| From: | Jacob Champion <jchampion(at)timescale(dot)com> |
|---|---|
| To: | Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCH] Log details for client certificate failures |
| Date: | 2022-07-19 22:08:38 |
| Message-ID: | CAAWbhmiVZgfAUc=BuahotfHokWuJXLD6KQs8gYVvp_twFgQ-xg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jul 19, 2022 at 10:09 AM Andres Freund <andres(at)anarazel(dot)de> wrote:
> On 2022-07-19 12:39:43 -0400, Tom Lane wrote:
> > Having said that, I struggle to see why we are panicking about badly
> > encoded log data from this source while blithely ignoring the problems
> > posed by non-ASCII role names, database names, and tablespace names.
>
> I think we should fix these as well. I'm not as concerned about post-auth
> encoding issues (i.e. tablespace name) as about pre-auth data (role name,
> database name) - obviously being allowed to log in already is a pretty good
> filter...
v2 adds escaping to pg_clean_ascii(). My original attempt used
StringInfo allocation, but that didn't play well with guc_malloc(), so
I switched to a two-pass API where the caller allocates. Let me know
if I'm missing something obvious; this way is more verbose than I'd
like...
Thanks,
--Jacob
| Attachment | Content-Type | Size |
|---|---|---|
| v2-0001-pg_clean_ascii-escape-bytes-rather-than-lose-them.patch | text/x-patch | 4.7 KB |
| v2-0002-Don-t-reflect-unescaped-cert-data-to-the-logs.patch | text/x-patch | 18.3 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2022-07-19 22:38:23 | Re: [PATCH] Log details for client certificate failures |
| Previous Message | Nathan Bossart | 2022-07-19 21:41:42 | Re: pg_parameter_aclcheck() and trusted extensions |