On 7/18/23 11:30, mahendrakar s wrote:
Hi hackers,
We have encountered an issue (invalid message length) when the
password length is > 1000 in pg 11,12,13 versions. This is due to the
limit(1000) on the max length of the password. In this case the
password is an access token(JWT) which can have varied lengths >
1000. I see that this is already handled for GSS and SSPI
authentication tokens where the maximum accepted size is 65535.
This is not the case with pg versions >=14 as the limit on max length
is 65535(this change was added as part of sanity checks[1]).
So we have two options:
1. Backport patch[1] to 11,12,13
2. Change ONLY the limit on the max length of the password(my patch attached).
Please let me know your thoughts.
The third option is to upgrade.
--
Vik Fearing
