Skip to content

Commit 20bf7b2

Browse files
hlinnakahlinnaka
committed
Fix PQencryptPasswordConn to work with older server versions.
password_encryption was a boolean before version 10, so cope with "on" and "off". Also, change the behavior with "plain", to treat it the same as "md5". We're discussing removing the password_encryption='plain' option from the server altogether, which will make this the only reasonable choice, but even if we kept it, it seems best to never send the password in cleartext.
1 parent 0de791e commit 20bf7b2

File tree

2 files changed

+17
-8
lines changed

2 files changed

+17
-8
lines changed

doc/src/sgml/libpq.sgml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5902,7 +5902,9 @@ char *PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
59025902
are the cleartext password, and the SQL name of the user it is for.
59035903
<parameter>algorithm</> specifies the encryption algorithm
59045904
to use to encrypt the password. Currently supported algorithms are
5905-
<literal>md5</>, <literal>scram-sha-256</> and <literal>plain</>.
5905+
<literal>md5</> and <literal>scram-sha-256</> (<literal>on</> and
5906+
<literal>off</> are also accepted as aliases for <literal>md5</>, for
5907+
compatibility with older server versions). Note that support for
59065908
<literal>scram-sha-256</> was introduced in <productname>PostgreSQL</>
59075909
version 10, and will not work correctly with older server versions. If
59085910
<parameter>algorithm</> is <symbol>NULL</>, this function will query

src/interfaces/libpq/fe-auth.c

Lines changed: 14 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1168,7 +1168,7 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
11681168
{
11691169
PQclear(res);
11701170
printfPQExpBuffer(&conn->errorMessage,
1171-
libpq_gettext("password_encryption value too long\n"));
1171+
libpq_gettext("password_encryption value too long\n"));
11721172
return NULL;
11731173
}
11741174
strcpy(algobuf, val);
@@ -1177,8 +1177,19 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
11771177
algorithm = algobuf;
11781178
}
11791179

1180-
/* Ok, now we know what algorithm to use */
1180+
/*
1181+
* Also accept "on" and "off" as aliases for "md5", because
1182+
* password_encryption was a boolean before PostgreSQL 10. We refuse to
1183+
* send the password in plaintext even if it was "off".
1184+
*/
1185+
if (strcmp(algorithm, "on") == 0 ||
1186+
strcmp(algorithm, "off") == 0 ||
1187+
strcmp(algorithm, "plain") == 0)
1188+
algorithm = "md5";
11811189

1190+
/*
1191+
* Ok, now we know what algorithm to use
1192+
*/
11821193
if (strcmp(algorithm, "scram-sha-256") == 0)
11831194
{
11841195
crypt_pwd = pg_fe_scram_build_verifier(passwd);
@@ -1195,14 +1206,10 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
11951206
}
11961207
}
11971208
}
1198-
else if (strcmp(algorithm, "plain") == 0)
1199-
{
1200-
crypt_pwd = strdup(passwd);
1201-
}
12021209
else
12031210
{
12041211
printfPQExpBuffer(&conn->errorMessage,
1205-
libpq_gettext("unknown password encryption algorithm\n"));
1212+
libpq_gettext("unknown password encryption algorithm\n"));
12061213
return NULL;
12071214
}
12081215

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy