Re: password handling change between 2.4.2 and 2.4.3

On Fri, Sep 5, 2014 at 7:47 PM, Jerry Schneider <jerry57(at)gmail(dot)com> wrote:
> I am using a library for testing that uses psycopg2 to connect to PostgreSQL
> databases. I recently had to install new machines and have found that if I
> use anything newer than 2.4.2 I get OperationalError: FATAL: password
> authentication failed for user "blah" Can anyone tell me what changed so
> that I can get the testing library updated to that change please?

Does your password contain (or may contain) "strange" characters?
Before 2.4.3 they were not correctly escaped when passed to the
PQconnectdb connection string. So e.g. if you have a space in the
password and you try passing it as argument as in
`connect(password=PASS)` on psycopg 2.4.2 the connection fails. This
was fixed in 2.4.3 (in this commit:
https://github.com/psycopg/psycopg2/commit/625cc1b402b33799757fb9b8fe421a2ea63e1236)
If you (or someone else before you) found this problem and decided to
manually escape the password before passing it to psycopg, from 2.4.3
it gets double-escaped.

There were other changes between these two versions but this is the
one I'd blame.

As a workaround you may pass the entire connection string to psycopg,
so if you already have QPASS with the password quoted and escaped,
something like `connect("password=%s" % QPASS)` will work the same way
in every psycopg version (the string is passed unchanged to the
database connection function).

-- Daniele