Re: Escaping : and \ in pgpass

Hi

On Mon, Feb 18, 2013 at 4:19 PM, Kevin Locke <kevin(at)kevinlocke(dot)name> wrote:
> Hello All,
>
> It appears that the way pgAdmin parses pgpass differs from the format
> documented for libpq[1] with respect to escaping : and \ characters.
> I noticed the difference when version 1.14.2 ignored my (escaped)
> pgpass entry for ::1 which was as follows:
>
> \:\:1:5432:*:username:password
>
> From what I can tell from looking at the current git sources, this
> would occur from escapes in IPv6 addresses and usernames or passwords
> with escaped : or \.
>
> The IPv6 case is not too serious as psql will accept addresses without
> escapes as well (I haven't tested username/passwords). I just wanted
> to bring it to your attention.
>
> If you decide to change the behavior, you may want to note that libpq
> changed its unescaping behavior in 9.2 as a result of this[2] ML
> thread.
>
> 1. http://www.postgresql.org/docs/current/static/libpq-pgpass.html
> 2. http://www.postgresql.org/message-id/20111217082754.GB30887@rice.edu

Yes, it looks like there is no support for escaping in the current
code. pgServer::StorePassword() and pgServer::GetPasswordIsStored()
certainly don't read/write escape characters when checking to see if a
password is needed from the user, or saving one, and similarly
pgPassConfigLine::Init(const wxString &line) and
pgPassConfigLine::GetText() are happily oblivious when editing files.

Neel, can you look at both issues and post a patch to fix them on the
mailing list please? It may make sense to make some of the code common
to both pairs of functions.

Thanks.

--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company