Re: sunsetting md5 password support

Christoph Moench-Tegeder <cmt@burggraben.net>

From: Christoph Moench-Tegeder <cmt@burggraben.net>
To: Heikki Linnakangas <hlinnaka@iki.fi>
Cc: Nathan Bossart <nathandbossart@gmail.com>, pgsql-hackers@postgresql.org
Date: 2024-10-10T12:27:04Z
Lists: pgsql-hackers
## Heikki Linnakangas (hlinnaka@iki.fi):

> This is a bit weird state. What exactly is "upgrading"? I guess you
> mean pg_upgrade, but lots of people use pg_dump & restore or logical
> replication or something else entirely for upgrading. That's
> indistinguishable from setting a pre-hashed MD5 password.

Password hashes are only in the "globals" dump (pg_dumpall -r/-g),
not in standard pg_dump (and I don't see anything about passwords
in the binary-upgrade mode of pg_dump).
Finally it might be a good thing that we separated data and roles.
Maybe that even is a plan for pg_upgrade: understand md5-password
when they appear in pg_authid, but do not apply special treatment
in CREATE ROLE/ALTER ROLE, thus preventing the setting of md5
password as pre-hashed passwords.

Regards,
Christoph

-- 
Spare Space.



Commits

  1. Deprecate MD5 passwords.