Remove support for (insecure) crypt authentication.

This breaks compatibility with pre-7.2 versions.
2025-07-23 03:21:12 +03:00 · 2008-10-28 12:10:44 +00:00
parent ba4eb01554
commit 53a5026b5c
13 changed files with 30 additions and 200 deletions
--- a/src/backend/libpq/crypt.c
+++ b/src/backend/libpq/crypt.c
@ -9,7 +9,7 @@
 * Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
 * Portions Copyright (c) 1994, Regents of the University of California
 *
- * $PostgreSQL: pgsql/src/backend/libpq/crypt.c,v 1.75 2008/09/15 12:32:56 mha Exp $
+ * $PostgreSQL: pgsql/src/backend/libpq/crypt.c,v 1.76 2008/10/28 12:10:43 mha Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -53,14 +53,6 @@ md5_crypt_verify(const Port *port, const char *role, char *client_pass)
 	if (shadow_pass == NULL || *shadow_pass == '\0')
 		return STATUS_ERROR;

-	/* We can't do crypt with MD5 passwords */
-	if (isMD5(shadow_pass) && port->hba->auth_method == uaCrypt)
-	{
-		ereport(LOG,
-				(errmsg("cannot use authentication method \"crypt\" because password is MD5-encrypted")));
-		return STATUS_ERROR;
-	}
-
 	/*
 	 * Compare with the encrypted or plain password depending on the
 	 * authentication method being used for this connection.
@ -106,14 +98,6 @@ md5_crypt_verify(const Port *port, const char *role, char *client_pass)
 				pfree(crypt_pwd2);
 			}
 			break;
-		case uaCrypt:
-			{
-				char		salt[3];
-
-				strlcpy(salt, port->cryptSalt, sizeof(salt));
-				crypt_pwd = crypt(shadow_pass, salt);
-				break;
-			}
 		default:
 			if (isMD5(shadow_pass))
 			{