From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
---|---|
To: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
Cc: | Noah Misch <noah(at)leadboat(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Daniele Varrazzo <daniele(dot)varrazzo(at)gmail(dot)com>, pgsql-bugs <pgsql-bugs(at)postgresql(dot)org> |
Subject: | Re: [PATCH] Fixed malformed error message on malformed SCRAM message. |
Date: | 2017-06-08 00:07:40 |
Message-ID: | CAB7nPqTCqQH_4jDkJRs2_SBNd_a=nO-J85b9R2c0LLVDpXod_Q@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs pgsql-hackers |
On Wed, Jun 7, 2017 at 11:48 PM, Heikki Linnakangas <hlinnaka(at)iki(dot)fi> wrote:
> On 06/02/2017 09:32 AM, Noah Misch wrote:
>>> BTW, since you mention COMMERROR uses in auth.c, isn't the usage at
>>> line 687 wrong? It sure looks like the author supposed that that
>>> ereport call wouldn't return, but it will. Adjacent similar calls
>>> clean up and return NULL.
>>
>> Probably, though one could argue for proceeding with the short password.
>> Deserves a comment if log-only is intentional.
>
> Let's turn it into an ERROR.
Shouldn't that portion be back-patched?
>> The lack of an exit after COMMERROR "client selected an invalid SASL
>> authentication mechanism" looks like a bug.
>
> Yes. That was fixed in commit 505b5d2f86 already.
>
> Taking all the comments in this thread into account, and a few more things
> that I spotted while looking at the error messages, I came up with the
> attached patch. It includes the changes from Michael's patch upthread to use
> errdetail() in the SCRAM errors, and it turns the protocol violation errors
> in auth.c from COMMERROR into ERROR. See commit message for more details.
> Barring objections, I'll push this tomorrow.
Thanks for the new version. No additional comments from me.
--
Michael
From | Date | Subject | |
---|---|---|---|
Next Message | Jean-Yves MARTIN | 2017-06-08 12:12:07 | using WHERE and AND in SELECT |
Previous Message | Mike Palmiotto | 2017-06-07 18:11:19 | Re: BUG #14682: row level security not work with partitioned table |
From | Date | Subject | |
---|---|---|---|
Next Message | Tsunakawa, Takayuki | 2017-06-08 00:23:16 | Re: Is ECPG's SET CONNECTION really not thread-aware? |
Previous Message | Amit Langote | 2017-06-08 00:04:24 | Re: BEFORE trigger can cause undetected partition constraint violation |