Re: Improve OAuth discovery logging
Jacob Champion <jacob.champion@enterprisedb.com>
From: Jacob Champion <jacob.champion@enterprisedb.com>
To: Zsolt Parragi <zsolt.parragi@percona.com>
Cc: Andrey Borodin <x4mmm@yandex-team.ru>, Chao Li <li.evan.chao@gmail.com>, Daniel Gustafsson <daniel@yesql.se>,
PostgreSQL Hackers <pgsql-hackers@postgresql.org>, Michael Paquier <michael@paquier.xyz>, Tom Lane <tgl@sss.pgh.pa.us>
Date: 2026-03-04T22:18:16Z
Lists: pgsql-hackers
[cc'ing Tom for awareness] On Wed, Mar 4, 2026 at 12:40 PM Zsolt Parragi <zsolt.parragi@percona.com> wrote: > Looks like we have some out of order logging, because of the multiple > backends involved. Ugh. In retrospect, then, my commit ab8af1db4 was probably useless. It doesn't improve any existing usage and it can't help future usage. > I'm not sure which solution is better for this: removing the check for > this message from the test The log_unlike() part is the important bit, so that would be my preference. Unfortunately that means the intermittent false failure becomes an intermittent false success, but unless I'm missing something, we might not be able to do better with the current tools. > or modifying connect_ok Well, connect_fails() would seem to suffer the same problem, right? Tom's solution in e0f373ee4 was never meant to handle concurrent backends. I hadn't really considered that all "normal" OAuth connections can have two concurrent backends in practice. (I think of them as serial, but they're not.) We're just getting lucky that we haven't made use of log_[un]like in many problematic cases yet. > to wait for all > backends that started since the connection attempt to finish? Easier said than done, I think. I've wanted to teach the server how to bracket logs of interest for testing purposes for a while now; I don't mind using this as a catalyst. But I don't think it should be done as part of this thread. Thanks, --Jacob
Commits
-
oauth: Don't log discovery connections by default
- e020a897efea 19 (unreleased) landed
-
sasl: Allow backend mechanisms to "abandon" exchanges
- c4ff16339f07 19 (unreleased) landed
-
Add FATAL_CLIENT_ONLY to ereport/elog
- c2bca7cc9621 19 (unreleased) landed
-
oauth_validator: Avoid races in log_check()
- ab8af1db4303 19 (unreleased) cited