search

MigOpsRepos / credcheck

PostgreSQL plain credential checker
MIT License
57 stars 5 forks source link

credcheck.password_valid_max not working as expected #14

Closed t-ushar closed 1 year ago

t-ushar commented 1 year ago

Hi Team,

credcheck.password_valid_max seems not working as expected. Please find below the test result and let me know if I am doing anything wrong or hitting any bug?

VALID UNTIL should not be more than 180 days.

postgres=# show credcheck.password_valid_max;
 credcheck.password_valid_max 
------------------------------
 180
(1 row)

Created a user to test the situation and it went fine instead of failing 


postgres=# create role credcheck_valid_max  with login password 'hfbeifDJHduiwqdfiwq18923&#%$' VALID UNTIL '2025-06-12';
CREATE ROLE
postgres=# alter user credcheck_valid_max VALID UNTIL '2025-06-12';
ALTER ROLE
postgres=# \dx credcheck 
                            List of installed extensions
   Name    | Version | Schema |                     Description                      
-----------+---------+--------+------------------------------------------------------
 credcheck | 1.0.0   | public | credcheck - postgresql plain text credential checker
(1 row)

postgres=# select version();
                                                 version                                                 
---------------------------------------------------------------------------------------------------------
 PostgreSQL 13.6 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-44), 64-bit
(1 row)
darold commented 1 year ago

I can not reproduce with latest version 2.0.0:

contrib_regression=# SHOW credcheck.password_valid_max;
 credcheck.password_valid_max 
------------------------------
 180
(1 row)

contrib_regression=# create role credcheck_valid_max  with login password 'hfbeifDJHduiwqdfiwq18923&#%$' VALID UNTIL '2025-06-12';
ERROR:  require a VALID UNTIL option with a date beyond 180 days