Question about password character in ECPG's connection string

Egashira, Yusuke <egashira.yusuke@jp.fujitsu.com>

From: "Egashira, Yusuke" <egashira.yusuke@jp.fujitsu.com>
To: "'pgsql-general@postgresql.org'" <pgsql-general@postgresql.org>
Date: 2019-08-27T07:29:14Z
Lists: pgsql-general
Hi,

I have question about connection string of ECPG's CONNECT statement.

I'm using postgresql 9.5.17 with ECPG application.
When I trying to connect to the database, I found that some characters as password in ECPG's connection_option cannot be accepted.
Is the specification of ECPG's connection string (connection_option) different from libpq's one?

I referred the below documents.
- CONNECT of ecpg: https://www.postgresql.org/docs/9.5/ecpg-sql-connect.html
- Connection string of libpq: https://www.postgresql.org/docs/9.5/libpq-connect.html#LIBPQ-CONNSTRING


Example: 
1. Creating database role with password which contains '&'.
   > CREATE ROLE myuser LOGIN PASSWORD 'pass&word';
2. Modifying the pg_hba.conf to use "MD5" as auth-method.
3. pg_ctl reload
4. Connecting from ECPG application with below CONNECT statement.
   EXEC SQL CONNECT "tcp:postgresql://localhost?user=myuser&password=pass&word";
     -> The connection was refused because of password failure.

I thought that the '&' should be percent-encoded in connection string. However, it was also failed.
   EXEC SQL CONNECT "tcp:postgresql://localhost?user=myuser&password=pass%26word";
     -> The connection was refused because of password failure.

On the other hand, the percent-encoded connection string was able to use in psql.
   > psql "postgresql://localhost?user=myuser&password=pass%26word"
     -> I could login as "myuser".

So, I think that the connection string specification of ECPG is different from libpq's one.
Is there the password character's limitation in ECPG?

Regards.
--
Yusuke, Egashira




Commits

  1. Doc: describe the "options" allowed in an ECPG connection target string.

  2. Cosmetic improvements for options-handling code in ECPGconnect().