Remove RADIUS support. Our RADIUS implementation supported only the deprecated RADIUS/UDP variant, without the recommended Message-Authenticator attribute to mitigate against the Blast-RADIUS vulnerability. By now, popular RADIUS servers are expected to generate loud warnings or reject our authentication attempts outright.
Since there have been no user reports about this, it seems unlikely that there are users. Reviewed-by: Álvaro Herrera <[email protected]> Reviewed-by: Aleksander Alekseev <[email protected]> Reviewed-by: Tom Lane <[email protected]> Reviewed-by: Jacob Champion <[email protected]> Reviewed-by: Michael Banck <[email protected]> Discussion: https://postgr.es/m/CA%2BhUKG%2BSH309V8KECU5%3DxuLP9Dks0v9f9UVS2W74fPAE5O21dg%40mail.gmail.com Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/a1643d40b308911cc725e62d3c5f7904b426aa09 Modified Files -------------- doc/src/sgml/appendix-obsolete-auth-radius.sgml | 20 + doc/src/sgml/appendix-obsolete.sgml | 1 + doc/src/sgml/client-auth.sgml | 128 ------ doc/src/sgml/filelist.sgml | 1 + src/backend/libpq/auth.c | 511 +----------------------- src/backend/libpq/hba.c | 216 ---------- src/backend/libpq/pg_hba.conf.sample | 4 +- src/backend/utils/adt/hbafuncs.c | 19 - src/include/libpq/hba.h | 9 - src/tools/pgindent/typedefs.list | 2 - 10 files changed, 25 insertions(+), 886 deletions(-)
