On Sat, Sep 08, 2018 at 03:02:00PM -0400, Tom Lane wrote:
> I tried setting up a scram-auth-based postgres_fdw connection on
> my RHEL6 box and forcing it through the questionable code path
> by issuing a dummy ALTER USER MAPPING command from another session.
> It worked fine, so the problem doesn't seem to be present on Linux.
>
> Repeating the same thing on a nearby OpenBSD 6.0 image ... kaboom!
> It fails exactly as Jeremy describes. Furthermore, I can confirm
> that the attached patch fixes it.
That's not good! I have tried the report on Linux only, with pgbench -C
doing many foreign scans through postgres_fdw which connects to the
remote using SCRAM authentication, and this was stable. Anything newer
than ec136d19 is impacted. I am surprised this has not been seen
earlier to be honest.
> I wonder which other platforms we have that behave like this?
> And how come we've not seen symptoms before? It's hard to believe
> that src/common/saslprep.c is the only thing libpq imports
> that has FRONTEND-vs-not-FRONTEND behavior differences.
libpq is quite particular in the fact that it compiles directly with
stuff in src/common, src/port, etc. I think that the same problem
exists for pg_md5_encrypt(). So I like the solution proposed. I guess
you have made sure that postgres_fdw becomes stable this way? Have you
tried to stress it more with pgbench -C doing only foreign scans and
dozens of clients running in parallel?
--
Michael