Re: sunsetting md5 password support
| От | Greg Sabino Mullane |
|---|---|
| Тема | Re: sunsetting md5 password support |
| Дата | |
| Msg-id | CAKAnmmK73voOLA59G9sXjRuVZgNy8nT2Cmcxk-k6EZ3s3q+wOw@mail.gmail.com обсуждение исходный текст |
| Ответ на | sunsetting md5 password support (Nathan Bossart <nathandbossart@gmail.com>) |
| Список | pgsql-hackers |
Big +1 to the idea, but it's not going to be pretty; there is a lot of baked-in MD5 stuff around.
2. In v19, allow upgrading with MD5 passwords and allow authenticating
with them, but disallow creating new ones (i.e., restrict/remove
password_encryption and don't allow setting pre-hashed MD5 passwords).
Certainly not remove it, that would break lots of things. Perhaps one release with a strong warning when md5 is used, that cannot be disabled, then disallow new ones?
3. In v20, allow upgrading with MD5 passwords, but disallow using them for authentication.
Again, maybe a release that complains real loudly but still allows it?
4. In v21, disallow upgrading with MD5 passwords.
You mean having pg_upgrade refuse to go on? Or maybe have it empty the passwords out?
Cheers,
Greg
В списке pgsql-hackers по дате отправления: