Re: String encoding during connection "handshake"

Martin is actually right. No assumption is made about the encoding of the password. The password is recieved as a set of bytes over the wire-level protocol and then processed accordingly as per your pg_hba settings. please refer to auth.c method recv_password_packet(Port *port). The comment on the last line of the method might be of your intrest, and i quote

"Return the received string, Note we do not attempt to do any character set conversion on it; since we don't know the client's encoding, there woudn't be much point"

/ Usama

________________________________

From: pgsql-hackers-owner(at)postgresql(dot)org on behalf of sulfinu(at)gmail(dot)com
Sent: Tue 11/27/2007 8:55 PM
To: Martijn van Oosterhout
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: [HACKERS] String encoding during connection "handshake"

On Tuesday 27 November 2007, Martijn van Oosterhout wrote:
> I was under the impression that the username/password, had no encoding,
> they are Just a Bunch of Bits, i.e. byte[].
I cannot agree to that, simply because Postgres supports (or at least claims
to) multi-byte characters. And user names, passwords and database names are
character strings.

> Looking at it another way, the encoding is part of the password. The
> correctly entered password in the wrong encoding is also wrong, because
> the matching is done at the byte level.
I'm afraid that is true to some extent, that's why I'm asking in the first
place. A user should be able to authenticate as long as he/she is able to
write the password, regardless of the OS's locale setting.

> This is all AIUI,
Thanks fot the input, I'm waiting for others, too. Or point me to the relevant
source files.

---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faq