| commit | 0660f74e861d0dc942af3e0b5f88cb2f0c72aee5 | |
| author | Tom Lane <tgl@sss.pgh.pa.us> | |
| Thu, 27 Jul 2023 16:07:48 +0000 (27 12:07 -0400) | ||
| committer | Tom Lane <tgl@sss.pgh.pa.us> | |
| Thu, 27 Jul 2023 16:07:48 +0000 (27 12:07 -0400) | ||
| tree | 6f183a1c5a2423542c269fc9fc2b1962ee7c7071 | treesnapshot (tar.gz zip) |
| parent | 22d0c30bd9662e48fb0d27253fec6a43c7673f13 | commitdiff |
Raise fixed token-length limit in hba.c.
Historically, hba.c limited tokens in the authentication configuration
files (pg_hba.conf and pg_ident.conf) to less than 256 bytes. We have
seen a few reports of this limit causing problems; notably, for
moderately-complex LDAP configurations. Increase the limit to 10240
bytes as a low-risk stop-gap solution.
In v13 and earlier, this also requires raising MAX_LINE, the limit
on overall line length. I'm hesitant to make this code consume
too much stack space, so I only raised that to 20480 bytes.
Discussion: https://postgr.es/m/1588937.1690221208@sss.pgh.pa.us
Historically, hba.c limited tokens in the authentication configuration
files (pg_hba.conf and pg_ident.conf) to less than 256 bytes. We have
seen a few reports of this limit causing problems; notably, for
moderately-complex LDAP configurations. Increase the limit to 10240
bytes as a low-risk stop-gap solution.
In v13 and earlier, this also requires raising MAX_LINE, the limit
on overall line length. I'm hesitant to make this code consume
too much stack space, so I only raised that to 20480 bytes.
Discussion: https://postgr.es/m/1588937.1690221208@sss.pgh.pa.us
| src/backend/libpq/hba.c | diffblobblamehistory |