| From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: small patch to crypt.c |
| Date: | 2013-06-09 05:54:58 |
| Message-ID: | 51B418B2.9070805@commandprompt.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 06/08/2013 08:47 PM, Stephen Frost wrote:
> JD,
>
> * Joshua D. Drake (jd(at)commandprompt(dot)com) wrote:
>> In my quest to understand how all the logging etc works with
>> authentication I came across the area of crypt.c that checks for
>> valid_until but it seems like it has an extraneous check.
>>
>> If I am wrong I apologize for the noise but wouldn't mind an explanation.
>
> Alright, there probably aren't too many people out there running with
> their clock set to pre-2000, but wouldn't this end up giving the wrong
> result in those cases, as GetCurrentTimestamp() would end up returning a
> negative value, which would make it less than vuntil's default of zero?
>
> Perhaps we could change what vuntil is set to by default, but I think
> it's probably better to keep things as-is; we should really be checking
> for null cases explicitly in general.
Well I was more referring to the default is:
check if null, if true return ok
check if valuntil < today, if true return error
else return ok
To me we don't need the null check. However, when I tested it, without
the null check you can't login. So now I am curious about what is going on.
JD
>
> Thanks,
>
> Stephen
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2013-06-09 06:02:37 | Re: small patch to crypt.c |
| Previous Message | Craig Ringer | 2013-06-09 05:44:32 | Re: Hard limit on WAL space used (because PANIC sucks) |