diff options
| author | Heikki Linnakangas | 2017-05-04 09:28:25 +0000 |
|---|---|---|
| committer | Heikki Linnakangas | 2017-05-04 09:28:25 +0000 |
| commit | 20bf7b2b0afcb53608ec37005ee7f831132925d2 (patch) | |
| tree | 0a7e4dae434ee7afdf62d5c4f87d3ba534b49117 /src/interfaces/libpq/fe-auth.c | |
| parent | 0de791ed760614991e7cb8a78fddd6874ea6919d (diff) | |
Fix PQencryptPasswordConn to work with older server versions.
password_encryption was a boolean before version 10, so cope with "on" and
"off".
Also, change the behavior with "plain", to treat it the same as "md5".
We're discussing removing the password_encryption='plain' option from the
server altogether, which will make this the only reasonable choice, but
even if we kept it, it seems best to never send the password in cleartext.
Diffstat (limited to 'src/interfaces/libpq/fe-auth.c')
| -rw-r--r-- | src/interfaces/libpq/fe-auth.c | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c index daa7cc95858..54acd0f6bf8 100644 --- a/src/interfaces/libpq/fe-auth.c +++ b/src/interfaces/libpq/fe-auth.c @@ -1168,7 +1168,7 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user, { PQclear(res); printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("password_encryption value too long\n")); + libpq_gettext("password_encryption value too long\n")); return NULL; } strcpy(algobuf, val); @@ -1177,8 +1177,19 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user, algorithm = algobuf; } - /* Ok, now we know what algorithm to use */ + /* + * Also accept "on" and "off" as aliases for "md5", because + * password_encryption was a boolean before PostgreSQL 10. We refuse to + * send the password in plaintext even if it was "off". + */ + if (strcmp(algorithm, "on") == 0 || + strcmp(algorithm, "off") == 0 || + strcmp(algorithm, "plain") == 0) + algorithm = "md5"; + /* + * Ok, now we know what algorithm to use + */ if (strcmp(algorithm, "scram-sha-256") == 0) { crypt_pwd = pg_fe_scram_build_verifier(passwd); @@ -1195,14 +1206,10 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user, } } } - else if (strcmp(algorithm, "plain") == 0) - { - crypt_pwd = strdup(passwd); - } else { printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("unknown password encryption algorithm\n")); + libpq_gettext("unknown password encryption algorithm\n")); return NULL; } |