From: | Jacob Champion <jchampion(at)timescale(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Andres Freund <andres(at)anarazel(dot)de>, Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: [PATCH] Log details for client certificate failures |
Date: | 2022-07-21 23:29:35 |
Message-ID: | CAAWbhmgsvHrH9wLU2kYc3pOi1KSenHSLAHBbCVmmddW6-mc_=w@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Wed, Jul 20, 2022 at 3:42 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Jacob Champion <jchampion(at)timescale(dot)com> writes:
> > I'm currently hardcoding an elevel of ERROR on the new guc_strdup()s,
> > because that seems to be a common case for the check hooks.
>
> Really? That's almost certainly NOT okay. As an example, if you
> have a problem with a new value loaded from postgresql.conf during
> SIGHUP processing, throwing ERROR will cause the postmaster to exit.
v4 attempts to fix this by letting the check hooks pass
MCXT_ALLOC_NO_OOM to pg_clean_ascii(). (It's ignored in the frontend,
which just mallocs.)
> I wouldn't be too surprised if there are isolated cases where people
> didn't understand what they were doing and wrote that, but that
> needs to be fixed not emulated.
I might be missing something, but in guc.c at least it appears to be
the rule and not the exception.
Thanks,
--Jacob
Attachment | Content-Type | Size |
---|---|---|
since-v3.diff.txt | text/plain | 4.4 KB |
v4-0001-pg_clean_ascii-escape-bytes-rather-than-lose-them.patch | text/x-patch | 5.3 KB |
v4-0002-Don-t-reflect-unescaped-cert-data-to-the-logs.patch | text/x-patch | 18.3 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2022-07-21 23:30:20 | Re: Fwd: Unprivileged user can induce crash by using an SUSET param in PGOPTIONS |
Previous Message | Nathan Bossart | 2022-07-21 22:29:00 | Re: Fwd: Unprivileged user can induce crash by using an SUSET param in PGOPTIONS |