Re: [PoC] Federated Authn/z with OAUTHBEARER

On Thu, Apr 17, 2025 at 5:47 PM Jacob Champion
<jacob.champion@enterprisedb.com> wrote:
> With those, I have no more TODOs and I believe this is ready for a
> final review round.

Some ABI self-review. These references to conn->errorMessage also need
the indirection treatment, which I'm working on now:

>     if (actx->errctx)
>     {
>         appendPQExpBufferStr(&conn->errorMessage,
>                              libpq_gettext(actx->errctx));
>         appendPQExpBufferStr(&conn->errorMessage, ": ");
>     ...

I was searching backwards through history to confirm that we don't
rearrange struct pg_conn in back branches; turns out that was a false
assumption. See e8f60e6fe2:

    While at it, fix some places where parameter-related infrastructure
    was added with the aid of a dartboard, or perhaps with the aid of
    the anti-pattern "add new stuff at the end".  It should be safe
    to rearrange the contents of struct pg_conn even in released
    branches, since that's private to libpq (and we'd have to move
    some fields in some builds to fix this, anyway).

So that means, I think, the name needs to go back to -<major>-<minor>,
unless anyone can think of a clever way around it. (Injecting
conn->errorMessage to avoid the messiness around ENABLE_GSS et al is
still useful, but injecting every single offset doesn't seem
maintainable to me.) Sorry, Christoph; I know that's not what you were
hoping for.

--Jacob