Re: Proposal: Save user's original authenticated identity for logging
Jacob Champion <pchampion@vmware.com>
From: Jacob Champion <pchampion@vmware.com>
To: "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>
Cc: "stark@mit.edu" <stark@mit.edu>, "magnus@hagander.net" <magnus@hagander.net>, "sfrost@snowman.net" <sfrost@snowman.net>, "tgl@sss.pgh.pa.us" <tgl@sss.pgh.pa.us>
Date: 2021-02-26T19:45:41Z
Lists: pgsql-hackers
Attachments
- v3-0001-test-kerberos-only-search-forward-in-logs.patch (text/x-patch) patch v3-0001
- v3-0002-ssl-store-client-s-DN-in-port-peer_dn.patch (text/x-patch) patch v3-0002
- v3-0003-Log-authenticated-identity-from-all-auth-backends.patch (text/x-patch) patch v3-0003
On Thu, 2021-02-11 at 20:32 +0000, Jacob Champion wrote: > v2 just updates the patchset to remove the Windows TODO and fill in the > patch notes; no functional changes. The question about escaping log > contents remains. v3 rebases onto latest master, for SSL test conflicts. Note: - Since the 0001 patch from [1] is necessary for the new Kerberos tests in 0003, I won't make a separate commitfest entry for it. - 0002 would be subsumed by [2] if it's committed. --Jacob [1] https://www.postgresql.org/message-id/flat/fe7a46f8d46ebb074ba1572d4b5e4af72dc95420.camel%40vmware.com [2] https://www.postgresql.org/message-id/flat/fd96ae76-a8e3-ef8e-a642-a592f5b76771%40dunslane.net#642757cec955d8e923025898402f9452
Commits
-
Add missing $Test::Builder::Level settings
- 73aa5e0cafd0 15.0 landed
- e536a2683439 14.0 landed
-
Add some information about authenticated identity via log_connections
- 9afffcb833d3 14.0 landed
-
Fix some issues with SSL and Kerberos tests
- 5a71964a832f 14.0 landed
-
Refactor all TAP test suites doing connection checks
- c50624cdd248 14.0 landed