[pgpool-hackers: 2855] Oversight on md5 authentication

[Tatsuo Ishii]

While taking care of issue 411,

https://www.pgpool.net/mantisbt/view.php?id=411

I noticed that Pgpool-II requires pool_passwd for md5 authentication
in raw mode case when they are actually not necessary. In the raw
mode, Pgpool-II only connects to 1 backend. So it should be treated
same as the case when there is only 1 backend (which is already
treated sanely).

The fix is trivial and I could back patch it to the all supported
branches. However, this would change the behavior md5 auth in the raw
mode.

Today: users need to sync pool_passwd with PostgreSQL's password even
in the raw mode.

After patching: client supplied password is only validated against
PostgreSQL's password. pool_passwd is not consulted anymore.

I guess the behavior change would be welcomed by all raw mode/md5
users since it frees users from maintaining two separate passwords.

But I would like make sure that I do not miss anything before
back patching the fix.

Comments?

Maybe needless to say, but the patch does not change behaviors in
streaming replication mode and native replication mode, having more
than 1 backend.
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp