Re: Maximum password length
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
Cc: Alexander Kukushkin <cyberdemn@gmail.com>, bossartn@amazon.com,
Stephen Frost <sfrost@snowman.net>, isaac.morland@gmail.com,
PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2020-09-02T00:58:23Z
Lists: pgsql-hackers
Attachments
- remove-password-length-limits-1.patch (text/x-diff) patch
I wrote: > Peter Eisentraut <peter.eisentraut@2ndquadrant.com> writes: >> ISTM that it's only going to be a matter of time before that will be >> exceeded. Why have a limit at all? Accept whatever StringInfo accepts. > Hmm, that would require some refactoring of simple_prompt for starters. To use StringInfo, we have to move sprompt.c into src/common/ where the stringinfo stuff lives; but that seems fine to me, because it had little if any business being in src/port/. Here's a draft patch that does it that way. This could be refined; in particular, I think that most of the password-prompting sites could drop their separate have_password flags in favor of checking whether the password pointer is NULL or not. That would likely also prove that some of the free(password) calls I sprinkled in are unnecessary. regards, tom lane
Commits
-
Remove arbitrary restrictions on password length.
- 67a472d71c98 14.0 landed
-
Remove support for password_encryption='off' / 'plain'.
- eb61136dc75a 10.0 cited