Re: [PoC] Federated Authn/z with OAUTHBEARER

On Tue, Jul 11, 2023 at 10:50 AM Jacob Champion
<jchampion(at)timescale(dot)com> wrote:
> I have a WIP patch that passes tests on FreeBSD, which I'll clean up
> and post Sometime Soon. macOS builds now but still fails before it
> runs the test; looks like it's having trouble finding OpenSSL during
> `pip install` of the test modules...

Hi Thomas,

v9 folds in your kqueue implementation (thanks again!) and I have a
quick question to check my understanding:

> + case CURL_POLL_REMOVE:
> + /*
> + * We don't know which of these is currently registered, perhaps
> + * both, so we try to remove both. This means we need to tolerate
> + * ENOENT below.
> + */
> + EV_SET(&ev[nev], socket, EVFILT_READ, EV_DELETE, 0, 0, 0);
> + nev++;
> + EV_SET(&ev[nev], socket, EVFILT_WRITE, EV_DELETE, 0, 0, 0);
> + nev++;
> + break;

We're not setting EV_RECEIPT for these -- is that because none of the
filters we're using are EV_CLEAR, and so it doesn't matter if we
accidentally pull pending events off the queue during the kevent() call?

v9 also improves the Cirrus debugging experience and fixes more issues
on macOS, so the tests should be green there now. The final patch in the
series works around what I think is a build bug in psycopg2 2.9 [1] for
the BSDs+meson.

Thanks,
--Jacob

[1] https://github.com/psycopg/psycopg2/issues/1599