Home > mailing lists

Re: Possible PostgreSQL 8.3beta4 bug with MD5 authentication in psql? - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Possible PostgreSQL 8.3beta4 bug with MD5 authentication in psql?
Date	December 8, 2007 14:12:18
Msg-id	10648.1197126590@sss.pgh.pa.us Whole thread Raw
In response to	Re: Possible PostgreSQL 8.3beta4 bug with MD5 authentication in psql? (Alvaro Herrera <alvherre@alvh.no-ip.org>)
Responses	Re: Possible PostgreSQL 8.3beta4 bug with MD5 authentication in psql? (Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>)
List	pgsql-hackers

Tree view

Alvaro Herrera <alvherre@alvh.no-ip.org> writes:
> Tom Lane wrote:
>> 3. Invent another libpq function, maybe PQconnectionNeedsPassword,
>> that does the right thing for the password-checking tests.

> My vote goes to (3), if the work can be done quickly, or (1) if it
> can't.

I don't think it's a big problem to do, as long as we are agreed on
the behavior we want.  In particular, consider:

1. If libpq obtains a password internally (ie, from PGPASSWORD or
~/.pgpass), and it's wrong, do we want a user password prompt?

2. If we prompt the user for a password, and it's wrong, do we
want to try again?

Our historical behavior on both points was "no", but at least
the second one seems a bit questionable.
        regards, tom lane

pgsql-hackers by date:

From: Alvaro Herrera
Date: 08 December 2007, 12:23:50
Subject: Re: Possible PostgreSQL 8.3beta4 bug with MD5 authentication in psql?

From: Andrew Dunstan
Date: 08 December 2007, 14:54:13
Subject: Re: buildenv.pl/buildenv.bat

Re: Possible PostgreSQL 8.3beta4 bug with MD5 authentication in psql? - Mailing list pgsql-hackers

Previous

Next