Postgres Pro
Downloads
Home   >   mailing lists

Thread: SCRAM Error

SCRAM Error

From
Logan Greenlee
Date:
Hello,

I am receiving an error "SCRAM Authentication requires libpq version 10 or above".

[33236-0.001]   mylog.c[logs_on_off]274: mylog_on=1 qlog_on=1
[33236-0.002]connection[CC_connect]1062: entering...sslmode=disable
[33236-0.002]connection[LIBPQ_CC_connect]1034: entering...
[33236-0.005]connection[CC_initial_log]982: Driver Version='09.06.0500,Jan 25 2019' linking 1800 dynamic Multithread library
[33236-0.006]connection[CC_initial_log]1017: DSN = '', server = 'localhost', port = '5433', database = 'Trades', username = 'postgres', password='xxxxx'
[33236-0.009]connection[LIBPQ_connect]2670: connecting to the database using localhost as the server and pqopt={}
[33236-0.074]connection[CC_set_error_statements]1215: entering self=0000018D5F2A8140
[33236-0.078]connection[CC_log_error]2527: CONN ERROR: func=LIBPQ_connect, desc='', errnum=101, errmsg='SCRAM authentication requires libpq version 10 or above
'
[33236-0.078]connection[LIBPQ_connect]2817: Could not establish connection to the database; LIBPQ returned -> SCRAM authentication requires libpq version 10 or above

[33236-0.081]connection[LIBPQ_connect]2859: leaving 0
[33236-0.081]connection[CC_log_error]2527: CONN ERROR: func=PGAPI_DriverConnect, desc='Error from CC_Connect', errnum=101, errmsg='SCRAM authentication requires libpq version 10 or above
'

Is this due to the libpq version being insufficient in the driver? I am connecting to a 13 instance. I tried to go to md5 but it seemed to have no effect.

Thanks,
Logan

Re: SCRAM Error

From
Tom Lane
Date:
Logan Greenlee <logan@thegreenlees.us> writes:
> I am receiving an error "SCRAM Authentication requires libpq version 10 or
> above".
> ...
> [33236-0.005]connection[CC_initial_log]982: Driver Version='09.06.0500,Jan
> 25 2019' linking 1800 dynamic Multithread library

Since the ODBC driver seems to be 9.6, it's not surprising that it's
linked to a 9.6 libpq.  Can't you update that?

> Is this due to the libpq version being insufficient in the driver? I am
> connecting to a 13 instance. I tried to go to md5 but it seemed to have no
> effect.

It seems like your server may be set to hash passwords via SCRAM.  If you
need compatibility with ancient client versions, you need to make sure
your password is hashed the old way with md5.  Observe:

regression=# create user joe;
CREATE ROLE
regression=# set password_encryption to "scram-sha-256";
SET
regression=# alter user joe password 'foo';
ALTER ROLE
regression=# select rolpassword from pg_authid where rolname = 'joe';
                                                              rolpassword

--------------------------------------------------------------------------------
-------------------------------------------------------
 SCRAM-SHA-256$4096:LSVE1BFWcxrIJSTEeZF/8g==$ceM/afcYjb8zwIjD3MIXmubeu/F2ZieAzYL
LeAzck6k=:ge1TjRpYn7kNf0pAJoohYRURT9LGLFIEPK48M1pJZ8c=
(1 row)
regression=# set password_encryption = md5;
SET
regression=# alter user joe password 'foo';
ALTER ROLE
regression=# select rolpassword from pg_authid where rolname = 'joe';
             rolpassword
-------------------------------------
 md516fa7b3dfbb8654ea1e0a864754ee209
(1 row)

            regards, tom lane