From a20f43d93562c4234de228ae3f0afae12750d7a0 Mon Sep 17 00:00:00 2001 From: Nathan Bossart Date: Fri, 11 Oct 2024 16:21:09 -0500 Subject: [PATCH v1 1/1] Deprecate MD5 passwords. MD5 has been considered to be unsuitable for use as a cryptographic hash algorithm for some time. Furthermore, MD5 password hashes in PostgreSQL are vulnerable to pass-the-hash attacks, i.e., knowing the username and hashed password is sufficient to authenticate. The SCRAM-SHA-256 method added in v10 is not subject to these problems and is considered to be superior to MD5. This commit marks MD5 password support in PostgreSQL as deprecated and to be removed in a future release. The documentation now contains several deprecation notices, and CREATE ROLE and ALTER ROLE now emit deprecation warnings when setting MD5 passwords. The warnings can be disabled by setting the md5_password_warnings parameter to "off". Reviewed-by: ??? Discussion: https://postgr.es/m/ZwbfpJJol7lDWajL%40nathan --- contrib/passwordcheck/expected/passwordcheck.out | 3 +++ .../passwordcheck/expected/passwordcheck_1.out | 6 ++++++ doc/src/sgml/catalogs.sgml | 9 +++++++++ doc/src/sgml/client-auth.sgml | 8 ++++++++ doc/src/sgml/config.sgml | 8 ++++++++ doc/src/sgml/libpq.sgml | 9 +++++++++ doc/src/sgml/protocol.sgml | 8 ++++++++ doc/src/sgml/ref/create_role.sgml | 8 ++++++++ doc/src/sgml/runtime.sgml | 10 ++++++++++ src/backend/libpq/crypt.c | 10 ++++++++++ src/backend/utils/misc/guc_tables.c | 9 +++++++++ src/backend/utils/misc/postgresql.conf.sample | 1 + src/include/libpq/crypt.h | 3 +++ src/test/modules/test_misc/t/003_check_guc.pl | 2 +- src/test/regress/expected/password.out | 15 +++++++++++++++ src/test/regress/expected/password_1.out | 9 +++++++++ 16 files changed, 117 insertions(+), 1 deletion(-) diff --git a/contrib/passwordcheck/expected/passwordcheck.out b/contrib/passwordcheck/expected/passwordcheck.out index 2027681daf..2f91b53b8a 100644 --- a/contrib/passwordcheck/expected/passwordcheck.out +++ b/contrib/passwordcheck/expected/passwordcheck.out @@ -13,6 +13,9 @@ ALTER USER regress_passwordcheck_user1 PASSWORD 'alessnicelongpassword'; ERROR: password must contain both letters and nonletters -- encrypted ok (password is "secret") ALTER USER regress_passwordcheck_user1 PASSWORD 'md592350e12ac34e52dd598f90893bb3ae7'; +WARNING: setting an MD5-encrypted password +DETAIL: MD5 password support is deprecated and will be removed in a future release of PostgreSQL. +HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. -- error: password is user name ALTER USER regress_passwordcheck_user1 PASSWORD 'md507a112732ed9f2087fa90b192d44e358'; ERROR: password must not equal user name diff --git a/contrib/passwordcheck/expected/passwordcheck_1.out b/contrib/passwordcheck/expected/passwordcheck_1.out index 5d8d5dcc1c..ebb72956b0 100644 --- a/contrib/passwordcheck/expected/passwordcheck_1.out +++ b/contrib/passwordcheck/expected/passwordcheck_1.out @@ -13,6 +13,12 @@ ALTER USER regress_passwordcheck_user1 PASSWORD 'alessnicelongpassword'; ERROR: password must contain both letters and nonletters -- encrypted ok (password is "secret") ALTER USER regress_passwordcheck_user1 PASSWORD 'md592350e12ac34e52dd598f90893bb3ae7'; +WARNING: setting an MD5-encrypted password +DETAIL: MD5 password support is deprecated and will be removed in a future release of PostgreSQL. +HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. -- error: password is user name ALTER USER regress_passwordcheck_user1 PASSWORD 'md507a112732ed9f2087fa90b192d44e358'; +WARNING: setting an MD5-encrypted password +DETAIL: MD5 password support is deprecated and will be removed in a future release of PostgreSQL. +HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. DROP