[pgpool-hackers: 3577] Re: [PATCH] Feature: Add support for an user/password input file to pg_md5
Umar Hayat
m.umarkiani at gmail.com
Fri Apr 10 20:28:49 JST 2020
Thanks Bo Peng.
Ishii-san,
Can you please move following to DONE in TODO wiki.
*https://pgpool.net/mediawiki/index.php/TODO#Add_support_for_an_user/password_input_file_to_pg_md5
<https://pgpool.net/mediawiki/index.php/TODO#Add_support_for_an_user/password_input_file_to_pg_md5>*
Thanks
Umar Hayat
On Tue, Apr 7, 2020 at 7:53 AM Bo Peng <pengbo at sraoss.co.jp> wrote:
> Thank you.
>
> Patch is committed.
>
> https://git.postgresql.org/gitweb/?p=pgpool2.git;a=commit;h=68d66a66f55099d7ef2fdf0e7fb48ba6577e98c3
>
> On Mon, 30 Mar 2020 17:14:12 +0500
> Umar Hayat <m.umarkiani at gmail.com> wrote:
>
> > Hi Usama,
> > Any feedback ?
> >
> > On Thu, Mar 19, 2020 at 7:07 AM Bo Peng <pengbo at sraoss.co.jp> wrote:
> >
> > > Hello,
> > >
> > > On Wed, 18 Mar 2020 11:51:05 +0500
> > > Umar Hayat <m.umarkiani at gmail.com> wrote:
> > >
> > > > Hi,
> > > > Please updated patch based on feedback from Tatsu Ishii on pg_enc
> patch.
> > >
> > > I tested your patch and it works fine.
> > >
> > > Usama,
> > >
> > > If you don't have any feedback, I am going to update
> > > the patch based on Ishii-san's feedback and commit it.
> > >
> > > > Regards
> > > > Umar Hayat
> > > >
> > > > On Tue, Mar 10, 2020 at 3:39 PM Umar Hayat <m.umarkiani at gmail.com>
> > > wrote:
> > > >
> > > > > Any further updated needed for this patch from my end?
> > > > >
> > > > > Regards
> > > > > Umar Hayat
> > > > >
> > > > > On Thu, Mar 5, 2020 at 1:45 AM Umar Hayat <m.umarkiani at gmail.com>
> > > wrote:
> > > > >
> > > > >> Hi Usama,
> > > > >> Thanks for feedback, updated patch is attached.
> > > > >> Please see comments inline.
> > > > >>
> > > > >> Regards
> > > > >> Umar Hayat
> > > > >>
> > > > >>
> > > > >> On Wed, Mar 4, 2020 at 8:05 PM Muhammad Usama <m.usama at gmail.com>
> > > wrote:
> > > > >>
> > > > >>> Hi Umar,
> > > > >>>
> > > > >>> Here are some of the comments on your patch on top of Peng's
> > > comments.
> > > > >>>
> > > > >>> 1- The patch breaks the -f short option, by removing the :
> (colon)
> > > after
> > > > >>> f from the optstring argument to getopt_long function
> > > > >>>
> > > > >>> i.e
> > > > >>> while ((opt = getopt_long(argc, argv, "hpmfi:u:", long_options,
> > > > >>> &optindex)) != -1)
> > > > >>> should be
> > > > >>> while ((opt = getopt_long(argc, argv, "hpmf:i:u:", long_options,
> > > > >>> &optindex)) != -1)
> > > > >>>
> > > > >> Fixed.
> > > > >>
> > > > >>> 2- The input file has no option to specify escape characters. For
> > > > >>> example, there is no way to specify a user name or password
> > > > >>> in the input file that contains : (colon)
> > > > >>>
> > > > >> It does handle colon in password as it consider only left most
> colon
> > > as
> > > > >> separator. For example for pair like 'user:pass:word', user name
> will
> > > be
> > > > >> 'user' and password will be 'pass:word'
> > > > >> I am not sure user name with colon is valid scenario? If its
> true, we
> > > can
> > > > >> add a note otherwise IMO there could be ton of negative scenarios.
> > > > >>
> > > > >>> 3- Specifying the input file disregards the "-m" "--md5auth"
> option
> > > > >>>
> > > > >>> Fixed. That was purposefully disregarded previously as mention
> > > > >> in mentisbt-422, input-file mode as only for md5auth.
> > > > >> Now It honour -m flag and in absence of this it will print md5
> value
> > > > >> stdout.
> > > > >>
> > > > >>> 4- The patch is not considering the length of username and
> password
> > > > >>> buffers while copying into them
> > > > >>>
> > > > >>>
> > > > >>> + strncpy(username, buf, pch-buf);
> > > > >>> + strncpy(password, pch+1, strlen(pch+1));
> > > > >>>
> > > > >>>
> > > > >>> The len (3rd) argument of strncpy is intended to guard against
> the
> > > > >>> buffer overflow of the destination string.
> > > > >>>
> > > > >>> Fixed.
> > > > >>
> > > > >>> Thanks
> > > > >>> Best regards
> > > > >>> Muhammad Usama
> > > > >>>
> > > > >>>
> > > > >>> On Wed, Mar 4, 2020 at 11:03 AM Umar Hayat <
> m.umarkiani at gmail.com>
> > > > >>> wrote:
> > > > >>>
> > > > >>>> Hi Bo Peng,
> > > > >>>> Please find updated patch with following changes.
