Hello,
In my quest to understand how all the logging etc works with
authentication I came across the area of crypt.c that checks for
valid_until but it seems like it has an extraneous check.
If I am wrong I apologize for the noise but wouldn't mind an explanation.
index f01d904..8d809b2 100644
--- a/src/backend/libpq/crypt.c
+++ b/src/backend/libpq/crypt.c
@@ -145,9 +145,7 @@ md5_crypt_verify(const Port *port, const char *role,
char *client_pass) /* * Password OK, now check to be sure we are not past
rolvaliduntil */
- if (isnull)
- retval = STATUS_OK;
- else if (vuntil < GetCurrentTimestamp())
+ if (vuntil < GetCurrentTimestamp()) retval = STATUS_ERROR; else
retval = STATUS_OK;