Re: add warning upon successful md5 password auth
Andreas Karlsson <andreas@proxel.se>
From: Andreas Karlsson <andreas@proxel.se>
To: Nathan Bossart <nathandbossart@gmail.com>
Cc: pgsql-hackers@postgresql.org, Tom Lane <tgl@sss.pgh.pa.us>
Date: 2026-02-17T17:11:45Z
Lists: pgsql-hackers
On 2/17/26 6:05 PM, Nathan Bossart wrote: > On Tue, Feb 17, 2026 at 07:08:17AM +0100, Andreas Karlsson wrote: >> As for the patch itself I think it looks good, but I am not a fan of the >> test code. Why not simply write like the below? >> >> test_conn($node, 'user=md5_role', 'md5', 0, >> log_like => >> [qr/connection authenticated: identity="md5_role" method=md5/], >> expected_stderr => >> [qr/authenticated with an MD5-encrypted password/]) > > No good reason. I've updated the patch. Nice, the patch looks good as-is for me now. Andreas
Commits
-
Warn upon successful MD5 password authentication.
- bc60ee860665 19 (unreleased) landed
-
Add password expiration warnings.
- 1d92e0c2cc47 19 (unreleased) cited