| From: | Dave Page <dpage(at)pgadmin(dot)org> |
|---|---|
| To: | Akshay Joshi <akshay(dot)joshi(at)enterprisedb(dot)com> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Heikki Linnakangas <hlinnakangas(at)vmware(dot)com>, dlo(at)isam(dot)kiwi, pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org>, Dhiraj Chawla <dhiraj(dot)chawla(at)enterprisedb(dot)com> |
| Subject: | Re: Re: [BUGS] BUG #10250: pgAdmin III 1.16.1 stores unescaped plaintext password |
| Date: | 2014-05-16 08:23:19 |
| Message-ID: | CA+OCxox2DtEV0_MnfGj5j4JbtBSDRaPxPs1TbkTZ80cFK96O=w@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers pgsql-bugs |
Thanks Akshay. Dhiraj, can you review please? I'm a little busy right now.
Thanks.
On Thu, May 15, 2014 at 7:39 AM, Akshay Joshi <akshay(dot)joshi(at)enterprisedb(dot)com
> wrote:
> Hi Dave
>
> I have fixed the escaping issue and tested it. It works fine for me.
> Attached is the patch file, can you please review it.
> If code looks good to you, can you please commit the code.
>
>
> On Thu, May 8, 2014 at 2:34 PM, Akshay Joshi <
> akshay(dot)joshi(at)enterprisedb(dot)com> wrote:
>
>> Sure.
>>
>>
>> On Thu, May 8, 2014 at 1:37 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
>>
>>> Akshay, can you look into the quoting problem please.
>>>
>>> On Thu, May 8, 2014 at 1:07 AM, Stephen Frost <sfrost(at)snowman(dot)net>
>>> wrote:
>>> > * Heikki Linnakangas (hlinnakangas(at)vmware(dot)com) wrote:
>>> >> (forwarding to pgadmin-hackers)
>>> >
>>> > Ah.
>>> >
>>> >> On 05/07/2014 06:44 PM, Stephen Frost wrote:
>>> >> >* dlo(at)isam(dot)kiwi (dlo(at)isam(dot)kiwi) wrote:
>>> >> >>but when the credential contains the delimiter (colon) it fails to
>>> be
>>> >> >>read back out and app responds with "invalid credentials".
>>> >> >>
>>> >> >>x.x.x.x:5432:*:username:password:with:colons
>>> >> >
>>> >> >Per the fine documentation, you need to escape any such usage with a
>>> >> >backslash. Please review:
>>> >>
>>> >> Stephen, you missed the context. pgadmin3 saves .pgpass, when you
>>> >> check the "store password" checkbox in the connection dialog. And
>>> >> apparantly pgadmin3 doesn't do that escaping properly.
>>> >
>>> > Wow, that's pretty rough. Hopefully they'll be able to fix it soon. :)
>>> >
>>> > Thanks,
>>> >
>>> > Stephen
>>>
>>>
>>>
>>> --
>>> Dave Page
>>> Blog: http://pgsnake.blogspot.com
>>> Twitter: @pgsnake
>>>
>>> EnterpriseDB UK: http://www.enterprisedb.com
>>> The Enterprise PostgreSQL Company
>>>
>>
>>
>>
>> --
>> *Akshay Joshi*
>> *Principal Software Engineer *
>>
>>
>>
>> *Phone: +91 20-3058-9517 <%2B91%2020-3058-9517> Mobile: +91 976-788-8246
>> <%2B91%20976-788-8246>*
>>
>
>
>
> --
> *Akshay Joshi*
> *Principal Software Engineer *
>
>
>
> *Phone: +91 20-3058-9517 <%2B91%2020-3058-9517> Mobile: +91 976-788-8246
> <%2B91%20976-788-8246>*
>
--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| Attachment | Content-Type | Size |
|---|---|---|
| Fixed_unescaped_password.patch | application/octet-stream | 3.2 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | gurunadh.venkata@gmail.com | 2014-05-20 12:07:57 | Hot stand by streaming replication in postgresql 9.2 |
| Previous Message | Akshay Joshi | 2014-05-15 06:39:25 | Re: Re: [BUGS] BUG #10250: pgAdmin III 1.16.1 stores unescaped plaintext password |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Venkateswara Rao U | 2014-05-16 10:39:25 | Errors in Back File |
| Previous Message | hikkis21c | 2014-05-16 07:20:39 | BUG #10338: could not read block |