Re: Increase limit on max length of the password( pg versions < 14)

On 7/18/23 11:30, mahendrakar s wrote:
> Hi hackers,
> 
> We have encountered an issue (invalid message length) when the
> password length is > 1000 in pg 11,12,13 versions. This is due to the
> limit(1000) on the max length of the password. In this case the
> password is an access token(JWT) which can have varied  lengths >
> 1000. I see that this is already handled for GSS and SSPI
> authentication tokens where the maximum accepted size is 65535.
> 
> This is not the case with pg versions >=14 as the limit on max length
> is 65535(this change was added as part of sanity checks[1]).
> 
> So we have two options:
> 1. Backport patch[1] to 11,12,13
> 2. Change ONLY the limit on the max length of the password(my patch attached).
> 
> Please let me know your thoughts.

The third option is to upgrade.
-- 
Vik Fearing