diff options
Diffstat (limited to 'doc/src')
| -rw-r--r-- | doc/src/sgml/catalogs.sgml | 9 | ||||
| -rw-r--r-- | doc/src/sgml/client-auth.sgml | 17 | ||||
| -rw-r--r-- | doc/src/sgml/config.sgml | 24 | ||||
| -rw-r--r-- | doc/src/sgml/libpq.sgml | 9 | ||||
| -rw-r--r-- | doc/src/sgml/protocol.sgml | 8 | ||||
| -rw-r--r-- | doc/src/sgml/ref/create_role.sgml | 8 | ||||
| -rw-r--r-- | doc/src/sgml/runtime.sgml | 10 |
7 files changed, 85 insertions, 0 deletions
diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml index 59bb833f48d..bf3cee08a93 100644 --- a/doc/src/sgml/catalogs.sgml +++ b/doc/src/sgml/catalogs.sgml @@ -1618,6 +1618,15 @@ will store the md5 hash of <literal>xyzzyjoe</literal>. </para> + <warning> + <para> + Support for MD5-encrypted passwords is deprecated and will be removed in a + future release of <productname>PostgreSQL</productname>. Refer to + <xref linkend="auth-password"/> for details about migrating to another + password type. + </para> + </warning> + <para> If the password is encrypted with SCRAM-SHA-256, it has the format: <synopsis> diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml index 51343de7cad..782b49c85ac 100644 --- a/doc/src/sgml/client-auth.sgml +++ b/doc/src/sgml/client-auth.sgml @@ -531,6 +531,15 @@ include_dir <replaceable>directory</replaceable> user's password. See <xref linkend="auth-password"/> for details. </para> + <warning> + <para> + Support for MD5-encrypted passwords is deprecated and will be + removed in a future release of + <productname>PostgreSQL</productname>. Refer to + <xref linkend="auth-password"/> for details about migrating to + another password type. + </para> + </warning> </listitem> </varlistentry> @@ -1260,6 +1269,14 @@ omicron bryanh guest1 server is encrypted for SCRAM (see below), then SCRAM-based authentication will automatically be chosen instead. </para> + + <warning> + <para> + Support for MD5-encrypted passwords is deprecated and will be removed + in a future release of <productname>PostgreSQL</productname>. Refer to + the text below for details about migrating to another password type. + </para> + </warning> </listitem> </varlistentry> diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml index 76ab72db964..e0c8325a39c 100644 --- a/doc/src/sgml/config.sgml +++ b/doc/src/sgml/config.sgml @@ -1124,6 +1124,14 @@ include_dir 'conf.d' mechanism, and hence not work with passwords encrypted with SCRAM-SHA-256. See <xref linkend="auth-password"/> for more details. </para> + <warning> + <para> + Support for MD5-encrypted passwords is deprecated and will be removed + in a future release of <productname>PostgreSQL</productname>. Refer + to <xref linkend="auth-password"/> for details about migrating to + another password type. + </para> + </warning> </listitem> </varlistentry> @@ -7913,6 +7921,22 @@ log_line_prefix = '%m [%p] %q%u@%d/%a ' </listitem> </varlistentry> + <varlistentry id="guc-md5-password-warnings" xreflabel="md5_password_warnings"> + <term><varname>md5_password_warnings</varname> (<type>boolean</type>) + <indexterm> + <primary><varname>md5_password_warnings</varname> configuration parameter</primary> + </indexterm> + </term> + <listitem> + <para> + Controls whether a <literal>WARNING</literal> about MD5 password + deprecation is produced when a <command>CREATE ROLE</command> or + <command>ALTER ROLE</command> statement sets an MD5-encrypted password. + The default value is <literal>on</literal>. + </para> + </listitem> + </varlistentry> + </variablelist> </sect2> <sect2 id="runtime-config-logging-csvlog"> diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml index bfefb1289e8..01f259fd0dc 100644 --- a/doc/src/sgml/libpq.sgml +++ b/doc/src/sgml/libpq.sgml @@ -1341,6 +1341,15 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname <para> The server must request MD5 hashed password authentication. </para> + <warning> + <para> + Support for MD5-encrypted passwords is deprecated and will be + removed in a future release of + <productname>PostgreSQL</productname>. Refer to + <xref linkend="auth-password"/> for details about migrating to + another password type. + </para> + </warning> </listitem> </varlistentry> diff --git a/doc/src/sgml/protocol.sgml b/doc/src/sgml/protocol.sgml index cff0c4099e9..fb5dec1172e 100644 --- a/doc/src/sgml/protocol.sgml +++ b/doc/src/sgml/protocol.sgml @@ -312,6 +312,14 @@ (Keep in mind the <function>md5()</function> function returns its result as a hex string.) </para> + <warning> + <para> + Support for MD5-encrypted passwords is deprecated and will be removed + in a future release of <productname>PostgreSQL</productname>. Refer + to <xref linkend="auth-password"/> for details about migrating to + another password type. + </para> + </warning> </listitem> </varlistentry> diff --git a/doc/src/sgml/ref/create_role.sgml b/doc/src/sgml/ref/create_role.sgml index f72ba9affc2..cee23b1ea6b 100644 --- a/doc/src/sgml/ref/create_role.sgml +++ b/doc/src/sgml/ref/create_role.sgml @@ -273,6 +273,14 @@ in sync when changing the above synopsis! different format). This allows reloading of encrypted passwords during dump/restore. </para> + <warning> + <para> + Support for MD5-encrypted passwords is deprecated and will be removed + in a future release of <productname>PostgreSQL</productname>. Refer + to <xref linkend="auth-password"/> for details about migrating to + another password type. + </para> + </warning> </listitem> </varlistentry> diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml index bcd81e24158..94135e9d5ee 100644 --- a/doc/src/sgml/runtime.sgml +++ b/doc/src/sgml/runtime.sgml @@ -2053,6 +2053,16 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433 is an Internet standard and is more secure than the PostgreSQL-specific MD5 authentication protocol. </para> + + <warning> + <para> + Support for MD5-encrypted passwords is deprecated and will be removed in + a future release of <productname>PostgreSQL</productname>. Refer to + <xref linkend="auth-password"/> for details about migrating to another + password type. + </para> + </warning> + </listitem> </varlistentry> |