Re: Re: [BUGS] BUG #10250: pgAdmin III 1.16.1 stores unescaped plaintext password
Thanks Akshay. Dhiraj, can you review please? I'm a little busy right now.
--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
Thanks.
On Thu, May 15, 2014 at 7:39 AM, Akshay Joshi <akshay.joshi@enterprisedb.com> wrote:
Hi DaveI have fixed the escaping issue and tested it. It works fine for me. Attached is the patch file, can you please review it.If code looks good to you, can you please commit the code.On Thu, May 8, 2014 at 2:34 PM, Akshay Joshi <akshay.joshi@enterprisedb.com> wrote:Sure.--On Thu, May 8, 2014 at 1:37 PM, Dave Page <dpage@pgadmin.org> wrote:Akshay, can you look into the quoting problem please.--
On Thu, May 8, 2014 at 1:07 AM, Stephen Frost <sfrost@snowman.net> wrote:
> * Heikki Linnakangas (hlinnakangas@vmware.com) wrote:
>> (forwarding to pgadmin-hackers)
>
> Ah.
>
>> On 05/07/2014 06:44 PM, Stephen Frost wrote:
>> >* dlo@isam.kiwi (dlo@isam.kiwi) wrote:
>> >>but when the credential contains the delimiter (colon) it fails to be
>> >>read back out and app responds with "invalid credentials".
>> >>
>> >>x.x.x.x:5432:*:username:password:with:colons
>> >
>> >Per the fine documentation, you need to escape any such usage with a
>> >backslash. Please review:
>>
>> Stephen, you missed the context. pgadmin3 saves .pgpass, when you
>> check the "store password" checkbox in the connection dialog. And
>> apparantly pgadmin3 doesn't do that escaping properly.
>
> Wow, that's pretty rough. Hopefully they'll be able to fix it soon. :)
>
> Thanks,
>
> Stephen
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
Вложения
В списке pgadmin-hackers по дате отправления: