Thread: Fwd: BUG #17216: No Password Provided Error - uncaught exception
Driver version: 42.2.24
PostgreSQL version: Debian 14.0-1.pgdg110+1
Operating system: x86_64-pc-linux-gnu
When connecting to the pg database 14.0 and no password (empty) is specified the following error message is returned
"Something unusual has occurred to cause the driver to fail. Please report this exception. Empty value for ‘password’ "
In previous versions of the database (13.4) the password specific error message is returned "The server requested password-based authentication, but no password was provided"
Previous versions of the driver (42.2.*) exhibit the same behaviour when connecting to version 14. The password specific exception is expected rather than the generic message.
Cliff Sizer <cliffsizer@gmail.com> writes:
> Yes, 42.2.24 is the latest available driver.
Hmm, I'm sure they have added SCRAM support, so that theory seems
out. Perhaps you should file a ticket with the JDBC crew.
(pgsql-bugs only deals with bugs in the core server.)
regards, tom lane
Previous versions of the driver (42.2.*) exhibit the same behaviour when connecting to version 14. The password specific exception is expected rather than the generic message.
jdbc:postgresql://{host}[:{port}]/[{database}]?user=myuser&password=
Stack Trace:
Caused by: org.postgresql.util.PSQLException: Something unusual has occurred to cause the driver to fail. Please report this exception.
at org.postgresql.Driver$ConnectThread.getResult(Driver.java:420)
at org.postgresql.Driver.connect(Driver.java:271)
at org.apache.commons.dbcp2.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:55)
at org.apache.commons.dbcp2.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:355)
at org.apache.commons.dbcp2.BasicDataSource.validateConnectionFactory(BasicDataSource.java:115)
at org.apache.commons.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:665)
... 86 common frames omitted
Caused by: java.lang.AssertionError: Misuse of castNonNull: called with a null argument
at org.postgresql.util.internal.Nullness.castNonNull(Nullness.java:22)
at org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:759)
at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:161)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:213)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:51)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:225)
at org.postgresql.Driver.makeConnection(Driver.java:465)
at org.postgresql.Driver.access$100(Driver.java:62)
at org.postgresql.Driver$ConnectThread.run(Driver.java:375)
... 1 common frames omitted
at org.postgresql.Driver$ConnectThread.getResult(Driver.java:420)
at org.postgresql.Driver.connect(Driver.java:271)
at org.apache.commons.dbcp2.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:55)
at org.apache.commons.dbcp2.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:355)
at org.apache.commons.dbcp2.BasicDataSource.validateConnectionFactory(BasicDataSource.java:115)
at org.apache.commons.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:665)
... 86 common frames omitted
Caused by: java.lang.AssertionError: Misuse of castNonNull: called with a null argument
at org.postgresql.util.internal.Nullness.castNonNull(Nullness.java:22)
at org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:759)
at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:161)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:213)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:51)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:225)
at org.postgresql.Driver.makeConnection(Driver.java:465)
at org.postgresql.Driver.access$100(Driver.java:62)
at org.postgresql.Driver$ConnectThread.run(Driver.java:375)
... 1 common frames omitted
Kind regards,
Cliff
---------- Forwarded message ---------
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Wed, Oct 6, 2021 at 7:01 PM
Subject: Re: BUG #17216: No Password Provided Error - uncaught exception
To: Cliff Sizer <cliffsizer@gmail.com>
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Wed, Oct 6, 2021 at 7:01 PM
Subject: Re: BUG #17216: No Password Provided Error - uncaught exception
To: Cliff Sizer <cliffsizer@gmail.com>
Cliff Sizer <cliffsizer@gmail.com> writes:
> Yes, 42.2.24 is the latest available driver.
Hmm, I'm sure they have added SCRAM support, so that theory seems
out. Perhaps you should file a ticket with the JDBC crew.
(pgsql-bugs only deals with bugs in the core server.)
regards, tom lane
On Fri, Oct 8, 2021 at 12:25 AM Cliff Sizer <cliffsizer@gmail.com> wrote:
When connecting to the pg database 14.0 and no password (empty) is specified the following error message is returned
"Something unusual has occurred to cause the driver to fail. Please report this exception. Empty value for ‘password’ "
This is a bug in the driver's handling of SCRAM authentication. We need to add a check that a non-empty password has been provided by the user before trying to use it.
The MD5 authentication handling has such a check. I think we just need to copy it into the handling for the first SCRAM authentication request message.
FYI, the driver does support SCRAM authentication, the issue here is it does not gracefully handle the situation where the server requests SCRAM authentication and the client's connection properties do not include a password.
I've opened a GitHub issue for this error here: https://github.com/pgjdbc/pgjdbc/issues/2288
Regards,
-- Sehrope Sarkuni
Founder & CEO | JackDB, Inc. | https://www.jackdb.com/