Quick Links

Re: [PATCH] Log details for client certificate failures

From:	Andres Freund <andres(at)anarazel(dot)de>
To:	Jacob Champion <jchampion(at)timescale(dot)com>
Cc:	Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: [PATCH] Log details for client certificate failures
Date:	2022-07-15 23:45:19
Message-ID:	20220715234519.7o4mlpxapmqmv6p7@awork3.anarazel.de
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Hi,

On 2022-07-15 14:51:38 -0700, Jacob Champion wrote:
> > We already have pg_clean_ascii() and use it for application_name, fwiw.
>
> That seems much worse than escaping for this particular patch; if your
> cert's Common Name is in (non-ASCII) UTF-8 then all you'll see is
> "CN=?????????" in the log lines that were supposed to be helping you
> root-cause. Escaping would be much more helpful in this case.

I'm doubtful that's all that common. But either way, I suggest a separate
patch to deal with that...

Greetings,

Andres Freund

In response to

Re: [PATCH] Log details for client certificate failures at 2022-07-15 21:51:38 from Jacob Champion

Responses

Re: [PATCH] Log details for client certificate failures at 2022-07-19 16:07:31 from Jacob Champion

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Andres Freund	2022-07-15 23:51:26	Re: [Commitfest 2022-07] Begins Now
Previous Message	Jacob Champion	2022-07-15 23:42:03	Re: [Commitfest 2022-07] Begins Now