Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qLhC9-000S93-PO for pgsql-hackers@arkaria.postgresql.org; Tue, 18 Jul 2023 09:40:37 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1qLhC7-006lKN-8t for pgsql-hackers@arkaria.postgresql.org; Tue, 18 Jul 2023 09:40:35 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qLhC6-006lKF-VZ for pgsql-hackers@lists.postgresql.org; Tue, 18 Jul 2023 09:40:34 +0000 Received: from smtp.outgoing.loopia.se ([93.188.3.37]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qLhC3-000795-Me for pgsql-hackers@postgresql.org; Tue, 18 Jul 2023 09:40:34 +0000 Received: from s807.loopia.se (localhost [127.0.0.1]) by s807.loopia.se (Postfix) with ESMTP id E333A2F9AA1B for ; Tue, 18 Jul 2023 11:40:31 +0200 (CEST) Received: from s899.loopia.se (unknown [172.22.191.6]) by s807.loopia.se (Postfix) with ESMTP id D41D52E285CF; Tue, 18 Jul 2023 11:40:31 +0200 (CEST) Received: from s472.loopia.se (unknown [172.22.191.6]) by s899.loopia.se (Postfix) with ESMTP id D1FDA2C8BA65; Tue, 18 Jul 2023 11:40:31 +0200 (CEST) X-Virus-Scanned: amavisd-new at amavis.loopia.se X-Spam-Flag: NO X-Spam-Score: -1 X-Spam-Level: X-Spam-Status: No, score=-1 tagged_above=-999 required=6.2 tests=[ALL_TRUSTED=-1] autolearn=disabled Received: from s979.loopia.se ([172.22.191.6]) by s472.loopia.se (s472.loopia.se [172.22.190.12]) (amavisd-new, port 10024) with UTF8LMTP id 2pcDo43fekvy; Tue, 18 Jul 2023 11:40:31 +0200 (CEST) X-Loopia-Auth: user X-Loopia-User: daniel@yesql.se X-Loopia-Originating-IP: 89.255.232.193 Received: from smtpclient.apple (customer-89-255-232-193.stosn.net [89.255.232.193]) (Authenticated sender: daniel@yesql.se) by s979.loopia.se (Postfix) with ESMTPSA id 6AD7610BC488; Tue, 18 Jul 2023 11:40:31 +0200 (CEST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.3\)) Subject: Re: Increase limit on max length of the password( pg versions < 14) From: Daniel Gustafsson In-Reply-To: Date: Tue, 18 Jul 2023 11:40:31 +0200 Cc: PostgreSQL Hackers , tgl@sss.pgh.pa.us Content-Transfer-Encoding: quoted-printable Message-Id: References: To: mahendrakar s X-Mailer: Apple Mail (2.3696.120.41.1.3) List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk > On 18 Jul 2023, at 11:30, mahendrakar s = wrote: > So we have two options: > 1. Backport patch[1] to 11,12,13 > 2. Change ONLY the limit on the max length of the password(my patch = attached). We typically only backpatch bugfixes and not functional changes, and = this seems to fall in the latter category. As the size of the JWT depends on the number of claims in it, are you = able to reduce the number of claims to stay under the limit as a workaround? -- Daniel Gustafsson