diff --git a/docs/en_US/release_notes_3_2.rst b/docs/en_US/release_notes_3_2.rst index 07e8bf78c..3ac03030b 100644 --- a/docs/en_US/release_notes_3_2.rst +++ b/docs/en_US/release_notes_3_2.rst @@ -10,10 +10,12 @@ This release contains a number of features and fixes reported since the release Features ******** +| `Feature #2214 `_ - Add support for SCRAM password changes (requires psycopg2 >= 2.8). | `Feature #3397 `_ - Add support for Trigger and JIT stats in the graphical query plan viewer. | `Feature #3506 `_ - Allow the user to specify a fixed port number in the runtime to aid cookie whitelisting etc. | `Feature #3510 `_ - Add a menu option to the runtime to copy the appserver URL to the clipboard. + Bug fixes ********* diff --git a/web/pgadmin/browser/server_groups/servers/__init__.py b/web/pgadmin/browser/server_groups/servers/__init__.py index fdf645402..24684de0b 100644 --- a/web/pgadmin/browser/server_groups/servers/__init__.py +++ b/web/pgadmin/browser/server_groups/servers/__init__.py @@ -1245,7 +1245,16 @@ class ServerNode(PGChildNodeView): return unauthorized(gettext("Incorrect password.")) # Hash new password before saving it. - password = pqencryptpassword(data['newPassword'], manager.user) + if manager.sversion >= 100000: + password = conn.pq_encrypt_password_conn(data['newPassword'], + manager.user) + if password is None: + # Unable to encrypt the password so used the + # old method of encryption + password = pqencryptpassword(data['newPassword'], + manager.user) + else: + password = pqencryptpassword(data['newPassword'], manager.user) SQL = render_template( "/servers/sql/#{0}#/change_password.sql".format( diff --git a/web/pgadmin/utils/driver/psycopg2/connection.py b/web/pgadmin/utils/driver/psycopg2/connection.py index 3b0321633..b40b3f8bc 100644 --- a/web/pgadmin/utils/driver/psycopg2/connection.py +++ b/web/pgadmin/utils/driver/psycopg2/connection.py @@ -143,6 +143,10 @@ class Connection(BaseConnection): * get_notifies() - This function will returns list of notifies received from database server. + + * pq_encrypt_password_conn() + - This function will return the encrypted password for database server + - greater than or equal to 10. """ def __init__(self, manager, conn_id, db, auto_reconnect=True, async=0, @@ -1814,3 +1818,38 @@ Failed to reset the connection to the server due to following error: } for notify in self.__notifies ] return notifies + + def pq_encrypt_password_conn(self, password, user): + """ + This function will return the encrypted password for database server + greater than or equal to 10 + :param password: password to be encrypted + :param user: user of the database server + :return: + """ + enc_password = None + if psycopg2.__libpq_version__ >= 100000 and \ + hasattr(psycopg2.extensions, 'encrypt_password'): + if self.connected(): + status, enc_algorithm = \ + self.execute_scalar("SHOW password_encryption") + if status: + enc_password = psycopg2.extensions.encrypt_password( + password=password, user=user, scope=self.conn, + algorithm=enc_algorithm + ) + elif psycopg2.__libpq_version__ < 100000: + current_app.logger.warning( + u"To encrypt passwords the required libpq version is " + u"greater than or equal to 100000. Current libpq version " + u"is {curr_ver}".format( + curr_ver=psycopg2.__libpq_version__ + ) + ) + elif not hasattr(psycopg2.extensions, 'encrypt_password'): + current_app.logger.warning( + u"The psycopg2.extensions module does not have the" + u"'encrypt_password' method." + ) + + return enc_password