diff options
| author | Heikki Linnakangas <heikki.linnakangas@iki.fi> | 2017-05-04 12:28:25 +0300 |
|---|---|---|
| committer | Heikki Linnakangas <heikki.linnakangas@iki.fi> | 2017-05-04 12:28:25 +0300 |
| commit | 20bf7b2b0afcb53608ec37005ee7f831132925d2 (patch) | |
| tree | 0a7e4dae434ee7afdf62d5c4f87d3ba534b49117 /doc/src | |
| parent | 0de791ed760614991e7cb8a78fddd6874ea6919d (diff) | |
Fix PQencryptPasswordConn to work with older server versions.
password_encryption was a boolean before version 10, so cope with "on" and
"off".
Also, change the behavior with "plain", to treat it the same as "md5".
We're discussing removing the password_encryption='plain' option from the
server altogether, which will make this the only reasonable choice, but
even if we kept it, it seems best to never send the password in cleartext.
Diffstat (limited to 'doc/src')
| -rw-r--r-- | doc/src/sgml/libpq.sgml | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml index 4f60b203fbc..c2b7abc603e 100644 --- a/doc/src/sgml/libpq.sgml +++ b/doc/src/sgml/libpq.sgml @@ -5902,7 +5902,9 @@ char *PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user, are the cleartext password, and the SQL name of the user it is for. <parameter>algorithm</> specifies the encryption algorithm to use to encrypt the password. Currently supported algorithms are - <literal>md5</>, <literal>scram-sha-256</> and <literal>plain</>. + <literal>md5</> and <literal>scram-sha-256</> (<literal>on</> and + <literal>off</> are also accepted as aliases for <literal>md5</>, for + compatibility with older server versions). Note that support for <literal>scram-sha-256</> was introduced in <productname>PostgreSQL</> version 10, and will not work correctly with older server versions. If <parameter>algorithm</> is <symbol>NULL</>, this function will query |