2012/7/24 Tom Lane <tgl@xxxxxxxxxxxxx>
Dmitriy Igrishin <dmitigr@xxxxxxxxx> writes:Please note that empty and null are not the same thing...
> But it's impossible to pass empty (NULL) password to the backend
Yes, I know. But why the ALTER ROLE treats '' as NULL and
as the result all of values of pg_catalog.pg_authid.rolpassword are always
NULL even when the password in ALTER ROLE was specified as ''? :-)
That is the reason why I've considered empty and NULL as the same
thing :-)
as the result all of values of pg_catalog.pg_authid.rolpassword are always
NULL even when the password in ALTER ROLE was specified as ''? :-)
That is the reason why I've considered empty and NULL as the same
thing :-)
I rather doubt that we'll change this, because it seems more likely
> by using libpq, because connectOptions2() defined the
> fe-connect.c reads a password from the ~/.pgpass even when a password
> specified as an empty string literal ("").
to break applications that rely on that behavior than to do anything
useful. Surely nobody in their right mind uses an empty password.
(If anything, I'd be more inclined to make the backend treat an empty
password as an error than to try to make libpq safe for the case.
Even if we did change libpq, there are probably issues with empty
passwords in jdbc and who knows how many other places.)
Then it should be at least documented in the libpq's documentation that
explicitly specified empty password will force libpq to get it from the file?
explicitly specified empty password will force libpq to get it from the file?
regards, tom lane
--
// Dmitriy.
