| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Jacob Champion <pchampion(at)vmware(dot)com> |
| Cc: | "magnus(at)hagander(dot)net" <magnus(at)hagander(dot)net>, "stark(at)mit(dot)edu" <stark(at)mit(dot)edu>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>, "sfrost(at)snowman(dot)net" <sfrost(at)snowman(dot)net>, "tgl(at)sss(dot)pgh(dot)pa(dot)us" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Subject: | Re: Proposal: Save user's original authenticated identity for logging |
| Date: | 2021-04-01 01:21:32 |
| Message-ID: | YGUgHMF9zxNvY323@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Mar 31, 2021 at 04:42:32PM +0900, Michael Paquier wrote:
> Attached is an updated patch, with a couple of comments tweaks, the
> reworked tests and an indentation done.
Jacob has mentioned me that v15 has some false positives in the SSL
tests, as we may catch in the backend logs patterns that come from
a previous test. We should really make that stuff more robust by
design, or it will bite hard with some bugs remaining undetected while
the tests pass. This stuff can take advantage of 0d1a3343, and I
think that we should make the kerberos, ldap, authentication and SSL
test suites just use connect_ok() and connect_fails() from
PostgresNode.pm. They just need to be extended a bit with a new
argument for the log pattern check. This has the advantage to
centralize in a single code path the log file truncation (or some log
file rotation if the logging collector is used).
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zhihong Yu | 2021-04-01 01:22:03 | Re: Crash in BRIN minmax-multi indexes |
| Previous Message | Michael Paquier | 2021-04-01 01:02:52 | Re: Refactor SSL test framework to support multiple TLS libraries |