Fix md5_password_warnings for role and database settings
Fujii Masao <fujii@postgresql.org>
Fix md5_password_warnings for role and database settings MD5 authentication warnings are queued during authentication, before startup options and role/database settings have been applied. The code checked md5_password_warnings at queue time, so settings such as ALTER ROLE ... SET md5_password_warnings = off did not suppress the warning, even though the established session showed the GUC as off. Keep the connection-warning infrastructure generic by allowing each queued warning to carry an optional filter callback. Evaluate that callback when warnings are emitted, after startup options and role/database settings have been processed. Use this for MD5 authentication warnings, while leaving password expiration warnings unchanged. Add test coverage for an MD5-authenticated role with md5_password_warnings disabled. Author: Chao Li <lic@highgo.com> Reviewed-by: Japin Li <japinli@hotmail.com> Reviewed-by: Fujii Masao <masao.fujii@gmail.com> Discussion: https://postgr.es/m/AE46E42D-5966-4D76-9E64-95EAB01B9FB5@gmail.com
Files
| Path | Change | +/− |
|---|---|---|
| src/backend/libpq/crypt.c | modified | +18 −13 |
| src/backend/utils/init/postinit.c | modified | +33 −19 |
| src/include/miscadmin.h | modified | +3 −1 |
| src/test/authentication/t/001_password.pl | modified | +17 −0 |
| src/tools/pgindent/typedefs.list | modified | +1 −0 |
Discussion
- Fix md5_password_warnings for role/database settings 8 messages · 2026-06-10 → 2026-06-11