Add PQencryptPasswordConn function to libpq, use it in psql and createuser.

The new function supports creating SCRAM verifiers, in addition to md5
hashes. The algorithm is chosen based on password_encryption, by default.

This fixes the issue reported by Jeff Janes, that there was previously
no way to create a SCRAM verifier with "\password".

Michael Paquier and me

Discussion: https://www.postgresql.org/message-id/CAMkU%3D1wfBgFPbfAMYZQE78p%3DVhZX7nN86aWkp0QcCp%3D%2BKxZ%3Dbg%40mail.gmail.com

1 files changed, 6 insertions, 3 deletions

diff --git a/src/bin/scripts/createuser.c b/src/bin/scripts/createuser.c
index 3d74797a8f..35a53bf206 100644
--- a/src/bin/scripts/createuser.c
+++ b/src/bin/scripts/createuser.c
@@ -274,11 +274,14 @@ main(int argc, char *argv[])
 		{
 			char	   *encrypted_password;
 
-			encrypted_password = PQencryptPassword(newpassword,
-												   newuser);
+			encrypted_password = PQencryptPasswordConn(conn,
+													   newpassword,
+													   newuser,
+													   NULL);
 			if (!encrypted_password)
 			{
-				fprintf(stderr, _("Password encryption failed.\n"));
+				fprintf(stderr, _("%s: password encryption failed: %s"),
+						progname, PQerrorMessage(conn));
 				exit(1);
 			}
 			appendStringLiteralConn(&sql, encrypted_password, conn);