Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1n9wHM-0007X0-Jr for pgsql-hackers@arkaria.postgresql.org; Tue, 18 Jan 2022 21:44:36 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1n9wHL-0005yP-D0 for pgsql-hackers@arkaria.postgresql.org; Tue, 18 Jan 2022 21:44:35 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1n9wHL-0005yG-3p for pgsql-hackers@lists.postgresql.org; Tue, 18 Jan 2022 21:44:35 +0000 Received: from mail.thelabyrinth.net ([45.56.70.56]) by makus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1n9wHI-0006Eb-Qs for pgsql-hackers@lists.postgresql.org; Tue, 18 Jan 2022 21:44:34 +0000 Received: from [10.4.1.17] (unknown [209.160.121.204]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: dsteele) by mail.thelabyrinth.net (Postfix) with ESMTPSA id 7E9F25466A; Tue, 18 Jan 2022 21:44:31 +0000 (UTC) Message-ID: <86a05828-6396-314a-58c8-45e50eb2cfb8@pgmasters.net> Date: Tue, 18 Jan 2022 16:44:29 -0500 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Subject: Re: Allow root ownership of client certificate key Content-Language: en-US To: pgsql-hackers@lists.postgresql.org, Tom Lane , Stephen Frost References: <20211108190405.GL20998@tamriel.snowman.net> <716ece6d-7500-8665-05f0-488e75c5525d@pgmasters.net> <377058.1642538462@sss.pgh.pa.us> From: David Steele In-Reply-To: <377058.1642538462@sss.pgh.pa.us> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 1/18/22 15:41, Tom Lane wrote: > David Steele writes: > > I took a quick look at this and agree with the proposed behavior > change, but also with your self-criticisms: > >> We may want to do the same on the server side to make the code blocks >> look more similar. >> >> Also, on the server side the S_ISREG() check gets its own error and that >> might be a good idea on the client side as well. As it is, the error >> message on the client is going to be pretty confusing in this case. > > Particularly, I think the S_ISREG check should happen before any > ownership/permissions checks; it just seems saner that way. I was worried about doing too much refactoring in this commit since I have hopes and dreams of it being back-patched. But I'll go ahead and do that and if any part of this can be back-patched we'll consider that separately. > The only other nitpick I have is that I'd make the cross-references be > to the two file names, ie like "Note that similar checks are performed > in fe-secure-openssl.c ..." References to the specific functions seem > likely to bit-rot in the face of future code rearrangements. > I suppose filename references could become obsolete too, but it > seems less likely. It's true that functions are more likely to be renamed, but when I rename a function I then search for all the places where it is used so I can update them. If the function name appears in a comment that gets updated as well. If you would still prefer filenames I have no strong argument against that, just wanted to explain my logic. Regards, -David