Thread: pgsql: Refactor code handling the names of files loaded in hba.c
Refactor code handling the names of files loaded in hba.c This has the advantage to limit the presence of the GUC values hba_file and ident_file to the code paths where these files are loaded, easing the introduction of an upcoming feature aimed at adding inclusion logic for files and directories in HBA and ident files. Note that this needs the addition of the source file name to HbaLine, in addition to the line number, which is something needed by the backend in two places of auth.c (authentication failure details and auth_id log when log_connections is enabled). While on it, adjust a log generated on authentication failure to report the name of the actual HBA file on which the connection attempt matched, where the line number and the raw line written in the HBA file were already included. This was previously hardcoded as pg_hba.conf, which would be incorrect when a custom value is used at postmaster startup for the GUC hba_file. Extracted from a larger patch by the same author. Author: Julien Rouhaud Discussion: https://postgr.es/m/20220223045959.35ipdsvbxcstrhya@jrouhaud Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/1b73d0b1c3934f703d68031957d37c2a9765e798 Modified Files -------------- src/backend/libpq/auth.c | 7 +-- src/backend/libpq/hba.c | 113 +++++++++++++++++++++++++---------------------- src/include/libpq/hba.h | 2 + 3 files changed, 65 insertions(+), 57 deletions(-)
Hi,
On Wed, Oct 26, 2022 at 02:53:08AM +0000, Michael Paquier wrote:
> Refactor code handling the names of files loaded in hba.c
For the record there is a couple of thinko in the extracted patch:
@@ -1063,6 +1064,7 @@ HbaLine *
parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
{
int line_num = tok_line->line_num;
+ char *file_name = tok_line->file_name;
char **err_msg = &tok_line->err_msg;
char *str;
struct addrinfo *gai_result;
@@ -1077,6 +1079,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
HbaLine *parsedline;
parsedline = palloc0(sizeof(HbaLine));
+ parsedline->sourcefile = pstrdup(tok_line->file_name);
This should have used the "file_name" variable rather than accessing it via
tok_line, same for parse_ident_line.
I fixed it in the v14 sent on the main thread, unfortunately sent a bit too
late.
On Wed, Oct 26, 2022 at 11:27:30AM +0800, Julien Rouhaud wrote: > I fixed it in the v14 sent on the main thread, unfortunately sent a bit too > late. Nya, yeah. It looks like I fat-fingered a copy-paste here. The result is the same, still your suggested change is more consistent with the rest of the file. Will adjust in a minute.. -- Michael
Attachment
On Wed, Oct 26, 2022 at 12:54:24PM +0900, Michael Paquier wrote: > On Wed, Oct 26, 2022 at 11:27:30AM +0800, Julien Rouhaud wrote: > > I fixed it in the v14 sent on the main thread, unfortunately sent a bit too > > late. > > Nya, yeah. It looks like I fat-fingered a copy-paste here. The > result is the same, still your suggested change is more consistent > with the rest of the file. Will adjust in a minute.. Yeah, no errors in the code just lack of consistency. Thanks for pushing the refactor and the fix!