USER regress_passwordcheck_user1; diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml index 964c819a02..0b9ca087c8 100644 --- a/doc/src/sgml/catalogs.sgml +++ b/doc/src/sgml/catalogs.sgml @@ -1618,6 +1618,15 @@ will store the md5 hash of xyzzyjoe. + + + Support for MD5-encrypted passwords is deprecated and will be removed in a + future release of PostgreSQL. Refer to + for details about migrating to another + password type. + + + If the password is encrypted with SCRAM-SHA-256, it has the format: diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml index 51343de7ca..60a1d16288 100644 --- a/doc/src/sgml/client-auth.sgml +++ b/doc/src/sgml/client-auth.sgml @@ -1260,6 +1260,14 @@ omicron bryanh guest1 server is encrypted for SCRAM (see below), then SCRAM-based authentication will automatically be chosen instead. + + + + Support for MD5-encrypted passwords is deprecated and will be removed + in a future release of PostgreSQL. Refer to + the text below for details about migrating to another password type. + + diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml index 9707d5238d..f6484f0210 100644 --- a/doc/src/sgml/config.sgml +++ b/doc/src/sgml/config.sgml @@ -1124,6 +1124,14 @@ include_dir 'conf.d' mechanism, and hence not work with passwords encrypted with SCRAM-SHA-256. See for more details. + + + Support for MD5-encrypted passwords is deprecated and will be removed + in a future release of PostgreSQL. Refer + to for details about migrating to + another password type. + + diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml index afc9346757..54a7bcf6bb 100644 --- a/doc/src/sgml/libpq.sgml +++ b/doc/src/sgml/libpq.sgml @@ -1341,6 +1341,15 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname The server must request MD5 hashed password authentication. + + + Support for MD5-encrypted passwords is deprecated and will be + removed in a future release of + PostgreSQL. Refer to + for details about migrating to + another password type. + + diff --git a/doc/src/sgml/protocol.sgml b/doc/src/sgml/protocol.sgml index 057c46f3f5..b7ecee02c0 100644 --- a/doc/src/sgml/protocol.sgml +++ b/doc/src/sgml/protocol.sgml @@ -312,6 +312,14 @@ (Keep in mind the md5() function returns its result as a hex string.) + + + Support for MD5-encrypted passwords is deprecated and will be removed + in a future release of PostgreSQL. Refer + to for details about migrating to + another password type. + + diff --git a/doc/src/sgml/ref/create_role.sgml b/doc/src/sgml/ref/create_role.sgml index f72ba9affc..cee23b1ea6 100644 --- a/doc/src/sgml/ref/create_role.sgml +++ b/doc/src/sgml/ref/create_role.sgml @@ -273,6 +273,14 @@ in sync when changing the above synopsis! different format). This allows reloading of encrypted passwords during dump/restore. + + + Support for MD5-encrypted passwords is deprecated and will be removed + in a future release of PostgreSQL. Refer + to for details about migrating to + another password type. + + diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml index 2c4d5ef640..dac9eead0b 100644 --- a/doc/src/sgml/runtime.sgml +++ b/doc/src/sgml/runtime.sgml @@ -2053,6 +2053,16 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433 is an Internet standard and is more secure than the PostgreSQL-specific MD5 authentication protocol. + + + + Support for MD5-encrypted passwords is deprecated and will be removed in + a future release of PostgreSQL. Refer to + for details about migrating to another + password type. + + + diff --git a/src/backend/libpq/crypt.c b/src/backend/libpq/crypt.c index b01525dc28..d37c70901b 100644 --- a/src/backend/libpq/crypt.c +++ b/src/backend/libpq/crypt.c @@ -24,6 +24,8 @@ #include "utils/syscache.h" #include "utils/timestamp.h" +/* Enables deprecation warnings for MD5 passwords. */ +bool md5_password_warnings = true; /* * Fetch stored password for a user, for authentication. @@ -174,6 +176,14 @@ encrypt_password(PasswordType target_type, const char *role, MAX_ENCRYPTED_PASSWORD_LEN))); } + if (md5_password_warnings && + get_password_type(encrypted_password) == PASSWORD_TYPE_MD5) + ereport(WARNING, + (errcode(ERRCODE_WARNING_DEPRECATED_FEATURE), + errmsg("setting an MD5-encrypted password"), + errdetail("MD5 password support is deprecated and will be removed in a future release of PostgreSQL."), + errhint("Refer to the PostgreSQL documentation for details about migrating to another password type."))); + return encrypted_password; } diff --git a/src/backend/utils/misc/guc_tables.c b/src/backend/utils/misc/guc_tables.c index 686309db58..4bdf214b31 100644 --- a/src/backend/utils/misc/guc_tables.c +++ b/src/backend/utils/misc/guc_tables.c @@ -2076,6 +2076,15 @@ struct config_bool ConfigureNamesBool[] = NULL, NULL, NULL }, + { + {"md5_password_warnings", PGC_USERSET, CONN_AUTH_AUTH, + gettext_noop("Enables deprecation warnings for MD5 passwords."), + }, + &md5_password_warnings, + true, + NULL, NULL, NULL + }, + /* End-of-list marker */ { {NULL, 0, 0, NULL, NULL}, NULL, false, NULL, NULL, NULL diff --git a/src/backend/utils/misc/postgresql.conf.sample b/src/backend/utils/misc/postgresql.conf.sample index 667e0dc40a..d1be17615c 100644 --- a/src/backend/utils/misc/postgresql.conf.sample +++ b/src/backend/utils/misc/postgresql.conf.sample @@ -96,6 +96,7 @@ #authentication_timeout = 1min # 1s-600s #password_encryption = scram-sha-256 # scram-sha-256 or md5 #scram_iterations = 4096 +#md5_password_warnings = on # GSSAPI using Kerberos #krb_server_keyfile = 'FILE:${sysconfdir}/krb5.keytab' diff --git a/src/include/libpq/crypt.h b/src/include/libpq/crypt.h index 0bb4400435..db7ea7bd1f 100644 --- a/src/include/libpq/crypt.h +++ b/src/include/libpq/crypt.h @@ -25,6 +25,9 @@ */ #define MAX_ENCRYPTED_PASSWORD_LEN (512) +/* Enables deprecation warnings for MD5 passwords. */ +extern PGDLLIMPORT bool md5_password_warnings; + /* * Types of password hashes or secrets. * diff --git a/src/test/modules/test_misc/t/003_check_guc.pl b/src/test/modules/test_misc/t/003_check_guc.pl index 3ae4bb1cd9..f4f2f1121a 100644 --- a/src/test/modules/test_misc/t/003_check_guc.pl +++ b/src/test/modules/test_misc/t/003_check_guc.pl @@ -56,7 +56,7 @@ while (my $line = <$contents>) # file. # - Valid configuration options are followed immediately by " = ", # with one space before and after the equal sign. - if ($line =~ m/^#?([_[:alpha:]]+) = .*/) + if ($line =~ m/^#?([_[:alnum:]]+) = .*/) { # Lower-case conversion matters for some of the GUCs. my $param_name = lc($1); diff --git a/src/test/regress/expected/password.out b/src/test/regress/expected/password.out index df3857460c..9bb3ab2818 100644 --- a/src/test/regress/expected/password.out +++ b/src/test/regress/expected/password.out @@ -14,8 +14,14 @@ SET password_encryption = 'scram-sha-256'; -- ok SET password_encryption = 'md5'; CREATE ROLE regress_passwd1; ALTER ROLE regress_passwd1 PASSWORD 'role_pwd1'; +WARNING: setting an MD5-encrypted password +DETAIL: MD5 password support is deprecated and will be removed in a future release of PostgreSQL. +HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. CREATE ROLE regress_passwd2; ALTER ROLE regress_passwd2 PASSWORD 'role_pwd2'; +WARNING: setting an MD5-encrypted password +DETAIL: MD5 password support is deprecated and will be removed in a future release of PostgreSQL. +HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. SET password_encryption = 'scram-sha-256'; CREATE ROLE regress_passwd3 PASSWORD 'role_pwd3'; CREATE