From bb505f0b5ee9a8b1b26cc46cdf8c0f9f3bc44a6f Mon Sep 17 00:00:00 2001
From: Matheus Alcantara <mths.dev@pm.me>
Date: Fri, 15 May 2026 12:38:48 -0300
Subject: [PATCH v3 3/3] dblink: Reject use_scram_passthrough option on foreign
 data wrapper

The use_scram_passthrough option only makes sense for foreign server
and user mapping contexts, as it controls authentication behavior for
specific connections. Previously, this option was incorrectly accepted
when set via ALTER FOREIGN DATA WRAPPER OPTIONS, even though it had
no effect at that level.

Restrict the option validation to only accept use_scram_passthrough
when the context is ForeignServerRelationId or UserMappingRelationId.

Reviewed-by: Fujii Masao <masao.fujii@gmail.com>
Discussion: https://www.postgresql.org/message-id/CAHGQGwEJ8rZjmbOvCicyr4vbuLio082bNTde0WNoSWaWr9wVcg%40mail.gmail.com
---
 contrib/dblink/dblink.c            | 8 ++++++--
 contrib/dblink/expected/dblink.out | 5 +++++
 contrib/dblink/sql/dblink.sql      | 4 ++++
 3 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/contrib/dblink/dblink.c b/contrib/dblink/dblink.c
index bb6fcae4974..451c3208afe 100644
--- a/contrib/dblink/dblink.c
+++ b/contrib/dblink/dblink.c
@@ -3115,8 +3115,12 @@ static bool
 is_valid_dblink_fdw_option(const PQconninfoOption *options, const char *option,
 						   Oid context)
 {
-	if (strcmp(option, "use_scram_passthrough") == 0)
-		return true;
+	/* These options are only valid for foreign server or user mapping contexts */
+	if (context == ForeignServerRelationId || context == UserMappingRelationId)
+	{
+		if (strcmp(option, "use_scram_passthrough") == 0)
+			return true;
+	}
 
 	return is_valid_dblink_option(options, option, context);
 }
diff --git a/contrib/dblink/expected/dblink.out b/contrib/dblink/expected/dblink.out
index c70c79574fd..1d2759def9e 100644
--- a/contrib/dblink/expected/dblink.out
+++ b/contrib/dblink/expected/dblink.out
@@ -1220,6 +1220,11 @@ SHOW intervalstyle;
  postgres
 (1 row)
 
+-- Check that adding use_scram_passthrough option on an foreign data wrapper is
+-- not allowed
+ALTER FOREIGN DATA WRAPPER dblink_fdw OPTIONS(add use_scram_passthrough 'true');
+ERROR:  invalid option "use_scram_passthrough"
+HINT:  There are no valid options in this context.
 -- Clean up GUC-setting tests
 SELECT dblink_disconnect('myconn');
  dblink_disconnect 
diff --git a/contrib/dblink/sql/dblink.sql b/contrib/dblink/sql/dblink.sql
index 365b21036e8..d67a0a5992e 100644
--- a/contrib/dblink/sql/dblink.sql
+++ b/contrib/dblink/sql/dblink.sql
@@ -635,6 +635,10 @@ FROM dblink_fetch('myconn','error_cursor', 1) AS t(i int);
 SHOW datestyle;
 SHOW intervalstyle;
 
+-- Check that adding use_scram_passthrough option on an foreign data wrapper is
+-- not allowed
+ALTER FOREIGN DATA WRAPPER dblink_fdw OPTIONS(add use_scram_passthrough 'true');
+
 -- Clean up GUC-setting tests
 SELECT dblink_disconnect('myconn');
 RESET datestyle;
-- 
2.53.0