Re: md5_password_warnings for password auth with MD5-encrypted passwords
Fujii Masao <masao.fujii@gmail.com>
From: Fujii Masao <masao.fujii@gmail.com>
To: Japin Li <japinli@hotmail.com>
Cc: Chao Li <li.evan.chao@gmail.com>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2026-06-23T04:31:53Z
Lists: pgsql-hackers
On Tue, Jun 23, 2026 at 12:17 PM Japin Li <japinli@hotmail.com> wrote: > >> -- > >> Fujii Masao > >> <v1-0001-Warn-on-password-auth-with-MD5-encrypted-password.patch> > > > > Given that the original warning emission was in md5_crypt_verify(), I > > think it might be a bit better to keep the two private helpers in > > crypt.c and add the warning emission in plain_crypt_verify(), because > > that function has already determined the password type and > > authentication result. > > > +1 > > Placing it in plain_crypt_verify() leverages the already-determined type and > result, while keeping the helpers internal to crypt.c is cleaner. plain_crypt_verify() looks like a generic helper to me. It's used not only for connection authentication, but also by CREATE/ALTER ROLE and passwordcheck. So I'm not sure it's clearer to add a connection-authentication-specific side effect there. Also, plain_crypt_verify() can be called after EmitConnectionWarnings(), for example, by CREATE/ALTER ROLE. So if plain_crypt_verify() were updated to simply call StoreConnectionWarning() for MD5 password warnings, it could end up calling StoreConnectionWarning() after EmitConnectionWarnings(), resulting in the unexpected error "StoreConnectionWarning() called after EmitConnectionWarnings()". Regards, -- Fujii Masao
Commits
-
Warn on password auth with MD5-encrypted passwords
- e57a865dc700 19 (unreleased) landed
- f6fdc2a4a737 master landed