Revert "initdb: Change authentication defaults"

This reverts commit 09f08930f0f6fd4a7350ac02f29124b919727198.

The buildfarm client needs some adjustments first.

3 files changed, 22 insertions, 16 deletions

diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c
index 4bda023e577..04d77ad7006 100644
--- a/src/bin/initdb/initdb.c
+++ b/src/bin/initdb/initdb.c
@@ -185,6 +185,7 @@ static const char *default_timezone = NULL;
 "# allows any local user to connect as any PostgreSQL user, including\n" \
 "# the database superuser.  If you do not trust all your local users,\n" \
 "# use another authentication method.\n"
+static bool authwarning = false;
 
 /*
  * Centralized knowledge of switches to pass to backend
@@ -2391,6 +2392,16 @@ usage(const char *progname)
 }
 
 static void
+check_authmethod_unspecified(const char **authmethod)
+{
+	if (*authmethod == NULL)
+	{
+		authwarning = true;
+		*authmethod = "trust";
+	}
+}
+
+static void
 check_authmethod_valid(const char *authmethod, const char *const *valid_methods, const char *conntype)
 {
 	const char *const *p;
@@ -3237,16 +3248,8 @@ main(int argc, char *argv[])
 		exit(1);
 	}
 
-	if (authmethodlocal == NULL)
-	{
-#ifdef HAVE_AUTH_PEER
-			authmethodlocal = "peer";
-#else
-			authmethodlocal = "md5";
-#endif
-	}
-	if (authmethodhost == NULL)
-		authmethodhost = "md5";
+	check_authmethod_unspecified(&authmethodlocal);
+	check_authmethod_unspecified(&authmethodhost);
 
 	check_authmethod_valid(authmethodlocal, auth_methods_local, "local");
 	check_authmethod_valid(authmethodhost, auth_methods_host, "host");
@@ -3329,6 +3332,14 @@ main(int argc, char *argv[])
 	else
 		printf(_("\nSync to disk skipped.\nThe data directory might become corrupt if the operating system crashes.\n"));
 
+	if (authwarning)
+	{
+		printf("\n");
+		pg_log_warning("enabling \"trust\" authentication for local connections");
+		fprintf(stderr, _("You can change this by editing pg_hba.conf or using the option -A, or\n"
+						  "--auth-local and --auth-host, the next time you run initdb.\n"));
+	}
+
 	/*
 	 * Build up a shell command to tell the user how to start the server
 	 */
diff --git a/src/include/port.h b/src/include/port.h
index 2536a2586c5..b5c03d912b0 100644
--- a/src/include/port.h
+++ b/src/include/port.h
@@ -361,11 +361,6 @@ extern int	fls(int mask);
 extern int	getpeereid(int sock, uid_t *uid, gid_t *gid);
 #endif
 
-/* must match src/port/getpeereid.c */
-#if defined(HAVE_GETPEEREID) || defined(SO_PEERCRED) || defined(LOCAL_PEERCRED) || defined(HAVE_GETPEERUCRED)
-#define HAVE_AUTH_PEER 1
-#endif
-
 #ifndef HAVE_ISINF
 extern int	isinf(double x);
 #else
diff --git a/src/test/regress/pg_regress.c b/src/test/regress/pg_regress.c
index 4e524b22ca2..117a9544eaf 100644
--- a/src/test/regress/pg_regress.c
+++ b/src/test/regress/pg_regress.c
@@ -2302,7 +2302,7 @@ regression_main(int argc, char *argv[], init_function ifunc, test_function tfunc
 		/* initdb */
 		header(_("initializing database system"));
 		snprintf(buf, sizeof(buf),
-				 "\"%s%sinitdb\" -D \"%s/data\" -A trust --no-clean --no-sync%s%s > \"%s/log/initdb.log\" 2>&1",
+				 "\"%s%sinitdb\" -D \"%s/data\" --no-clean --no-sync%s%s > \"%s/log/initdb.log\" 2>&1",
 				 bindir ? bindir : "",
 				 bindir ? "/" : "",
 				 temp_instance,