diff --git a/bitnami/pgpool/4/debian-12/rootfs/opt/bitnami/scripts/libpgpool.sh b/bitnami/pgpool/4/debian-12/rootfs/opt/bitnami/scripts/libpgpool.sh index 28bb0073a9bc8..5ee3d0f607386 100644 --- a/bitnami/pgpool/4/debian-12/rootfs/opt/bitnami/scripts/libpgpool.sh +++ b/bitnami/pgpool/4/debian-12/rootfs/opt/bitnami/scripts/libpgpool.sh @@ -548,6 +548,32 @@ pgpool_create_config() { fi } +######################## +# Execute postgresql encrypt command +# Globals: +# PGPOOL_* +# Arguments: +# $@ - Command to execute +# Returns: +# None +######################### +pgpool_encrypt_execute() { + local -a password_encryption_cmd=("pg_md5") + + if [[ "$PGPOOL_AUTHENTICATION_METHOD" = "scram-sha-256" ]]; then + + if is_file_writable "$PGPOOLKEYFILE"; then + # Creating a PGPOOLKEYFILE as it is writeable + echo "$PGPOOL_AES_KEY" > "$PGPOOLKEYFILE" + # Fix permissions for PGPOOLKEYFILE + chmod 0600 "$PGPOOLKEYFILE" + fi + password_encryption_cmd=("pg_enc" "--key-file=${PGPOOLKEYFILE}") + fi + + "${password_encryption_cmd[@]}" "$@" +} + ######################## # Generates a password file for local authentication # Globals: @@ -561,20 +587,7 @@ pgpool_generate_password_file() { if is_boolean_yes "$PGPOOL_ENABLE_POOL_PASSWD"; then info "Generating password file for local authentication..." - local -a password_encryption_cmd=("pg_md5") - - if [[ "$PGPOOL_AUTHENTICATION_METHOD" = "scram-sha-256" ]]; then - - if is_file_writable "$PGPOOLKEYFILE"; then - # Creating a PGPOOLKEYFILE as it is writeable - echo "$PGPOOL_AES_KEY" > "$PGPOOLKEYFILE" - # Fix permissions for PGPOOLKEYFILE - chmod 0600 "$PGPOOLKEYFILE" - fi - password_encryption_cmd=("pg_enc" "--key-file=${PGPOOLKEYFILE}") - fi - - debug_execute "${password_encryption_cmd[@]}" -m --config-file="$PGPOOL_CONF_FILE" -u "$PGPOOL_POSTGRES_USERNAME" "$PGPOOL_POSTGRES_PASSWORD" + debug_execute pgpool_encrypt_execute -m --config-file="$PGPOOL_CONF_FILE" -u "$PGPOOL_POSTGRES_USERNAME" "$PGPOOL_POSTGRES_PASSWORD" if [[ -n "${PGPOOL_POSTGRES_CUSTOM_USERS}" ]]; then read -r -a custom_users_list <<<"$(tr ',;' ' ' <<<"${PGPOOL_POSTGRES_CUSTOM_USERS}")" @@ -582,7 +595,7 @@ pgpool_generate_password_file() { local index=0 for user in "${custom_users_list[@]}"; do - debug_execute "${password_encryption_cmd[@]}" -m --config-file="$PGPOOL_CONF_FILE" -u "$user" "${custom_passwords_list[$index]}" + debug_execute pgpool_encrypt_execute -m --config-file="$PGPOOL_CONF_FILE" -u "$user" "${custom_passwords_list[$index]}" ((index += 1)) done fi @@ -603,20 +616,10 @@ pgpool_generate_password_file() { pgpool_encrypt_password() { local -r password="${1:?missing password}" - local -a password_encryption_cmd=("pg_md5") - if [[ "$PGPOOL_AUTHENTICATION_METHOD" = "scram-sha-256" ]]; then - - if is_file_writable "$PGPOOLKEYFILE"; then - # Creating a PGPOOLKEYFILE as it is writeable - echo "$PGPOOL_AES_KEY" > "$PGPOOLKEYFILE" - # Fix permissions for PGPOOLKEYFILE - chmod 0600 "$PGPOOLKEYFILE" - fi - password_encryption_cmd=("pg_enc" "--key-file=${PGPOOLKEYFILE}") - debug_execute "${password_encryption_cmd[@]}" "$password" | grep -o -E "AES.+" | tr -d '\n' + pgpool_encrypt_execute "$password" | grep -o -E "AES.+" | tr -d '\n' else - debug_execute "${password_encryption_cmd[@]}" "$password" | tr -d '\n' + pgpool_encrypt_execute "$password" | tr -d '\n' fi }