<!--

$PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.199 2005/11/04 23:14:00 petere Exp $

$PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.200 2005/12/23 01:16:37 tgl Exp $

-->

<chapter id="libpq">

</sect1>

<sect1 id="libpq-misc">

<title>Miscellaneous Functions</title>

<para>

As always, there are some functions that just don't fit anywhere.

</para>

<variablelist>

<varlistentry>

<term><function>pg_make_encrypted_password</function><indexterm><primary>pg_make_encrypted_password</></></term>

<listitem>

<para>

Prepares the encrypted form of a <productname>PostgreSQL</> password.

<synopsis>

char *pg_make_encrypted_password(const char *passwd, const char *user);

</synopsis>

<function>pg_make_encrypted_password</> is intended to be used by client

applications that wish to send commands like

<literal>ALTER USER joe PASSWORD 'pwd'</>.

It is good practice not to send the original cleartext password in such a

command, because it might be exposed in command logs, activity displays,

and so on. Instead, use this function to convert the password to encrypted

form before it is sent. The arguments are the cleartext password, and the SQL

name of the user it is for. The return value is a malloc'd string, or NULL if

out-of-memory. The caller may assume the string doesn't contain any weird

characters that would require escaping. Use <function>PQfreemem</> to free

the result when done with it.

</para>

</listitem>

</varlistentry>

</variablelist>

</sect1>

<sect1 id="libpq-notice-processing">

<title>Notice Processing</title>

#undef mkdir

{

char*opt0=psql_scan_slash_option(scan_state,OT_SQLID,NULL, true);

char*user;

charencrypted_password[MD5_PASSWD_LEN+1];

char*encrypted_password;

if (opt0)

user=opt0;

user=PQuser(pset.db);

if (!pg_md5_encrypt(pw1,user,strlen(user),encrypted_password))

encrypted_password=pg_make_encrypted_password(pw1,user);

if (!encrypted_password)

{

fprintf(stderr,_("Password encryption failed.\n"));

success= false;

PGresult*res;

initPQExpBuffer(&buf);

printfPQExpBuffer(&buf,"ALTERROLE %s PASSWORD '%s';",

printfPQExpBuffer(&buf,"ALTERUSER %s PASSWORD '%s';",

fmtId(user),encrypted_password);

res=PSQLexec(buf.data, false);

termPQExpBuffer(&buf);

if (!res)

success= false;

PQclear(res);

PQfreemem(encrypted_password);

}

}

staticvoidhelp(constchar*progname);

if (encrypted!=TRI_NO)

{

charencrypted_password[MD5_PASSWD_LEN+1];

char*encrypted_password;

if (!pg_md5_encrypt(newpassword,newuser,strlen(newuser),encrypted_password))

encrypted_password=pg_make_encrypted_password(newpassword,

newuser);

if (!encrypted_password)

{

fprintf(stderr,_("Password encryption failed.\n"));

exit(1);

}

appendStringLiteral(&sql,encrypted_password, false);

PQfreemem(encrypted_password);

}

appendStringLiteral(&sql,newpassword, false);

# $PostgreSQL: pgsql/src/interfaces/libpq/exports.txt,v 1.5 2005/10/21 15:21:21 tgl Exp $

# $PostgreSQL: pgsql/src/interfaces/libpq/exports.txt,v 1.6 2005/12/23 01:16:38 tgl Exp $

# Functions to be exported by libpq DLLs

PQconnectdb 1

PQsetdbLogin 2

lo_create 123

PQinitSSL 124

PQregisterThreadLock 125

pg_make_encrypted_password 126

returnauthn;

}

pg_make_encrypted_password(constchar*passwd,constchar*user)

{

char*crypt_pwd;

crypt_pwd=malloc(MD5_PASSWD_LEN+1);

if (!crypt_pwd)

returnNULL;

if (!pg_md5_encrypt(passwd,user,strlen(user),crypt_pwd))

{

free(crypt_pwd);

returnNULL;

}

returncrypt_pwd;

}

externintPQenv2encoding(void);

externchar*pg_make_encrypted_password(constchar*passwd,constchar*user);

}