public inbox for [email protected]  
help / color / mirror / Atom feed
From: Tom Lane <[email protected]>
To: Nathan Bossart <[email protected]>
Cc: Jonathan S. Katz <[email protected]>
Cc: Michael Paquier <[email protected]>
Cc: Alexander Lakhin <[email protected]>
Cc: pgsql-hackers <[email protected]>
Subject: Re: Should rolpassword be toastable?
Date: Thu, 03 Oct 2024 17:39:06 -0400
Message-ID: <[email protected]> (raw)
In-Reply-To: <Zv8MTMy87pRlRqD_@nathan>
References: <ZuxjAIOJ4GSa34KC@nathan>
	<ZuydAj4nrt4cpGU5@nathan>
	<[email protected]>
	<[email protected]>
	<Zuzh6Nq750L9BZn5@nathan>
	<[email protected]>
	<[email protected]>
	<Zu2eT2H8OT3OXauc@nathan>
	<[email protected]>
	<Zu8r0oO0Vi0FxdpB@nathan>
	<Zv8MTMy87pRlRqD_@nathan>

Nathan Bossart <[email protected]> writes:
> For the reasons discussed upthread [0], I can't bring myself to add an
> arbitrary limit to the password hash length.  I am going to leave 0001
> uncommitted for now.
> [0] https://postgr.es/m/Zu2eT2H8OT3OXauc%40nathan

I'm confused, as in [0] you said

>> ...  But on the off-chance
>> that someone is building a custom driver that generates long hashes for
>> whatever reason, I'd imagine that a clear error would be more helpful than
>> "row is too big."

I agree with the idea that complaining about the password being too
long is far more intelligible than that.  Another problem with
leaving it as it stands in HEAD is that the effective limit is now
platform-specific, if not indeed dependent on the phase of the moon
(or at least, the other contents of the pg_authid row).  I fear it
would be very easy to construct cases where a password is accepted
on one machine but fails with "row is too big" on another.  A
uniform limit seems much less fraught with surprises.

			regards, tom lane






view thread (17+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected], [email protected], [email protected]
  Subject: Re: Should rolpassword be toastable?
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox