Re: Incorrect allocation handling for cryptohash functions with OpenSSL
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Heikki Linnakangas <hlinnaka@iki.fi>
Cc: Robert Haas <robertmhaas@gmail.com>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2021-01-08T02:29:53Z
Lists: pgsql-hackers
On Thu, Jan 07, 2021 at 09:51:00AM +0200, Heikki Linnakangas wrote: > Hmm. Perhaps it would be best to change all the errors in mock > authentication to COMMERROR. It'd be nice to have an accurate error message > in the log, but no need to send it to the client. Yeah, we could do that. Still, this mode still requires a hard failure because COMMERROR is just a log, and if only COMMERROR is done we still expect a salt to be generated to send a challenge back to the client, which would require a fallback for the salt if the one generated from the mock nonce cannot. Need to think more about that. >> Using separate fields looked cleaner to me if it came to debugging, >> and the cleanup was rather minimal except if we use more switch/case >> to set up the various variables. What about something like the >> attached? > > +1 Thanks, I have committed this part. -- Michael
Commits
-
Fix and simplify some code related to cryptohashes
- 15b824da97af 14.0 landed
-
Fix allocation logic of cryptohash context data with OpenSSL
- 55fe26a4b580 14.0 landed