From d64971da6e717086eb64287112c118a05e588680 Mon Sep 17 00:00:00 2001 From: Jacob Champion Date: Mon, 3 Mar 2025 08:25:52 -0800 Subject: [PATCH v4 4/4] fixup! dblink: Add SCRAM pass-through authentication --- contrib/dblink/dblink.c | 19 +++++-------------- contrib/dblink/t/001_auth_scram.pl | 14 +++++++------- doc/src/sgml/dblink.sgml | 4 ++-- 3 files changed, 14 insertions(+), 23 deletions(-) diff --git a/contrib/dblink/dblink.c b/contrib/dblink/dblink.c index 31e6c0e935c..6908d70f718 100644 --- a/contrib/dblink/dblink.c +++ b/contrib/dblink/dblink.c @@ -129,20 +129,11 @@ static bool is_valid_dblink_option(const PQconninfoOption *options, static int applyRemoteGucs(PGconn *conn); static void restoreLocalGucs(int nestlevel); static PGconn *connect_pg_server(char *connstr_or_srvname, remoteConn *rconn, uint32 wait_event_info); - -static bool - UseScramPassthrough(ForeignServer *foreign_server, UserMapping *user); - -static void - appendSCRAMKeysInfo(StringInfo buf); - -static bool - is_valid_dblink_fdw_option(const PQconninfoOption *options, const char *option, +static bool UseScramPassthrough(ForeignServer *foreign_server, UserMapping *user); +static void appendSCRAMKeysInfo(StringInfo buf); +static bool is_valid_dblink_fdw_option(const PQconninfoOption *options, const char *option, Oid context); - - -static bool - dblink_connstr_has_scram_require_auth(const char *connstr); +static bool dblink_connstr_has_scram_require_auth(const char *connstr); /* Global */ static remoteConn *pconn = NULL; @@ -2584,7 +2575,7 @@ dblink_connstr_has_scram_require_auth(const char *connstr) if (option->val != NULL && strcmp(option->val, "scram-sha-256") == 0) result = true; else - result = false; + result = false; } } PQconninfoFree(options); diff --git a/contrib/dblink/t/001_auth_scram.pl b/contrib/dblink/t/001_auth_scram.pl index ac646d2a54d..15058ac7c9a 100644 --- a/contrib/dblink/t/001_auth_scram.pl +++ b/contrib/dblink/t/001_auth_scram.pl @@ -3,7 +3,7 @@ # Test SCRAM authentication when opening a new connection with a foreign # server. # -# The test is executed by testing the SCRAM authentifcation on a looplback +# The test is executed by testing the SCRAM authentifcation on a loopback # connection on the same server and with different servers. use strict; @@ -12,15 +12,14 @@ use PostgreSQL::Test::Utils; use PostgreSQL::Test::Cluster; use Test::More; -my $hostaddr = '127.0.0.1'; my $user = "user01"; -my $db0 = "db0"; # For node1 -my $db1 = "db1"; # For node1 -my $db2 = "db2"; # For node2 +my $db0 = "db0"; # For node1 +my $db1 = "db1"; # For node1 +my $db2 = "db2"; # For node2 my $fdw_server = "db1_fdw"; my $fdw_server2 = "db2_fdw"; -my $fdw_invalid_server = "db2_fdw_invalid"; # For invalid fdw options +my $fdw_invalid_server = "db2_fdw_invalid"; # For invalid fdw options my $node1 = PostgreSQL::Test::Cluster->new('node1'); my $node2 = PostgreSQL::Test::Cluster->new('node2'); @@ -155,7 +154,8 @@ sub test_fdw_auth_with_invalid_overwritten_require_auth like( $stderr, qr/use_scram_passthrough can only be used with require_auth='scram-sha-256'/, - 'expected error when connecting to a fdw overwriting the require_auth'); + 'expected error when connecting to a fdw overwriting the require_auth' + ); } sub setup_user_mapping diff --git a/doc/src/sgml/dblink.sgml b/doc/src/sgml/dblink.sgml index f6e1009c028..e3b4129ae26 100644 --- a/doc/src/sgml/dblink.sgml +++ b/doc/src/sgml/dblink.sgml @@ -141,7 +141,7 @@ dblink_connect(text connname, text connstr) returns text A Foreign Data Wrapper can be used as a connection name parameter. The foreign - server can be created using CREATE SERVER and CREATE USER MAPPING commands. + server can be created using CREATE SERVER and CREATE USER MAPPING commands. @@ -257,7 +257,7 @@ SELECT dblink_connect('myconn', 'dbname=postgres options=-csearch_path='); (1 row) -- FOREIGN DATA WRAPPER functionality --- Note: local connection that don't use SCRAM pass-through require password +-- Note: local connection that don't use SCRAM pass-through require password -- authentication for this to work properly. Otherwise, you will receive -- the following error from dblink_connect(): -- ERROR: password is required -- 2.34.1