Re: SCRAM pass-through authentication for postgres_fdw

Matheus Alcantara <matheusssilv97@gmail.com>

From: Matheus Alcantara <matheusssilv97@gmail.com>
To: Jelte Fennema-Nio <postgres@jeltef.nl>, Jacob Champion <jacob.champion@enterprisedb.com>
Cc: PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2024-12-09T18:06:11Z
Lists: pgsql-hackers

Attachments

On 04/12/24 20:05, Jelte Fennema-Nio wrote:
> On Wed, 4 Dec 2024 at 23:11, Jacob Champion
> <jacob.champion@enterprisedb.com> wrote:
>> It makes me a little uneasy to give users a reason to copy identical
>> salts/verifiers around... But for e.g. a loopback connection, it seems
>> like there'd be no additional risk. Is that the target use case?
> 
> I don't think that necessarily has to be the usecase,
> clustering/sharding setups could benefit from this too. PgBouncer
> supports the same functionality[1]. I only see advantages over the
> alternative, which is copying the plaintext password around. In case
> of compromise of the server, only the salt+verifier has to be rotated,
> not the actual user password.
The patch is very similar with what was implemented on PgBoucer[1]

> Regarding the actual patch: This definitely needs a bunch of
> documentation explaining how to use this and when not to use this.
I'm attaching a patch with a initial documentation, so that we can get 
initial thoughts (not sure if I should put the documentation on the 
same patch of code changes).

Thanks!

[1] 
https://github.com/pgbouncer/pgbouncer/commit/ba1abfe#diff-128a3f9ffa6a6f3863e843089ede6d07010215acf49c66b2d1f1d9baba2f49e7R1001

-- 
Matheus Alcantara
EDB: https://www.enterprisedb.com

Commits

  1. postgres_fdw and dblink should check if backend has MyProcPort

  2. postgres_fdw: SCRAM authentication pass-through