Home > mailing lists

Re: Periodic authorization expiration checks using GoAway message - Mailing list pgsql-hackers

From	Jacob Champion
Subject	Re: Periodic authorization expiration checks using GoAway message
Date	December 16 22:53:55
Msg-id	CAOYmi+m1y7LsNxvaqi+3rSOK-mpn3dEMH1u1jdFQvyU60N27AA@mail.gmail.com Whole thread Raw
In response to	Re: Periodic authorization expiration checks using GoAway message (Jelte Fennema-Nio <postgres@jeltef.nl>)
List	pgsql-hackers

Tree view

On Mon, Dec 15, 2025 at 1:50 PM Jelte Fennema-Nio <postgres@jeltef.nl> wrote:
> What metadata
> are you worried about changing mid transaction that could mess stuff
> up? The primary one I can imagine is the username

The HBA inputs can't be allowed to change; that's not what I'm worried about.

The system_user might change. Cached SCRAM keys can change. Every
certificate-derived piece of metadata in sslinfo could change.
MyProcPort->peer and MyProcPort->gss might be wholly reassigned. And
any user-metadata functions provided by OAuth validator modules would
need to carefully consider their volatility guarantees at minimum.
There's probably more.

--Jacob

pgsql-hackers by date:

From: Noah Misch
Date: 16 December, 22:24:03
Subject: Re: pg_dump crash due to incomplete ordering of DO_SUBSCRIPTION_REL objects

From: Jeff Davis
Date: 16 December, 23:04:54
Subject: Re: Remaining dependency on setlocale()

Re: Periodic authorization expiration checks using GoAway message - Mailing list pgsql-hackers

Previous

Next