Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1swTXX-0040tP-Ey for pgsql-hackers@arkaria.postgresql.org; Thu, 03 Oct 2024 21:39:16 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1swTXV-004Z4M-IB for pgsql-hackers@arkaria.postgresql.org; Thu, 03 Oct 2024 21:39:13 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1swTXV-004Z4D-8m for pgsql-hackers@lists.postgresql.org; Thu, 03 Oct 2024 21:39:13 +0000 Received: from sss.pgh.pa.us ([68.162.161.243]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1swTXQ-002PLX-Lt; Thu, 03 Oct 2024 21:39:12 +0000 Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1]) by sss.pgh.pa.us (8.15.2/8.15.2) with ESMTP id 493Ld6QN465161; Thu, 3 Oct 2024 17:39:06 -0400 From: Tom Lane To: Nathan Bossart cc: "Jonathan S. Katz" , Michael Paquier , Alexander Lakhin , pgsql-hackers Subject: Re: Should rolpassword be toastable? In-reply-to: References: <2047353.1726784074@sss.pgh.pa.us> <0a9b7f96-aa2f-41eb-8e69-62f7990ebf74@postgresql.org> <0d8f3541-13f4-4194-8dca-bae881cf1a9a@postgresql.org> <2445149.1726849661@sss.pgh.pa.us> Comments: In-reply-to Nathan Bossart message dated "Thu, 03 Oct 2024 16:27:40 -0500" MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <465159.1727991546.1@sss.pgh.pa.us> Date: Thu, 03 Oct 2024 17:39:06 -0400 Message-ID: <465160.1727991546@sss.pgh.pa.us> List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk Nathan Bossart writes: > For the reasons discussed upthread [0], I can't bring myself to add an > arbitrary limit to the password hash length. I am going to leave 0001 > uncommitted for now. > [0] https://postgr.es/m/Zu2eT2H8OT3OXauc%40nathan I'm confused, as in [0] you said >> ... But on the off-chance >> that someone is building a custom driver that generates long hashes for >> whatever reason, I'd imagine that a clear error would be more helpful than >> "row is too big." I agree with the idea that complaining about the password being too long is far more intelligible than that. Another problem with leaving it as it stands in HEAD is that the effective limit is now platform-specific, if not indeed dependent on the phase of the moon (or at least, the other contents of the pg_authid row). I fear it would be very easy to construct cases where a password is accepted on one machine but fails with "row is too big" on another. A uniform limit seems much less fraught with surprises. regards, tom lane