On 06/02/2017 09:32 AM, Noah Misch wrote:
> On Fri, Jun 02, 2017 at 02:20:00AM -0400, Tom Lane wrote:
>> BTW, since you mention COMMERROR uses in auth.c, isn't the usage at
>> line 687 wrong? It sure looks like the author supposed that that
>> ereport call wouldn't return, but it will. Adjacent similar calls
>> clean up and return NULL.
>
> Probably, though one could argue for proceeding with the short password.
> Deserves a comment if log-only is intentional.
Let's turn it into an ERROR.
> The lack of an exit after COMMERROR "client selected an invalid SASL
> authentication mechanism" looks like a bug.
Yes. That was fixed in commit 505b5d2f86 already.
Taking all the comments in this thread into account, and a few more
things that I spotted while looking at the error messages, I came up
with the attached patch. It includes the changes from Michael's patch
upthread to use errdetail() in the SCRAM errors, and it turns the
protocol violation errors in auth.c from COMMERROR into ERROR. See
commit message for more details. Barring objections, I'll push this
tomorrow.
- Heikki
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs