On 15.02.2012 07:09, Andy Grimm wrote:
Sorry that it's been a couple of weeks, but I have gotten around to
working on a patch that address more of these concerns. The attached
patch should
1) allow arbitrary length passwords to be read from a file via initdb --pwfile
2) allow the client to accept a password of arbitrary length at the
password prompt
3) allow a password of arbitrary length in a pgpass file
In #2 I say "allow the client to accept", because there's a
pq_getmessage call in src/backend/libpq/auth.c which limits the
password message length to 1000 characters. Changing that part of the
code should allow longer passwords, but there may be other lurking
backend issues after that, and I'm not concerned about going beyond
1000 at this point.
Thanks for the patch. A few comments:
* Most of the simple_prompt() calls are for passwords, which now have no
limit, but there's a few others. How about we remove the maxlen argument
altogether, and just have it always return a malloc'd string that can be
arbitrarily long. (maybe with a sanity-check limit within
simple_prompt(), like 100k)
* .pg_service.conf handling still has a fixed limit on line length of
256 bytes. See parseServiceInfo() in fe-connect. I think we should lift
that limit too, for the sake of consistency. You can pass a password in
the service file, too.
* Missed a few simple_prompt() calls in contrib (oid2name, vacuumlo,
pgbench)
- Heikki
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
