Re: sunsetting md5 password support - Mailing list pgsql-hackers

From Laurenz Albe
Subject Re: sunsetting md5 password support
Date
Msg-id 0a09ccb3009ae488aa077b4cb732b0a9916f9bf6.camel@cybertec.at
Whole thread Raw
In response to Re: sunsetting md5 password support  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-hackers
On Thu, 2024-10-10 at 18:39 -0400, Tom Lane wrote:
> Jesper Pedersen <jesper.pedersen@comcast.net> writes:
> > On 10/10/24 5:45 PM, Heikki Linnakangas wrote:
> > > Note that some authentication methods like LDAP and Radius use
> > > "password" authentication on the wire.
>
> > Please, deprecate - aka remove - old methods.
> > All client libraries have caught up, and if they havn't then it their
> > issue not Core.
>
> It's not the libraries that are the problem.  It's the users that
> want to use these auth methods --- perhaps even are required to
> by dubiously-well-thought-out corporate policies.

A voice from the field: I know at least one application out there
(that is used by more than one customer) that implemented the line
protocol by itself, back in the days when "crypt" authentication still
existed.  So they support "crypt" and "password", and now that
PostgreSQL has removed "crypt", the users are stuck with "password"...

Actually, that may be a good reason to deprecate "password", because
then the vendor might get motivated to remedy that malady.  On the other
hand, you can expect some protest...

Yours,
Laurenz Albe



pgsql-hackers by date:

Previous
From: px shi
Date:
Subject: Re: Remove unlogged materialized view persistence handling
Next
From: Yugo NAGATA
Date:
Subject: Re: Remove unlogged materialized view persistence handling