Re: BUG #6412: psql & fe-connect truncate passwords
| От | Heikki Linnakangas |
|---|---|
| Тема | Re: BUG #6412: psql & fe-connect truncate passwords |
| Дата | |
| Msg-id | 505AC330.7010102@vmware.com обсуждение исходный текст |
| Ответ на | Re: BUG #6412: psql & fe-connect truncate passwords (Andy Grimm <agrimm@gmail.com>) |
| Список | pgsql-bugs |
On 15.02.2012 07:09, Andy Grimm wrote: > Sorry that it's been a couple of weeks, but I have gotten around to > working on a patch that address more of these concerns. The attached > patch should > > 1) allow arbitrary length passwords to be read from a file via initdb --pwfile > 2) allow the client to accept a password of arbitrary length at the > password prompt > 3) allow a password of arbitrary length in a pgpass file > > In #2 I say "allow the client to accept", because there's a > pq_getmessage call in src/backend/libpq/auth.c which limits the > password message length to 1000 characters. Changing that part of the > code should allow longer passwords, but there may be other lurking > backend issues after that, and I'm not concerned about going beyond > 1000 at this point. Thanks for the patch. A few comments: * Most of the simple_prompt() calls are for passwords, which now have no limit, but there's a few others. How about we remove the maxlen argument altogether, and just have it always return a malloc'd string that can be arbitrarily long. (maybe with a sanity-check limit within simple_prompt(), like 100k) * .pg_service.conf handling still has a fixed limit on line length of 256 bytes. See parseServiceInfo() in fe-connect. I think we should lift that limit too, for the sake of consistency. You can pass a password in the service file, too. * Missed a few simple_prompt() calls in contrib (oid2name, vacuumlo, pgbench) - Heikki
В списке pgsql-bugs по дате отправления: