Fix .pgpass file to properly de-escape backslash escapes#1304
Open
veeceey wants to merge 1 commit intoMagicStack:masterfrom
Open
Fix .pgpass file to properly de-escape backslash escapes#1304veeceey wants to merge 1 commit intoMagicStack:masterfrom
veeceey wants to merge 1 commit intoMagicStack:masterfrom
Conversation
According to PostgreSQL documentation, backslashes in .pgpass files serve to escape backslashes and colons, and are not part of the value. Previously, asyncpg left escaped values as-is (e.g., `4\:K1` stayed `4\:K1` instead of becoming `4:K1`), which caused authentication failures when passwords contained colons. This fix properly de-escapes: - `\:` becomes `:` - `\\` becomes `\` Fixes MagicStack#1249
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
.pgpassfiles\:to:and\\to\Issue
Fixes #1249
According to the PostgreSQL documentation, backslashes in
.pgpassfiles serve only to escape backslashes and colons, and are not considered part of the value. However, asyncpg was leaving escaped values as-is, causing authentication failures.For example, a
.pgpassrow of:Should convey:
test:db(nottest\:db)test\(nottest\\)password with 4:K1(notpassword with 4\:K1)Previously, asyncpg would keep the backslashes, causing authentication to fail with
psqlbut not with asyncpg (or vice versa depending on which escaping was used).Changes
asyncpg/connect_utils.pyto properly de-escape\:→:and\\→\tests/test_connect.pyto expect de-escaped valuesTest plan
*:*:test\:db:test\\:passwordmatches databasetest:dband usertest\psqland standard PostgreSQL clientsThis allows users to have special characters (colons and backslashes) in their database names, usernames, and passwords while maintaining compatibility with PostgreSQL's standard
.pgpassfile format.