Automatic upgrade of passwords from md5 to scram-sha256

I have a PostgreSQL instance where the majority of the passwords is
still stored as MD5 hashes. I'm not particularly worried because they
are all randomly generated and should be reasonably secure against brute
force attacks even with a weak hash, and they're not that valuable
anyway, but it would still be nice if I could upgrade them to
SCRAM-SHA256.

The web framework Django will automatically and transparently rehash any
password with the currently preferred algorithm if it isn't stored that
way already.

Can PostgreSQL do that, too? (I haven't found anything)

If not, would this feature be of general interest?

Looking through chapter 53 of manual I think it would have to
implemented like this:

If the password for the user is stored as an MD5 hash, the server
replies to the startup message with an AuthenticationCleartextPassword
respnse to force the client to send the password in the clear
(obviously you only want to do that if the connection is TLS-encrypted
or otherwise safe from eavesdropping).

The client sends an PasswordMessage with the cleartext password.

The server first checks the password against the stored MD5 hash and
(assuming it's correct) then computes and stores the SCRAM-SHA256 hash, just as if the
user had issued an "alter user password" command. Finally it replies
with an AuthenticationOk message as normal.

The next time the client connects, the server will find and and use the
SCRAM-SHA256 hash.

This feature should only be enabled by a GUC.

Additional question: Do current clients (especially the ODBC client)
even support AuthenticationCleartextPassword by default?

hp

--
_ | Peter J. Holzer | Story must make more sense than reality.
|_|_) | |
| | | hjp(at)hjp(dot)at | -- Charles Stross, "Creative writing
__/ | http://www.hjp.at/ | challenge!"