On Tue, Feb 17, 2026 at 07:08:17AM +0100, Andreas Karlsson wrote: > After thinking more on the subject I have come around. I think warning spam > (that can be disabled) is fine and why not introduce it directly in 19?
WFM > As for the patch itself I think it looks good, but I am not a fan of the > test code. Why not simply write like the below? > > test_conn($node, 'user=md5_role', 'md5', 0, > log_like => > [qr/connection authenticated: identity="md5_role" > method=md5/], > expected_stderr => > [qr/authenticated with an MD5-encrypted password/]) No good reason. I've updated the patch. -- nathan
>From f55b97a4791c137f8c7271a45f7f6f19424b3d32 Mon Sep 17 00:00:00 2001 From: Nathan Bossart <[email protected]> Date: Tue, 17 Feb 2026 10:20:47 -0600 Subject: [PATCH v2 1/1] Warn upon successful MD5 password authentication. This uses the "connection warning" infrastructure introduced by commit 1d92e0c2cc to emit a WARNING when an MD5 password is used to authenticate. MD5 password support was marked as deprecated in v18 and will be removed in a future release of Postgres. These warnings are on by default but can be turned off via the existing md5_password_warnings parameter. Reviewed-by: Andreas Karlsson <[email protected]> Reviewed-by: Xiangyu Liang <[email protected]> Discussion: https://postgr.es/m/aYzeAYEbodkkg5e-%40nathan --- doc/src/sgml/config.sgml | 3 ++- src/backend/libpq/crypt.c | 17 +++++++++++++++++ src/test/authentication/t/001_password.pl | 2 ++ 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml index faf0bdb62aa..6e5a5364778 100644 --- a/doc/src/sgml/config.sgml +++ b/doc/src/sgml/config.sgml @@ -1188,7 +1188,8 @@ include_dir 'conf.d' <listitem> <para> Controls whether a <literal>WARNING</literal> about MD5 password - deprecation is produced when a <command>CREATE ROLE</command> or + deprecation is produced upon successful MD5 password authentication or + when a <command>CREATE ROLE</command> or <command>ALTER ROLE</command> statement sets an MD5-encrypted password. The default value is <literal>on</literal>. </para> diff --git a/src/backend/libpq/crypt.c b/src/backend/libpq/crypt.c index dbdd0e40f41..37ccec355c7 100644 --- a/src/backend/libpq/crypt.c +++ b/src/backend/libpq/crypt.c @@ -294,7 +294,24 @@ md5_crypt_verify(const char *role, const char *shadow_pass, } if (strcmp(client_pass, crypt_pwd) == 0) + { retval = STATUS_OK; + + if (md5_password_warnings) + { + MemoryContext oldcontext; + char *warning; + char *detail; + + oldcontext = MemoryContextSwitchTo(TopMemoryContext); + + warning = pstrdup(_("authenticated with an MD5-encrypted password")); + detail = pstrdup(_("MD5 password support is deprecated and will be removed in a future release of PostgreSQL.")); + StoreConnectionWarning(warning, detail); + + MemoryContextSwitchTo(oldcontext); + } + } else { *logdetail = psprintf(_("Password does not match for user \"%s\"."), diff --git a/src/test/authentication/t/001_password.pl b/src/test/authentication/t/001_password.pl index 0ec9aa9f4e8..a4b11673c26 100644 --- a/src/test/authentication/t/001_password.pl +++ b/src/test/authentication/t/001_password.pl @@ -499,6 +499,8 @@ SKIP: { skip "MD5 not supported" unless $md5_works; test_conn($node, 'user=md5_role', 'md5', 0, + expected_stderr => + qr/authenticated with an MD5-encrypted password/, log_like => [qr/connection authenticated: identity="md5_role" method=md5/]); } -- 2.50.1 (Apple Git-155)
