Re: ProcessStartupPacket(): database_name and user_name truncation

Kyotaro Horiguchi <horikyota.ntt@gmail.com>

From: Kyotaro Horiguchi <horikyota.ntt@gmail.com>
To: bertranddrouvot.pg@gmail.com
Cc: tgl@sss.pgh.pa.us, nathandbossart@gmail.com, michael@paquier.xyz, pgsql-hackers@lists.postgresql.org
Date: 2023-07-03T01:50:45Z
Lists: pgsql-hackers
At Fri, 30 Jun 2023 19:32:50 +0200, "Drouvot, Bertrand" <bertranddrouvot.pg@gmail.com> wrote in 
> Hi,
> 
> On 6/30/23 5:54 PM, Tom Lane wrote:
> > Nathan Bossart <nathandbossart@gmail.com> writes:
> >> After taking another look at this, I wonder if it'd be better to fail
> >> as
> >> soon as we see the database or user name is too long instead of
> >> lugging
> >> them around when authentication is destined to fail.

For the record, if I understand Nathan correctly, it is what I
suggested in my initial post. If this is correct, +1 for the suggestion.

me> I think we might want to consider outright rejecting the
me> estblishment of a connection when the given database name doesn't
me> fit the startup packet

> > If we're agreed that we aren't going to truncate these identifiers,
> > that seems like a reasonable way to handle it.
> > 
> 
> Yeah agree, thanks Nathan for the idea.
> I'll work on a new patch version proposal.

regards.

-- 
Kyotaro Horiguchi
NTT Open Source Software Center



Commits

  1. Don't truncate database and user names in startup packets.