Re: [Monetdb-developers] Mapi wire protocol level 9

On 07-05-2009 13:16:48 +0200, Fabian.Groffen@cwi.nl wrote:

As I'm working on changing the password backend of M5 to use hashes instead of cypher3d clear text passwords[1], I have to bump the wire protocol level from 8 to 9, since the client will have to construct the challenge response differently.

The changes made to the protocol only affect the login procedure. In v8 the password would be clear text, in v9 it is a hash. The hash algorithm used is defined by the server in the challenge. v8: <- <salt>:<server>:8:<hashes>:<byteorder> -> <byteorder>:<user>:{<hash>}:<lang>:<db>: v9: <- <salt>:<server>:9:<hashes>:<byteorder>:<pwhash>: -> <byteorder>:<user>:{<hash>}{hash(pwhash(password)+salt)>:<lang>:<db>: In v9 the <hashes> crypt and plain have been removed, RIPEMD160, SHA512, SHA384, SHA256 and SHA224 were added. <pwhash> can be any of RIPEMD160, SHA512, SHA384, SHA256, SHA224, SHA1 or MD5.