RE: Question about password character in ECPG's connection string

Egashira, Yusuke <egashira.yusuke@jp.fujitsu.com>

From: "Egashira, Yusuke" <egashira.yusuke@jp.fujitsu.com>
To: 'Luca Ferrari' <fluca1978@gmail.com>, Alban Hertroys <haramrae@gmail.com>, "pgsql-general@postgresql.org" <pgsql-general@postgresql.org>
Cc: Adrian Klaver <adrian.klaver@aklaver.com>, Giuseppe Sacco <giuseppe@eppesuigoccas.homedns.org>
Date: 2019-08-29T11:08:37Z
Lists: pgsql-general
> > Perhaps it helps to URL-encode the & in the password as %26?
> 
> The OP already did without success.

Yes, I already get failed with URL-encode the &.

> Could it be needed to escape the & with the backslash or single ticks?

Thanks. I tested with "pass\&word" and "'pass&word'".
However, them also failed...

My tested ways are followings.
- [ECPG] Connection option with plain string :
  EXEC SQL CONNECT "tcp:postgresql://localhost?user=myuser&password=pass&word"
    -> Failed.
- [ECPG] Connection option with percent-encoded string :
  EXEC SQL CONNECT "tcp:postgresql://localhost?user=myuser&password=pass%26word"
    -> Failed.
- [ECPG] Connection option with backslash escaped string :
  EXEC SQL CONNECT "tcp:postgresql://localhost?user=myuser&password=pass\&word"
    -> Failed. (and gcc claims warning)
- [ECPG] Connection option with single-quoted string :
  EXEC SQL CONNECT "tcp:postgresql://localhost?user=myuser&password='pass&word'"
    -> Failed.
- [ECPG] USING or IDENTIFIED BY phrase :
  EXEC SQL CONNECT "tcp:postgresql://localhost" USER "myuser" USING "pass&word"
  EXEC SQL CONNECT "tcp:postgresql://localhost" USER "myuser" IDENTIFIED BY "pass&word"
    -> Success.
- [psql] Connection option with plain string :
  psql "postgresql://localhost?user=myuser&password=pass&word"
    -> Failed.
- [psql] Connection option with percent-encoded string :
  psql "postgresql://localhost?user=myuser&password=pass%26word"
    -> Success.

According to my tests, I think that the ECPG's connection_option seems not to accept '&' character as password anyhow...
ECPG CONNECT's connection_option seems to have some restricted characters.
I will use "IDENTIFIED BY" phrase to connect the database in my ECPG application.

The database role's password often contains '&' in our environment.
I hope to this limitation will be documented because it causes confusion.

Regards.
--
Yusuke, Egashira

Commits

  1. Doc: describe the "options" allowed in an ECPG connection target string.

  2. Cosmetic improvements for options-handling code in ECPGconnect().