| From: | mahendrakar s <mahendrakarforpg(at)gmail(dot)com> |
|---|---|
| To: | Pg Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Cc: | tgl(at)sss(dot)pgh(dot)pa(dot)us |
| Subject: | Increase limit on max length of the password( pg versions < 14) |
| Date: | 2023-07-18 09:30:25 |
| Message-ID: | CABkiuWpN16CT-j81AdzV63zwR8nX3EAeV1rU2nsNiU9+7oLEkQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi hackers,
We have encountered an issue (invalid message length) when the
password length is > 1000 in pg 11,12,13 versions. This is due to the
limit(1000) on the max length of the password. In this case the
password is an access token(JWT) which can have varied lengths >
1000. I see that this is already handled for GSS and SSPI
authentication tokens where the maximum accepted size is 65535.
This is not the case with pg versions >=14 as the limit on max length
is 65535(this change was added as part of sanity checks[1]).
So we have two options:
1. Backport patch[1] to 11,12,13
2. Change ONLY the limit on the max length of the password(my patch attached).
Please let me know your thoughts.
Thanks,
Mahendrakar.
[1]: https://www.postgresql.org/message-id/flat/2003757.1619373089%40sss.pgh.pa.us
| Attachment | Content-Type | Size |
|---|---|---|
| v1-0001-Increase-limit-for-max-length-of-the-password.patch | application/octet-stream | 798 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2023-07-18 09:34:35 | Re: doc: improve the restriction description of using indexes on REPLICA IDENTITY FULL table. |
| Previous Message | Amit Langote | 2023-07-18 09:11:06 | Re: remaining sql/json patches |