Hi Stephen,
On 10/12/18, 3:52 PM, "Stephen Frost" <sfrost@snowman.net> wrote:
> If we're going to do work in this area, why wouldn't we have the client
> tools and the server agree on the max length and then have them all be
> consistent..?
>
> Seems odd to decide that 100 character buffer size in the clients makes
> sense and then make the server support an 8k password.
I considered this but wondered if expanding the buffers over 80x was
too intrusive or if the 100 character limit had some historical
purpose. I'm happy to align everything if desired.
> I'm also trying to figure out why it makes sense to support an 8k
> password and if we've really tried seeing what happens if pg_authid gets
> a toast table that's actually used for passwords...
Since v10+ always stores passwords encrypted [0], I don't think it
will require a TOAST table.
> I'll note your patches neglected to include any tests...
I will look into adding tests. I've also been told that there may be
some limits for the .pgpass file, so I am looking into that as well.
Nathan
[0] https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=eb61136dc75a76caef8460fa939244d8593100f2
