Postgres Pro
Downloads
Home   >   mailing lists

Re: BUG #6412: psql & fe-connect truncate passwords - Mailing list pgsql-bugs

From Euler Taveira de Oliveira
Subject Re: BUG #6412: psql & fe-connect truncate passwords
Date
Msg-id 4F24437F.7080306@timbira.com
Whole thread Raw
In response to BUG #6412: psql & fe-connect truncate passwords  (agrimm@gmail.com)
Responses Re: BUG #6412: psql & fe-connect truncate passwords  (Andy Grimm <agrimm@gmail.com>)
List pgsql-bugs
Tree view 
On 28-01-2012 14:32, Andy Grimm wrote:
> IMHO, there is a subtle difference here.  If psql raised an error
> message on passwords exceeding 100 characters, I would understand your
> perspective, but I think that simply truncating the password and
> continuing on is a bug.  I also think that hard-coding the number
> "100" in several places is simply poor practice which should be
> corrected, and that if there's good reason for that to be the password
> length limit, it should be uniformly enforced.
>
It is uniform on all of the bundled client tools. The source can always be
improved; such a constant is one of those improvements.

> The password is not of my choosing.  It's an autogenerated sha hash of
> an RSA key, and i've simply been the key to use.
> While I agree that it's generally impractical to use such a long
> password at the command line, more than 99% of the use of this
> password is programmatic, and if I complain to the author that the
> password is too long, he'll respond "it works for me with JDBC; you
> are using broken tools.
>
So the "broken" part is the password file, right? I won't expect someone with
such a long password typing or (of course) copy/paste it, will I? Again,
patches are welcome.

> I looked at the code before I wrote up the issue, and I have written
> and tested a patch.  I've posted it here:
>
> https://bugzilla.redhat.com/attachment.cgi?id=558061
>
Please, post a patch here, we don't follow other bug trackers.

> Perhaps I should just submit the patch to pgsql-hackers ?  I'm new to
> the pgsql bug interaction process, so my apologies if filing a bug was
> not the appropriate way to present the issue.  I get Internal Server
> Error messages when I attempt to subscribe to any of the pgsql mailing
> lists, so this makes communication with the lists difficult.
>
Bugs are tracked here but when it is not a bug but an improvement, we just
redirect this thread to -hackers.


--
   Euler Taveira de Oliveira - Timbira       http://www.timbira.com.br/
   PostgreSQL: Consultoria, Desenvolvimento, Suporte 24x7 e Treinamento

pgsql-bugs by date:

Previous
From: Tom Lane
Date:
Subject: Re: BUG #6412: psql & fe-connect truncate passwords
Next
From: james@stev.org
Date:
Subject: BUG #6413: pg_relation_size wont work on table with upper case chars