Arrange for the authentication request type to be preserved in

PGconn. Invent a new libpq connection-status function, PQconnectionUsedPassword() that returns true if the server demanded a password during authentication, false otherwise. This may be useful to clients in general, but is immediately useful to help plug a privilege escalation path in dblink. Per list discussion and design proposed by Tom Lane.
2025-07-30 11:03:19 +03:00 · 2007-07-08 17:11:51 +00:00
parent 8c69d881ce
commit 51bc3dfe4b
6 changed files with 42 additions and 7 deletions
--- a/doc/src/sgml/libpq.sgml
+++ b/doc/src/sgml/libpq.sgml
@ -1,4 +1,4 @@
-<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.235 2007/03/30 03:19:02 momjian Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.236 2007/07/08 17:11:50 joe Exp $ -->

 <chapter id="libpq">
  <title><application>libpq</application> - C Library</title>
@ -1059,6 +1059,20 @@ SSL *PQgetssl(const PGconn *conn);
     </listitem>
    </varlistentry>

+    <varlistentry>
+     <term><function>PQconnectionUsedPassword</function><indexterm><primary>PQconnectionUsedPassword</></></term>
+     <listitem>
+      <para>
+       Returns true (1) if the connection authentication method
+       required a password to be supplied. Returns false (0)
+       otherwise.
+       <synopsis>
+       bool PQconnectionUsedPassword(const PGconn *conn);
+       </synopsis>
+      </para>
+     </listitem>
+    </varlistentry>
+
 </variablelist>
 </para>