ROLE regress_passwd4 PASSWORD NULL; @@ -57,14 +63,23 @@ ALTER ROLE regress_passwd2_new RENAME TO regress_passwd2; SET password_encryption = 'md5'; -- encrypt with MD5 ALTER ROLE regress_passwd2 PASSWORD 'foo'; +WARNING: setting an MD5-encrypted password +DETAIL: MD5 password support is deprecated and will be removed in a future release of PostgreSQL. +HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. -- already encrypted, use as they are ALTER ROLE regress_passwd1 PASSWORD 'md5cd3578025fe2c3d7ed1b9a9b26238b70'; +WARNING: setting an MD5-encrypted password +DETAIL: MD5 password support is deprecated and will be removed in a future release of PostgreSQL. +HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. ALTER ROLE regress_passwd3 PASSWORD 'SCRAM-SHA-256$4096:VLK4RMaQLCvNtQ==$6YtlR4t69SguDiwFvbVgVZtuz6gpJQQqUMZ7IQJK5yI=:ps75jrHeYU4lXCcXI4O8oIdJ3eO8o2jirjruw9phBTo='; SET password_encryption = 'scram-sha-256'; -- create SCRAM secret ALTER ROLE regress_passwd4 PASSWORD 'foo'; -- already encrypted with MD5, use as it is CREATE ROLE regress_passwd5 PASSWORD 'md5e73a4b11df52a6068f8b39f90be36023'; +WARNING: setting an MD5-encrypted password +DETAIL: MD5 password support is deprecated and will be removed in a future release of PostgreSQL. +HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. -- This looks like a valid SCRAM-SHA-256 secret, but it is not -- so it should be hashed with SCRAM-SHA-256. CREATE ROLE regress_passwd6 PASSWORD 'SCRAM-SHA-256$1234'; diff --git a/src/test/regress/expected/password_1.out b/src/test/regress/expected/password_1.out index bd0c2e48de..8f613e976a 100644 --- a/src/test/regress/expected/password_1.out +++ b/src/test/regress/expected/password_1.out @@ -61,12 +61,18 @@ ALTER ROLE regress_passwd2 PASSWORD 'foo'; ERROR: password encryption failed: unsupported -- already encrypted, use as they are ALTER ROLE regress_passwd1 PASSWORD 'md5cd3578025fe2c3d7ed1b9a9b26238b70'; +WARNING: setting an MD5-encrypted password +DETAIL: MD5 password support is deprecated and will be removed in a future release of PostgreSQL. +HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. ALTER ROLE regress_passwd3 PASSWORD 'SCRAM-SHA-256$4096:VLK4RMaQLCvNtQ==$6YtlR4t69SguDiwFvbVgVZtuz6gpJQQqUMZ7IQJK5yI=:ps75jrHeYU4lXCcXI4O8oIdJ3eO8o2jirjruw9phBTo='; SET password_encryption = 'scram-sha-256'; -- create SCRAM secret ALTER ROLE regress_passwd4 PASSWORD 'foo'; -- already encrypted with MD5, use as it is CREATE ROLE regress_passwd5 PASSWORD 'md5e73a4b11df52a6068f8b39f90be36023'; +WARNING: setting an MD5-encrypted password +DETAIL: MD5 password support is deprecated and will be removed in a future release of PostgreSQL. +HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. -- This looks like a valid SCRAM-SHA-256 secret, but it is not -- so it should be hashed with SCRAM-SHA-256. CREATE ROLE regress_passwd6 PASSWORD 'SCRAM-SHA-256$1234'; @@ -100,6 +106,9 @@ SELECT rolname, regexp_replace(rolpassword, '(SCRAM-SHA-256)\$(\d+):([a-zA-Z0-9+ CREATE ROLE regress_passwd_empty PASSWORD ''; NOTICE: empty string is not a valid password, clearing password ALTER ROLE regress_passwd_empty PASSWORD 'md585939a5ce845f1a1b620742e3c659e0a'; +WARNING: setting an MD5-encrypted password +DETAIL: MD5 password support is deprecated and will be removed in a future release of PostgreSQL. +HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. ALTER ROLE regress_passwd_empty PASSWORD 'SCRAM-SHA-256$4096:hpFyHTUsSWcR7O9P$LgZFIt6Oqdo27ZFKbZ2nV+vtnYM995pDh9ca6WSi120=:qVV5NeluNfUPkwm7Vqat25RjSPLkGeoZBQs6wVv+um4='; NOTICE: empty string is not a valid password, clearing password SELECT rolpassword FROM pg_authid WHERE rolname='regress_passwd_empty'; -- 2.39.5 (Apple Git-154)