Re: Improve OAuth discovery logging

Zsolt Parragi <zsolt.parragi@percona.com>

From: Zsolt Parragi <zsolt.parragi@percona.com>
To: Andrey Borodin <x4mmm@yandex-team.ru>
Cc: Jacob Champion <jacob.champion@enterprisedb.com>, Chao Li <li.evan.chao@gmail.com>, Daniel Gustafsson <daniel@yesql.se>, PostgreSQL Hackers <pgsql-hackers@postgresql.org>, Michael Paquier <michael@paquier.xyz>, Tom Lane <tgl@sss.pgh.pa.us>
Date: 2026-03-16T07:32:53Z
Lists: pgsql-hackers
Thanks for the quick review!

> pg_stat_database.sessions_fatal seems to be still incremented, but, probably,
> we can live with it. But also we can fix it.

We are still doing a fatal disconnect, so it seems appropriate to me?

> Changes to send_message_to_server_log()
> ...
> FATAL_CLIENT_ONLY = 23 sits between FATAL (22) and PANIC (24).

I handled these the same way as the existing WARNING_CLIENT_ONLY. We
can change it, but then we probably should also update the warning
case.

> Does this assignment have an effect?

No, but that's also true for the other already existing assignment in
this branch, I think these are mostly there for internal
bookkeeping/consistency?



Commits

  1. oauth: Don't log discovery connections by default

  2. sasl: Allow backend mechanisms to "abandon" exchanges

  3. Add FATAL_CLIENT_ONLY to ereport/elog

  4. oauth_validator: Avoid races in log_check()