Re: pg_upgrade: warn about roles with md5 passwords

On Tue, Jun 03, 2025 at 09:43:59AM -0500, Nathan Bossart wrote:
> On Tue, Jun 03, 2025 at 10:34:06AM -0400, Tom Lane wrote:
>> If we really want to be in peoples' face about this, the thing
>> to do is to print a warning every time they log in with an MD5
>> password. Also, to Michael's point, that really would be exactly
>> the same place where the eventual "sorry, not supported anymore"
>> message will be.
>
> I held off on this because I was worried it might be far too noisy. That
> does seem like it has the best chance of getting folks' attention, though.
> If it's too noisy, users can always turn off the warnings.

Here is a draft-grade patch that adds a WARNING upon successful
authentication with an MD5 password. It's a little hacky because AFAICT we
need to wait until well after authentication (for GUCs to be set up, etc.)
before we actually emit the WARNING. When the time comes to remove MD5
password support completely, we'll need to do something like modify
CheckMD5Auth() to always return STATUS_ERROR with an appropriate logdetail
message.

What do folks think about doing this?

--
nathan