Add password expiration warnings. This commit adds a new parameter called password_expiration_warning_threshold that controls when the server begins emitting imminent-password-expiration warnings upon successful password authentication. By default, this parameter is set to 7 days, but this functionality can be disabled by setting it to 0. This patch also introduces a new "connection warning" infrastructure that can be reused elsewhere. For example, we may want to warn about the use of MD5 passwords for a couple of releases before removing MD5 password support.
Author: Gilles Darold <[email protected]> Co-authored-by: Nathan Bossart <[email protected]> Reviewed-by: Japin Li <[email protected]> Reviewed-by: songjinzhou <[email protected]> Reviewed-by: liu xiaohui <[email protected]> Reviewed-by: Yuefei Shi <[email protected]> Reviewed-by: Steven Niu <[email protected]> Reviewed-by: Soumya S Murali <[email protected]> Reviewed-by: Euler Taveira <[email protected]> Reviewed-by: Zsolt Parragi <[email protected]> Reviewed-by: Chao Li <[email protected]> Reviewed-by: Greg Sabino Mullane <[email protected]> Reviewed-by: Peter Eisentraut <[email protected]> Discussion: https://postgr.es/m/129bcfbf-47a6-e58a-190a-62fc21a17d03%40migops.com Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/1d92e0c2cc4789255c630d8776bbe85ca9ebc27f Modified Files -------------- doc/src/sgml/config.sgml | 22 ++++++++ src/backend/libpq/crypt.c | 73 +++++++++++++++++++++++++-- src/backend/utils/init/postinit.c | 69 +++++++++++++++++++++++++ src/backend/utils/misc/guc_parameters.dat | 10 ++++ src/backend/utils/misc/postgresql.conf.sample | 3 +- src/include/libpq/crypt.h | 3 ++ src/include/miscadmin.h | 1 + src/test/authentication/t/001_password.pl | 34 +++++++++++++ 8 files changed, 209 insertions(+), 6 deletions(-)
