supporting md5 password authentication

2026-01-18 15:55:05 +00:00 · 2010-10-22 18:16:40 -05:00 · 2010-10-22 18:16:40 -05:00 · 5b1f8aff3b
commit 5b1f8aff3b
parent b2631cbb50
2 changed files with 46 additions and 1 deletions
--- a/lib/client.js
+++ b/lib/client.js
@ -2,6 +2,7 @@ var EventEmitter = require('events').EventEmitter;
 var net = require('net');
 var Query = require(__dirname+'/query');
 var sys = require('sys');
+var crypto = require('crypto');

 var Client = function(config) {
  EventEmitter.call(this);
@ -52,6 +53,14 @@ p.connect = function() {
    self.send('p', new Buffer(self.password + '\0', self.encoding));
  });

+  this.on('authenticationMD5Password', function(msg) {
+    var enc = function(string) {
+      return crypto.createHash('md5').update(string).digest('hex');
+    }
+    var md5password = "md5" + enc(enc(self.password + self.user) + msg.salt.toString('binary')) + "\0";
+    self.send('p', new Buffer(md5password, self.encoding));
+  });
+
  this.on('readyForQuery', function() {
    self.readyForQuery = true;
    self.pulseQueryQueue();
@ -180,6 +189,16 @@ p.parseR = function(msg) {
    }
    return msg;
  }
+  if(msg.length == 12) {
+    code = this.parseInt32();
+    if(code == 5) { //md5 required
+      msg.name = 'authenticationMD5Password';
+      msg.salt = new Buffer(4);
+      this.buffer.copy(msg.salt, 0, this.offset, this.offset + 4);
+      this.offset += 4;
+      return msg;
+    }
+  }
  throw new Error("Unknown authenticatinOk message type" + sys.inspect(msg));
 };

--- a/test/unit/authentication-tests.js
+++ b/test/unit/authentication-tests.js
@ -1,3 +1,4 @@
+
 require(__dirname+'/test-helper');

 test('password authentication', function(){
@ -28,5 +29,30 @@ test('password authentication', function(){
 });

 test('md5 authentication', function() {
-  return false; 
+  var client = createClient();
+  client.password = "!";
+
+  var md5PasswordBuffer = Buffer([0x52, 0, 0, 0, 12, 0, 0, 0, 5, 1, 2, 3, 4]);
+
+  var raised = false;
+
+  client.on('authenticationMD5Password', function(msg) {
+    raised = true;
+    assert.equalBuffers(msg.salt, new Buffer([1,2,3,4]));
+  });
+
+  client.stream.emit('data', md5PasswordBuffer);
+
+  test('raises event', function() {
+    assert.ok(raised);
+  });
+
+  test('responds', function() {
+    assert.length(client.stream.packets, 1);
+    test('should have correct encrypted data', function() {
+      //how do we want to test this?
+      return false;
+    });
+  });
+
 });