On Mon, Jun 02, 2025 at 09:16:10AM -0500, Nathan Bossart wrote:
> I noticed that the docs for the pg_authid catalog still indicate that
> passwords might be stored "unencrypted," which hasn't been possible since
> commit eb61136. The attached patch attempts to fix that. If acceptable,
> I'd back-patch it to all supported versions.
And now with a patch actually attached...
--
nathan
>From 268dc1afbcb1195de6b9aa735d9e27449c2e8fd2 Mon Sep 17 00:00:00 2001
From: Nathan Bossart <nat...@postgresql.org>
Date: Mon, 2 Jun 2025 09:08:24 -0500
Subject: [PATCH v1 1/1] doc: Fix notes about password encryption in pg_authid.
---
doc/src/sgml/catalogs.sgml | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml
index cbd4e40a320..d53e7e39b59 100644
--- a/doc/src/sgml/catalogs.sgml
+++ b/doc/src/sgml/catalogs.sgml
@@ -1582,7 +1582,7 @@
<structfield>rolpassword</structfield> <type>text</type>
</para>
<para>
- Password (possibly encrypted); null if none. The format depends
+ Encrypted password; null if none. The format depends
on the form of encryption used.
</para></entry>
</row>
@@ -1627,11 +1627,6 @@ SCRAM-SHA-256$<replaceable><iteration
count></replaceable>:<replaceable>&l
<replaceable>ServerKey</replaceable> are in Base64 encoded format. This
format is
the same as that specified by <ulink
url="https://datatracker.ietf.org/doc/html/rfc5803";>RFC 5803</ulink>.
</para>
-
- <para>
- A password that does not follow either of those formats is assumed to be
- unencrypted.
- </para>
</sect1>
--
2.39.5 (Apple Git-154)
