Quick Links

[PATCH] pglister: auth_receive: Indicate when PGAUTH_KEY is invalid instead of crashing

From:	Célestin Matte <celestin(dot)matte(at)cmatte(dot)me>
To:	PostgreSQL WWW <pgsql-www(at)lists(dot)postgresql(dot)org>
Subject:	[PATCH] pglister: auth_receive: Indicate when PGAUTH_KEY is invalid instead of crashing
Date:	2023-01-31 19:38:25
Message-ID:	4b46c25f-29df-e9c9-8217-f70729a1f852@cmatte.me
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-www

When Django is improperly configured with a PGAUTH_KEY that does not match the one configured in pgweb, the decryptor returns a string that can't be utf-8-decoded. Catching this error makes it possible to return a proper error message instead of a 500 error.
Of course, the unicode error can be due to other issues (e.g. tempered GET parameters), but wrong PGAUTH_KEY is the more likely issue to happen when configuring pglister.

Patch attached.
--
Célestin Matte

Attachment	Content-Type	Size
0001-auth_receive-Indicate-when-PGAUTH_KEY-is-invalid-ins.patch	text/x-patch	1.0 KB

Responses

Re: [PATCH] pglister: auth_receive: Indicate when PGAUTH_KEY is invalid instead of crashing at 2023-02-20 18:36:47 from Célestin Matte

Browse pgsql-www by date

	From	Date	Subject
Next Message	Jared Brogan	2023-02-06 19:05:22	Wiki editor request
Previous Message	Andreas 'ads' Scherbaum	2023-01-31 11:35:49	Managing organizations