Re: Log message for GSS connection is missing once connection authorization is successful.

Поиск
Список
Период
Сортировка
От Bharath Rupireddy
Тема Re: Log message for GSS connection is missing once connection authorization is successful.
Дата
Msg-id CALj2ACXJdMuY65=bTxHepA8aKx0wExNskMyQi5VjCK0x13d8NQ@mail.gmail.com
обсуждение исходный текст
Ответ на Re: Log message for GSS connection is missing once connection authorization is successful.  (vignesh C <vignesh21@gmail.com>)
Ответы Re: Log message for GSS connection is missing once connection authorization is successful.  (vignesh C <vignesh21@gmail.com>)
Список pgsql-hackers
Дерево обсуждения 
On Fri, Oct 30, 2020 at 6:13 PM vignesh C <vignesh21@gmail.com> wrote:
>
> I have added the log validation to the existing tests that are present
> for authentication.
>

I took a look at v3 patch. Here are some comments.

1. Why are the input strings(not the newly added GSS log message
string) to test_access() function are in some places double-quoted and
in some places single quoted?

    'succeeds with mapping with default gssencmode and host hba',
    'connection authorized: user=test1 database=postgres
application_name=001_auth.pl GSS \(authenticated=yes, encrypted=yes,
principal=test1\@EXAMPLE.COM\)'
);
    "succeeds with GSS-encrypted access required with host hba",
    'connection authorized: user=test1 database=postgres
application_name=001_auth.pl GSS \(authenticated=yes, encrypted=yes,
principal=test1\@EXAMPLE.COM\)'
);

And also for

test_access(
    $node,
    'test1',    <<< single quotes

test_access(
    $node,
    "test1",   <<< double quotes

Looks like we use double quoted strings in perl if we have any
variables inside the string to be replaced by the interpreter or else
single quoted strings are fine[1]. If this is true, can we make it
uniform across this file at least?

2. Instead of using hardcoded values for application_name and
principal, can we use variables? For application_name we can directly
use a single variable and use it. I think principal name is a formed
value, can we use that formed variable?

 application_name=001_auth.pl GSS \(authenticated=yes, encrypted=yes,
principal=test1\@EXAMPLE.COM\)'

3. Why are we using escape character before ( and @, IIUC, to not let
interpreter replace it with any value. If this is correct, it doesn't
make sense here as we are using single quoted strings. The perl
interpreter replaces the variables only when strings are used in
double quotes[1].

+    'connection authorized: user=test1 database=postgres
application_name=001_auth.pl GSS \(authenticated=yes, encrypted=yes,
principal=test1\@EXAMPLE.COM\)'
+);

I ran the keroberos tests on my dev machine. make check of 001_auth.pl
is passing.

[1] - https://www.geeksforgeeks.org/perl-quoted-interpolated-and-escaped-strings/

With Regards,
Bharath Rupireddy.
EnterpriseDB: http://www.enterprisedb.com

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Bharath Rupireddy
Дата:
Сообщение: Re: Log message for GSS connection is missing once connection authorization is successful.
Следующее
От: Justin Pryzby
Дата:
Сообщение: CREATE INDEX CONCURRENTLY on partitioned index