From: | Michael Paquier <michael(at)paquier(dot)xyz> |
---|---|
To: | Jacob Champion <pchampion(at)vmware(dot)com> |
Cc: | "jeff(dot)janes(at)gmail(dot)com" <jeff(dot)janes(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: DETAIL for wrong scram password |
Date: | 2021-03-26 00:49:00 |
Message-ID: | YF0vfCy6cur299v9@paquier.xyz |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Thu, Mar 25, 2021 at 03:54:10PM +0000, Jacob Champion wrote:
> It looks like the code paths that lead to a doomed authentication
> already provide their own, more specific, logdetail (role doesn't
> exist, role has no password, role doesn't have a SCRAM secret, etc.).
Yes, you are right here. I missed the parts before
mock_scram_secret() gets called and there are comments in the whole
area. Hmm, at the end of the day, I think that would just have
verify_client_proof() fill in logdetail when the client proof does not
match, and use a wording different than what's proposed upthread to
outline that this is a client proof mismatch.
--
Michael
From | Date | Subject | |
---|---|---|---|
Next Message | Fujii Masao | 2021-03-26 00:54:40 | Re: make the stats collector shutdown without writing the statsfiles if the immediate shutdown is requested. |
Previous Message | Masahiro Ikeda | 2021-03-26 00:27:19 | Re: make the stats collector shutdown without writing the statsfiles if the immediate shutdown is requested. |