mirror of
https://github.com/postgres/postgres.git
synced 2026-07-08 17:20:57 -04:00
This commit adds a new parameter called password_expiration_warning_threshold that controls when the server begins emitting imminent-password-expiration warnings upon successful password authentication. By default, this parameter is set to 7 days, but this functionality can be disabled by setting it to 0. This patch also introduces a new "connection warning" infrastructure that can be reused elsewhere. For example, we may want to warn about the use of MD5 passwords for a couple of releases before removing MD5 password support. Author: Gilles Darold <gilles@darold.net> Co-authored-by: Nathan Bossart <nathandbossart@gmail.com> Reviewed-by: Japin Li <japinli@hotmail.com> Reviewed-by: songjinzhou <tsinghualucky912@foxmail.com> Reviewed-by: liu xiaohui <liuxh.zj.cn@gmail.com> Reviewed-by: Yuefei Shi <shiyuefei1004@gmail.com> Reviewed-by: Steven Niu <niushiji@gmail.com> Reviewed-by: Soumya S Murali <soumyamurali.work@gmail.com> Reviewed-by: Euler Taveira <euler@eulerto.com> Reviewed-by: Zsolt Parragi <zsolt.parragi@percona.com> Reviewed-by: Chao Li <li.evan.chao@gmail.com> Reviewed-by: Greg Sabino Mullane <htamfids@gmail.com> Reviewed-by: Peter Eisentraut <peter@eisentraut.org> Discussion: https://postgr.es/m/129bcfbf-47a6-e58a-190a-62fc21a17d03%40migops.com
63 lines
2.1 KiB
C
63 lines
2.1 KiB
C
/*-------------------------------------------------------------------------
|
|
*
|
|
* crypt.h
|
|
* Interface to libpq/crypt.c
|
|
*
|
|
* Portions Copyright (c) 1996-2026, PostgreSQL Global Development Group
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
|
*
|
|
* src/include/libpq/crypt.h
|
|
*
|
|
*-------------------------------------------------------------------------
|
|
*/
|
|
#ifndef PG_CRYPT_H
|
|
#define PG_CRYPT_H
|
|
|
|
#include "datatype/timestamp.h"
|
|
|
|
/*
|
|
* Valid password hashes may be very long, but we don't want to store anything
|
|
* that might need out-of-line storage, since de-TOASTing won't work during
|
|
* authentication because we haven't selected a database yet and cannot read
|
|
* pg_class. 512 bytes should be more than enough for all practical use, and
|
|
* our own password encryption routines should never produce hashes longer than
|
|
* this.
|
|
*/
|
|
#define MAX_ENCRYPTED_PASSWORD_LEN (512)
|
|
|
|
/* Threshold for password expiration warnings. */
|
|
extern PGDLLIMPORT int password_expiration_warning_threshold;
|
|
|
|
/* Enables deprecation warnings for MD5 passwords. */
|
|
extern PGDLLIMPORT bool md5_password_warnings;
|
|
|
|
/*
|
|
* Types of password hashes or secrets.
|
|
*
|
|
* Plaintext passwords can be passed in by the user, in a CREATE/ALTER USER
|
|
* command. They will be encrypted to MD5 or SCRAM-SHA-256 format, before
|
|
* storing on-disk, so only MD5 and SCRAM-SHA-256 passwords should appear
|
|
* in pg_authid.rolpassword. They are also the allowed values for the
|
|
* password_encryption GUC.
|
|
*/
|
|
typedef enum PasswordType
|
|
{
|
|
PASSWORD_TYPE_PLAINTEXT = 0,
|
|
PASSWORD_TYPE_MD5,
|
|
PASSWORD_TYPE_SCRAM_SHA_256,
|
|
} PasswordType;
|
|
|
|
extern PasswordType get_password_type(const char *shadow_pass);
|
|
extern char *encrypt_password(PasswordType target_type, const char *role,
|
|
const char *password);
|
|
|
|
extern char *get_role_password(const char *role, const char **logdetail);
|
|
|
|
extern int md5_crypt_verify(const char *role, const char *shadow_pass,
|
|
const char *client_pass, const uint8 *md5_salt,
|
|
int md5_salt_len, const char **logdetail);
|
|
extern int plain_crypt_verify(const char *role, const char *shadow_pass,
|
|
const char *client_pass,
|
|
const char **logdetail);
|
|
|
|
#endif
|