On 15.02.2012 07:09, Andy Grimm wrote:
> Sorry that it's been a couple of weeks, but I have gotten around to
> working on a patch that address more of these concerns. The attached
> patch should
>
> 1) allow arbitrary length passwords to be read from a file via initdb --pwfile
> 2) allow the client to accept a password of arbitrary length at the
> password prompt
> 3) allow a password of arbitrary length in a pgpass file
>
> In #2 I say "allow the client to accept", because there's a
> pq_getmessage call in src/backend/libpq/auth.c which limits the
> password message length to 1000 characters. Changing that part of the
> code should allow longer passwords, but there may be other lurking
> backend issues after that, and I'm not concerned about going beyond
> 1000 at this point.
Thanks for the patch. A few comments:
* Most of the simple_prompt() calls are for passwords, which now have no
limit, but there's a few others. How about we remove the maxlen argument
altogether, and just have it always return a malloc'd string that can be
arbitrarily long. (maybe with a sanity-check limit within
simple_prompt(), like 100k)
* .pg_service.conf handling still has a fixed limit on line length of
256 bytes. See parseServiceInfo() in fe-connect. I think we should lift
that limit too, for the sake of consistency. You can pass a password in
the service file, too.
* Missed a few simple_prompt() calls in contrib (oid2name, vacuumlo,
pgbench)
- Heikki