP/IP access: this uses SSL so it skips the hostnossl line and hits
> the next host line, which specifies an md5 password. Whatever I type is
> accepted.
When SSL fails, it retries as non-SSL.
> In the log I have:
> 2007-05-30 17:54:59 BST LOG: could not receive data from client: Connection res
> et by peer
> 2007-05-30 17:55:02 BST FATAL: password authentication failed for user "olly"
Those lines are the failure of the SSL connection, the successful
connection is just fine.
Have a nice day,
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> From each according to his ability. To each according to his ability to litigate.