Thread
-
Re: [INTERFACES] Re: [HACKERS] User authentication bug?
Tom Lane <tgl@sss.pgh.pa.us> — 1998-08-02T22:40:28Z
Maarten Boekhold <maartenb@dutepp0.et.tudelft.nl> writes: > On Sat, 1 Aug 1998, Tom Lane wrote: >> It's possible that there are still bogus length limits on username >> or password in some of the other PostgreSQL user interfaces besides >> psql/libpq. I will leave it to other folks to check that code. > I think the perl-module behaves the same, but I'm not totally sure about > it. I have a script where passing a 9 chars username to PQconnectdb() > fails to connect to a backend, while if I truncate the username to 8 > chars it works. Hmm. What pgsql version are you using? A quick glance at src/interfaces/perl5 doesn't show any dependencies on username or password length in it --- it's just a very simple wrapper for libpq. regards, tom lane
-
Re: [INTERFACES] Re: [HACKERS] User authentication bug?
Maarten Boekhold <maartenb@dutepp2.et.tudelft.nl> — 1998-08-03T06:30:17Z
On Sun, 2 Aug 1998, Tom Lane wrote: > Maarten Boekhold <maartenb@dutepp0.et.tudelft.nl> writes: > > On Sat, 1 Aug 1998, Tom Lane wrote: > >> It's possible that there are still bogus length limits on username > >> or password in some of the other PostgreSQL user interfaces besides > >> psql/libpq. I will leave it to other folks to check that code. > > > I think the perl-module behaves the same, but I'm not totally sure about > > it. I have a script where passing a 9 chars username to PQconnectdb() > > fails to connect to a backend, while if I truncate the username to 8 > > chars it works. > > Hmm. What pgsql version are you using? A quick glance at > src/interfaces/perl5 doesn't show any dependencies on username or > password length in it --- it's just a very simple wrapper for libpq. I'll have a quick try to see if it indeed does behave this way. Get back to you later. Maarten _____________________________________________________________________________ | TU Delft, The Netherlands, Faculty of Information Technology and Systems | | Department of Electrical Engineering | | Computer Architecture and Digital Technique section | | M.Boekhold@et.tudelft.nl | -----------------------------------------------------------------------------
-
Re: [INTERFACES] Re: [HACKERS] User authentication bug?
Maarten Boekhold <maartenb@dutepp2.et.tudelft.nl> — 1998-08-03T06:40:03Z
On Sun, 2 Aug 1998, Tom Lane wrote: > Maarten Boekhold <maartenb@dutepp0.et.tudelft.nl> writes: > > On Sat, 1 Aug 1998, Tom Lane wrote: > >> It's possible that there are still bogus length limits on username > >> or password in some of the other PostgreSQL user interfaces besides > >> psql/libpq. I will leave it to other folks to check that code. > > > I think the perl-module behaves the same, but I'm not totally sure about > > it. I have a script where passing a 9 chars username to PQconnectdb() > > fails to connect to a backend, while if I truncate the username to 8 > > chars it works. > > Hmm. What pgsql version are you using? A quick glance at > src/interfaces/perl5 doesn't show any dependencies on username or > password length in it --- it's just a very simple wrapper for libpq. I've tried it (wrote a little script to test it), and I got the following: length(usename) == 9 : connect with usename of 9 : failed length(usename) == 9 : connect with usename of 8 : failed length(usename) == 8 : connect with usename of 9 : failed length(usename) == 8 : connect with usename of 8 : succeeded so it appears not to be working somehow... Maarten _____________________________________________________________________________ | TU Delft, The Netherlands, Faculty of Information Technology and Systems | | Department of Electrical Engineering | | Computer Architecture and Digital Technique section | | M.Boekhold@et.tudelft.nl | -----------------------------------------------------------------------------