Add password expiration warnings.
Nathan Bossart <nathan@postgresql.org>
Add password expiration warnings. This commit adds a new parameter called password_expiration_warning_threshold that controls when the server begins emitting imminent-password-expiration warnings upon successful password authentication. By default, this parameter is set to 7 days, but this functionality can be disabled by setting it to 0. This patch also introduces a new "connection warning" infrastructure that can be reused elsewhere. For example, we may want to warn about the use of MD5 passwords for a couple of releases before removing MD5 password support. Author: Gilles Darold <gilles@darold.net> Co-authored-by: Nathan Bossart <nathandbossart@gmail.com> Reviewed-by: Japin Li <japinli@hotmail.com> Reviewed-by: songjinzhou <tsinghualucky912@foxmail.com> Reviewed-by: liu xiaohui <liuxh.zj.cn@gmail.com> Reviewed-by: Yuefei Shi <shiyuefei1004@gmail.com> Reviewed-by: Steven Niu <niushiji@gmail.com> Reviewed-by: Soumya S Murali <soumyamurali.work@gmail.com> Reviewed-by: Euler Taveira <euler@eulerto.com> Reviewed-by: Zsolt Parragi <zsolt.parragi@percona.com> Reviewed-by: Chao Li <li.evan.chao@gmail.com> Reviewed-by: Greg Sabino Mullane <htamfids@gmail.com> Reviewed-by: Peter Eisentraut <peter@eisentraut.org> Discussion: https://postgr.es/m/129bcfbf-47a6-e58a-190a-62fc21a17d03%40migops.com
Files
| Path | Change | +/− |
|---|---|---|
| doc/src/sgml/config.sgml | modified | +22 −0 |
| src/backend/libpq/crypt.c | modified | +68 −5 |
| src/backend/utils/init/postinit.c | modified | +69 −0 |
| src/backend/utils/misc/guc_parameters.dat | modified | +10 −0 |
| src/backend/utils/misc/postgresql.conf.sample | modified | +2 −1 |
| src/include/libpq/crypt.h | modified | +3 −0 |
| src/include/miscadmin.h | modified | +1 −0 |
| src/test/authentication/t/001_password.pl | modified | +34 −0 |
Discussion
- Pasword expiration warning 65 messages · 2021-11-19 → 2026-02-11