From: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com> |
---|---|
To: | Andy Grimm <agrimm(at)gmail(dot)com> |
Cc: | Euler Taveira de Oliveira <euler(at)timbira(dot)com>, PostgreSQL Bugs <pgsql-bugs(at)postgresql(dot)org> |
Subject: | Re: BUG #6412: psql & fe-connect truncate passwords |
Date: | 2012-09-20 07:18:08 |
Message-ID: | 505AC330.7010102@vmware.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
On 15.02.2012 07:09, Andy Grimm wrote:
> Sorry that it's been a couple of weeks, but I have gotten around to
> working on a patch that address more of these concerns. The attached
> patch should
>
> 1) allow arbitrary length passwords to be read from a file via initdb --pwfile
> 2) allow the client to accept a password of arbitrary length at the
> password prompt
> 3) allow a password of arbitrary length in a pgpass file
>
> In #2 I say "allow the client to accept", because there's a
> pq_getmessage call in src/backend/libpq/auth.c which limits the
> password message length to 1000 characters. Changing that part of the
> code should allow longer passwords, but there may be other lurking
> backend issues after that, and I'm not concerned about going beyond
> 1000 at this point.
Thanks for the patch. A few comments:
* Most of the simple_prompt() calls are for passwords, which now have no
limit, but there's a few others. How about we remove the maxlen argument
altogether, and just have it always return a malloc'd string that can be
arbitrarily long. (maybe with a sanity-check limit within
simple_prompt(), like 100k)
* .pg_service.conf handling still has a fixed limit on line length of
256 bytes. See parseServiceInfo() in fe-connect. I think we should lift
that limit too, for the sake of consistency. You can pass a password in
the service file, too.
* Missed a few simple_prompt() calls in contrib (oid2name, vacuumlo,
pgbench)
- Heikki
From | Date | Subject | |
---|---|---|---|
Next Message | Heikki Linnakangas | 2012-09-20 07:31:20 | Re: BUG #7559: syslogger doesn't close stdout and stderr |
Previous Message | l1t | 2012-09-20 05:14:24 | BUG #7556 addition info |