0003-oauth_validator-Avoid-races-in-log_check.patch
application/octet-stream
Filename: 0003-oauth_validator-Avoid-races-in-log_check.patch
Type: application/octet-stream
Part: 2
Patch
Same data as JSON:
GET /api/v1/attachments/:id/patch
the parsed metadata as JSON — format, series position, per-file stats; never the diff bytes.
API reference →
Format: format-patch
Series: patch 0003
Subject: oauth_validator: Avoid races in log_check()
| File | + | − |
|---|---|---|
| src/test/modules/oauth_validator/t/002_client.pl | 18 | 6 |
From 4933e9b53fb56f40b7d37f6f805b4d4eb17791be Mon Sep 17 00:00:00 2001
From: Jacob Champion <jacob.champion@enterprisedb.com>
Date: Thu, 4 Dec 2025 16:34:09 -0800
Subject: [PATCH 3/7] oauth_validator: Avoid races in log_check()
Commit e0f373ee4 fixed up races in Cluster::connect_fails when using
log_like. t/002_client.pl didn't get the memo, though, because it
doesn't use Test::Cluster to perform its custom hook tests. Introduce
the fix, based on debug2 logging, to its use of log_check() as well, and
move the logic into the test() helper so that any additions don't need
to continually duplicate it.
Backpatch-through: 18
---
.../modules/oauth_validator/t/002_client.pl | 24 ++++++++++++++-----
1 file changed, 18 insertions(+), 6 deletions(-)
diff --git a/src/test/modules/oauth_validator/t/002_client.pl b/src/test/modules/oauth_validator/t/002_client.pl
index aac0220d215..e6c91fc911c 100644
--- a/src/test/modules/oauth_validator/t/002_client.pl
+++ b/src/test/modules/oauth_validator/t/002_client.pl
@@ -29,6 +29,8 @@ $node->init;
$node->append_conf('postgresql.conf', "log_connections = all\n");
$node->append_conf('postgresql.conf',
"oauth_validator_libraries = 'validator'\n");
+# Needed to inspect postmaster log after connection failure:
+$node->append_conf('postgresql.conf', "log_min_messages = debug2");
$node->start;
$node->safe_psql('postgres', 'CREATE USER test;');
@@ -47,7 +49,7 @@ local all test oauth issuer="$issuer" scope="$scope"
});
$node->reload;
-my $log_start = $node->wait_for_log(qr/reloading configuration files/);
+$node->wait_for_log(qr/reloading configuration files/);
$ENV{PGOAUTHDEBUG} = "UNSAFE";
@@ -73,6 +75,7 @@ sub test
my @cmd = ("oauth_hook_client", @{$flags}, $common_connstr);
note "running '" . join("' '", @cmd) . "'";
+ my $log_start = -s $node->logfile;
my ($stdout, $stderr) = run_command(\@cmd);
if (defined($params{expected_stdout}))
@@ -88,6 +91,18 @@ sub test
{
is($stderr, "", "$test_name: no stderr");
}
+
+ if (defined($params{log_like}))
+ {
+ # See Cluster::connect_fails(). To avoid races, we have to wait for the
+ # postmaster to flush the log for the finished connection.
+ $node->wait_for_log(
+ qr/DEBUG: (?:00000: )?forked new client backend, pid=(\d+) socket.*DEBUG: (?:00000: )?client backend \(PID \1\) exited with exit code \d/s,
+ $log_start);
+
+ $node->log_check("$test_name: log matches",
+ $log_start, log_like => $params{log_like});
+ }
}
test(
@@ -97,11 +112,8 @@ test(
"--expected-uri", "$issuer/.well-known/openid-configuration",
"--expected-scope", $scope,
],
- expected_stdout => qr/connection succeeded/);
-
-$node->log_check("validator receives correct token",
- $log_start,
- log_like => [ qr/oauth_validator: token="my-token", role="$user"/, ]);
+ expected_stdout => qr/connection succeeded/,
+ log_like => [qr/oauth_validator: token="my-token", role="$user"/]);
if ($ENV{with_libcurl} ne 'yes')
{
--
2.34.1