I try (libreoffice 7.0.4 or 6.4.7 it's the same) to connect from macosx (big sur or catalina it's the same) as client on postgresql server 10 (or above it's the same) via sdbc driver and obtain this error: SQL Status: SCRAM authentication requires libpq version 10 or above Error code: 1 Couldn't establish database connection to 'sdbc:postgresql:hostaddr=* dbname=* user=* password=*' SCRAM authentication requires libpq version 10 or above The same error does not occur when the postgresql is 9 or lower. The same error does not occur when os is linux (debian or ubuntu). Thanks in advance GAT
Just for the record, the version of Postgresql driver built in LO is postgresql-9.2.24.
ok, when os is linux the error does not occur even if the postgresql server is 10 or above
No repro with Version: 7.0.3.1 Build ID: d7547858d014d4cf69878db179d326fc3483e082 CPU threads: 8; OS: Mac OS X 10.16; UI render: default; VCL: osx Locale: fr-FR (fr_FR.UTF-8); Langue IHM : fr-FR Calc: threaded postgresql server 10.15 What is SCRAM authentication ?
(In reply to Alex Thurgood from comment #3) > No repro with > > Version: 7.0.3.1 > Build ID: d7547858d014d4cf69878db179d326fc3483e082 > CPU threads: 8; OS: Mac OS X 10.16; UI render: default; VCL: osx > Locale: fr-FR (fr_FR.UTF-8); Langue IHM : fr-FR > Calc: threaded > > postgresql server 10.15 > > What is SCRAM authentication ? Note that for the purposes of my testing, the postgres server is running on the same host (127.0.0.1) as the LO client accessing the db.
(In reply to Alex Thurgood from comment #4) > > > > What is SCRAM authentication ? Forget that question, I found out for myself. If the sdbc driver relies on libpq, then SCRAM should be supported/ However, it may well be, as we discovered recently with the native mysql connector code, that the pg SDBC driver also doesn't make any provision for handling SHA-based SCRAM. My postgres testbed hasn't been migrated to SCRAM authentication, so my test results are moot, and can be ignored.
Adding Lionel, Julien to CC for any comment they might like to offer. @Julien : seeing as you recently implemented the SHA support for the mysql connector, any interest/time for this one ?
@giultar : As Julien indicated in comment 1, our driver code is based on libpq 9.x (actually seems to be 9.1) when reading: OUString DatabaseMetaData::getSystemFunctions() from https://github.com/LibreOffice/core/blob/master/connectivity/source/drivers/postgresql/pq_databasemetadata.cxx This means that SCRAM is not currently supported.
the strange thing is that the same configuration of LO / sdbc / PostgreSQL returns this error in macosx and does not return this error on debian / ubuntu
(In reply to giultar from comment #8) > the strange thing is that the same configuration of LO / sdbc / PostgreSQL > returns this error in macosx and does not return this error on debian / > ubuntu Only a guess, but the build released by the maintainers of LO packages on those platforms might use more recent versions of libpq, whereas the macOS builds rely on external tar libpq, which probably hasn't been updated to the most recent/stable/buildable for macOS ?
Perhaps Postgresql should be upgraded in LO but to which version?
SCRAM authentication starts from PostgreSQL 10
(In reply to Julien Nabet from comment #10) > Perhaps Postgresql should be upgraded in LO but to which version? Just use the latest stable
(In reply to Lionel Elie Mamane from comment #12) > (In reply to Julien Nabet from comment #10) > > Perhaps Postgresql should be upgraded in LO but to which version? > > Just use the latest stable Will it be compatible with previous versions or can we expect, for example, Postgresql 13.1 (last stable version) won't be compatible with Postgresql 9 or 8 and so some people may complain?
It is compatible with previous versions.
I asked on dev mailing list about putting available on https://dev-www.libreoffice.org/src/ Postgresql 13.1. Of course, it's just a prerequisite for the task to upgrade Postgresql in LO. Considering the pbs there were for Firebird 3.0.7 upgrade (whereas it was only a minor version upgrade 3.0.0 -> 3.0.7), it may take a while before seeing 13.1 version built on LO. Indeed, we must take into account all envs (Linux, Windows and MacOs). Then, even after the upgrade, to fix this bug perhaps we must enable plugins/libs and I didn't see where it was. For MariaDB there were already plugins enabled so I could see where it was located, in addition, I knew Michael Stahl had done the upgrade quite recently (in 2020) so could ping him.
meanwhile i am using jdbc driver for postgresql
I began with https://gerrit.libreoffice.org/c/core/+/109456 but after some time just wondering how to build on Linux, comparing current and new version, I abandoned. => uncc myself.
Fixed on master with https://cgit.freedesktop.org/libreoffice/core/commit/?id=234833f7823a1424b62c93e145f0cfe2c6b6efd5 author Michael Stahl <michael.stahl@allotropia.de> 2021-01-19 15:38:05 +0100 committer Michael Stahl <michael.stahl@allotropia.de> 2021-01-20 11:31:18 +0100 commit 234833f7823a1424b62c93e145f0cfe2c6b6efd5 (patch) tree b31ca9a795f777e1dbfc3b9e3409e54bd8d752a7 parent 4b55847b81fa18d5bf2445c294b9260e98f365bc (diff) postgresql: upgrade to release 13.1 Fixes CVE-2020-25694, plus a bunch more CVE that don't look relevant. * --with-krb5 no longer exists, neither does --disable-shared * remove internal-zlib.patch.1: zlib is only used by pg_* tools / contrib/pgcrypto * remove postgresql-libs-leak.patch: some relic from pre-gbuild times, not clear what the point is for static libs * remove postgresql-9.2.1-libreoffice.patch: another dmake .mk file relic, and the win32 nmake build system was removed * add postgres-msvc-build.patch.1 to fix Cygwin perl and openssl * on WNT, libpq.dll is now built, no longer static lib guiltar: it's not indicated in https://wiki.documentfoundation.org/ReleasePlan but in general major versions are released every 6 months, so should be in July. I may be wrong but I don't think it'll be cherry-picked in 7.0 even in 7.1 branch since it's quite a big leap, but again I may be wrong. Michael also updated README to test postgresql easily: see https://cgit.freedesktop.org/libreoffice/core/commit/?id=cc67a25886594e9009fa49418e106ea4ec40dd18 Thank you Michael, really great and fast job!
There are already backports for 7.1 and 7.0, because it fixes CVE-2020-25694 (see https://gerrit.libreoffice.org/c/core/+/109677)
i downloaded Version: 7.2.0.0.alpha0+ / LibreOffice Community Build ID: 86c8c775bbefe333d684e12c99855a3c1de68051 CPU threads: 4; OS: Mac OS X 10.16; UI render: default; VCL: osx Locale: it-IT (it.UTF-8); UI: it-IT Calc: threaded and it works perfectly thanks a lot to everybody