> > > > >>>> 1. Trailing whitespaces warning removed
> > > > >>>> 2. Documentation added in "doc/src/sgml/ref/pg_md5.sgml" with
> > > options
> > > > >>>> update and example usage.
> > > > >>>>
> > > > >>>> Regards,
> > > > >>>> Umar Hayat
> > > > >>>>
> > > > >>>> On Wed, Mar 4, 2020 at 7:40 AM Bo Peng <pengbo at sraoss.co.jp>
> wrote:
> > > > >>>>
> > > > >>>>> hello,
> > > > >>>>>
> > > > >>>>> On Tue, 3 Mar 2020 14:13:33 +0500
> > > > >>>>> Umar Hayat <m.umarkiani at gmail.com> wrote:
> > > > >>>>>
> > > > >>>>> > Hi Bo Peng,
> > > > >>>>> > Any feedback, If this looks ok to you? I should send the
> same for
> > > > >>>>> pg_enc
> > > > >>>>> > utility.
> > > > >>>>>
> > > > >>>>> Sorry for late response.
> > > > >>>>>
> > > > >>>>> First, when I apply this patch, I found some extra trailing
> spaces.
> > > > >>>>>
> > > > >>>>> -----------------
> > > > >>>>> $ git apply pg_md5_input_file.diff
> > > > >>>>> pg_md5_input_file.diff:85: trailing whitespace.
> > > > >>>>> static void
> > > > >>>>> warning: 1 line adds whitespace errors.
> > > > >>>>> -----------------
> > > > >>>>>
> > > > >>>>> Could you add documentation in "doc/src/sgml/ref/pg_md5.sgml"
> to
> > > > >>>>> explain how to use this option?
> > > > >>>>>
> > > > >>>>> >
> > > > >>>>> > Regards
> > > > >>>>> > Umar Hayat
> > > > >>>>> > Principal Software Engineer
> > > > >>>>> > EnterpriseDB: https://www.enterprisedb.com
> > > > >>>>> >
> > > > >>>>> > On Thu, Feb 13, 2020 at 9:54 AM Bo Peng <pengbo at sraoss.co.jp
> >
> > > wrote:
> > > > >>>>> >
> > > > >>>>> > > Thank you for your patch.
> > > > >>>>> > > I will review your patch.
> > > > >>>>> > >
> > > > >>>>> > > On Tue, 11 Feb 2020 16:45:50 +0500
> > > > >>>>> > > Umar Hayat <m.umarkiani at gmail.com> wrote:
> > > > >>>>> > >
> > > > >>>>> > > > Hello Hackers,
> > > > >>>>> > > >
> > > > >>>>> > > > I saw "Add support for an user/password input file to
> pg_md5"
> > > > >>>>> enhancement
> > > > >>>>> > > > in PgPool-II TODO list
> > > > >>>>> > > > <
> > > > >>>>> > >
> > > > >>>>>
> > >
> https://pgpool.net/mediawiki/index.php/TODO#Add_support_for_an_user/password_input_file_to_pg_md5
> > > > >>>>> > > >,
> > > > >>>>> > > > (mentisbt-422 <
> > > https://www.pgpool.net/mantisbt/view.php?id=422>),
> > > > >>>>> so I
> > > > >>>>> > > > implemented this in pg_md5 utility. Please find attached
> > > patch
> > > > >>>>> for
> > > > >>>>> > > > enhancement.
> > > > >>>>> > > >
> > > > >>>>> > > > As suggested, a new --input-file option added in pg_md5.
> > > Using
> > > > >>>>> this
> > > > >>>>> > > option,
> > > > >>>>> > > > pg_md5 will parse the *user:password* pairs from provide
> file
> > > > >>>>> and will
> > > > >>>>> > > > create *user:md5xxxxxx* value in pool_passwd file.
> > > > >>>>> > > >
> > > > >>>>> > > > Regards,
> > > > >>>>> > > > Umar Hayat
> > > > >>>>> > >
> > > > >>>>> > >
> > > > >>>>> > > --
> > > > >>>>> > > Bo Peng <pengbo at sraoss.co.jp>
> > > > >>>>> > > SRA OSS, Inc. Japan
> > > > >>>>> > >
> > > > >>>>>
> > > > >>>>>
> > > > >>>>> --
> > > > >>>>> Bo Peng <pengbo at sraoss.co.jp>
> > > > >>>>> SRA OSS, Inc. Japan
> > > > >>>>>
> > > > >>>> _______________________________________________
> > > > >>>> pgpool-hackers mailing list
> > > > >>>> pgpool-hackers at pgpool.net
> > > > >>>> http://www.pgpool.net/mailman/listinfo/pgpool-hackers
> > > > >>>>
> > > > >>>
> > >
> > >
> > > --
> > > Bo Peng <pengbo at sraoss.co.jp>
> > > SRA OSS, Inc. Japan
> > >
>
>
> --
> Bo Peng <pengbo at sraoss.co.jp>
> SRA OSS, Inc. Japan
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.sraoss.jp/pipermail/pgpool-hackers/attachments/20200410/85e587d1/attachment.html>
More information about the pgpool-hackers
mailing list