Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1vgfEc-00H4a4-0o
	for pgsql-hackers@arkaria.postgresql.org;
	Fri, 16 Jan 2026 08:31:10 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1vgfEa-002LKN-0V
	for pgsql-hackers@arkaria.postgresql.org;
	Fri, 16 Jan 2026 08:31:08 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <zsolt.parragi@percona.com>)
	id 1vgfEZ-002LK9-2f
	for pgsql-hackers@lists.postgresql.org;
	Fri, 16 Jan 2026 08:31:08 +0000
Received: from mail-yw1-x1136.google.com ([2607:f8b0:4864:20::1136])
	by magus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <zsolt.parragi@percona.com>)
	id 1vgfEV-000mqy-2f
	for pgsql-hackers@lists.postgresql.org;
	Fri, 16 Jan 2026 08:31:07 +0000
Received: by mail-yw1-x1136.google.com with SMTP id 00721157ae682-78fc0f33998so17101077b3.0
        for <pgsql-hackers@lists.postgresql.org>; Fri, 16 Jan 2026 00:31:03 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1768552262; cv=none;
        d=google.com; s=arc-20240605;
        b=ERD/ylfIHi3o3ohpbm6OIKyfP3HKY3dERO3aERIvviHy4+KihrA60Oac1Po7ULuccn
         JgXBM+i0VY7YBdGm1WMhgBYdJ5eYzSIP0ksrZI76WPecf3SYEHA1ulGnfPJxsQmqqYRd
         rXUEeu3MvpPvr0KacVxs4nFqB3beEfvXk55ESgXobi/ROiPdjfSUfK0irZ4B+PDFT89S
         7QXELK0M1HWhBjku2kr2tYVptt4kPl3TebJbjd1nr42XGMFHLtBxcvTlbggQXpXV03e9
         Q8OOa64TOr3Ka6S6df679S9wrACLG3x04uub+805zpGr3Rm/6n/ClFm1++AA4V0dbu/C
         TGKw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:dkim-signature;
        bh=Hq1BJLVRrzTIdB9ALKigz8n9caLaVrLTv7XMpgOQos4=;
        fh=wjSKDZn/nJ1LbrcwQGGUQWIgGxmniVBrbDmf/n6j4Tc=;
        b=e0lu3PrHdyptJluDVITteXE8C1IyPI3pivmQ7vcHP+C9ZgbzYMTs+B3CRJdT942MYh
         qN5INvXXjEUlJF+TfWG/wgMSJ+RGVyuzsItIG8Syqu4jYargyY5uVrHrC4c8wl3T3qXk
         JA5degmHdejNXvmxMqdedWKlUgsZfmHhv99+WO4zTq3VcgVAVlYu3EononkB9+/4A+3H
         E6mHBroVpr6rUVes/1S1mQM3Cjjx0b200wjfS6YgjCg+Rz4oBF6Bj0ZRs+gYrNsTF0ST
         nqVYmm6Uz1DT770afkWVsCJ538qTTU3KiceYSmLA2sikSjZkFaXdFWjy/MwriOODR/CE
         AUww==;
        darn=lists.postgresql.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=percona.com; s=google; t=1768552262; x=1769157062; darn=lists.postgresql.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=Hq1BJLVRrzTIdB9ALKigz8n9caLaVrLTv7XMpgOQos4=;
        b=IJhfBVErFPipA884UzAAtX2NtU3IJEz2DvfG7KUCM7DOEYpzuZsNekjJwCvItrsT4g
         dIdUIbEXoqdzFhGjdLM4ilMutA65YTmjFX4R0gccpaAmL4b5v2dZMSTqy42JjNw03r6R
         IgtL66sUUp+aJ5XoyXjfEr4uDmP5JeLgtpQMY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1768552262; x=1769157062;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=Hq1BJLVRrzTIdB9ALKigz8n9caLaVrLTv7XMpgOQos4=;
        b=RQKY3/HD2fc/L6cTtiG2qocb9k2S91krjNA1Nm2AMrd6Wi36Vj6NYhBJ7gJ/8PPGAE
         2ECls3BqII1yvyTTmp58k6XOtp1yBGuDEsnX1uHn/HU8Y99l59Wsnu+5LvvjzvriMWzj
         0KuYkgEgrUaNBvjQOnR9odX1F4W/soqUMmjdEh6C0XjJEB9WKaGK/9bc135SgnzzeqZn
         ZExadbujpRBeMt8kf4hhUXU/DX6WtFWUyEsX7vF7E1IxUlIUvk90Mf+vRzuG5fra4152
         2nNpLShPpeWoxd1q94ABVmpr5H8c+6YqxhS1KOEcmUDIDXO+7vYCwO4yern5VanpnEpU
         HS4A==
X-Forwarded-Encrypted: i=1; AJvYcCUMYnbTagk+vjTqm8ezCNpG8+5VOUvWO/Z8fcDCdJdNIbmmOgaXlm8/KKUsKfLySeXEJHYekCHlhFMy4lA/@lists.postgresql.org
X-Gm-Message-State: AOJu0YxJENc6YYe+HrEyO05hgEJjwu16Vfa0XVXNf9pEdj1XbqbIgC/u
	PC2JL9R/YSU41eFMaOJQc9MGPiacI4+u3t5o7S9xMJXOwOJbAKUOm1+loFQGm7Z4rmMv+ChZTlj
	XzYyzbllBZIEVP1Za4Sylev9TSGgFqk2Q15bREg/cSL7s4a4r/8abOCAiNESB+d0leffIOqsvEO
	mIZmw1oaHyOUV3BJn1Cu31t2HM19/0K67yr7sBnkDCCvFwjxgM5gWJaAGgbHer1hhEhvB0qMqzl
	SmMnwxyV1ll1HV2u1myPH3mcEX6iFMIsYi85ql4R2su1ANBVZgo6rJEmSRg2MG31xA=
X-Gm-Gg: AY/fxX4mPCasJRzNC31eLuabvsGmVvVc7EXjtAlwDcymYfht315SWb2D9YlVWeopvYg
	xZqzLYbCtdh4OLh4Eru2MEGlWlf30KkGpX2ljcAZLu3BG0kOabgEiNoUyfTwvTIiFFElMmoLGdC
	XHi/Xh0IWzdUvAbGRvbDsWWTEmwpiJoRl7tTEB7o3Pc9RgFfcK9p546DiIWlAgZK9eIGFROnv4p
	qnF2VCGDqoDtOcDSpfGmr9VhrzF2t8cQarhP/6jFEYYo4S3HQetu1BF+sf7JXID/8zTlSxCBYzI
	yXh5/HXI4jYlMgWj2CWxbuoq9U+6UIz9SPW95tmktd+F+dVKX+lxSVB1
X-Received: by 2002:a05:690c:c50e:b0:793:b07a:6c4a with SMTP id
 00721157ae682-793c523ce62mr44263037b3.13.1768552261537; Fri, 16 Jan 2026
 00:31:01 -0800 (PST)
MIME-Version: 1.0
References: <CAN4CZFM3b8u5uNNNsY6XCya257u+Dofms3su9f11iMCxvCacag@mail.gmail.com>
 <CAE2r8H55geNFtECuFunpgn0LJK2+rntGuTeqNr6mP7gGhWFRbA@mail.gmail.com>
 <CAN4CZFP_2fe2-18wUoXDZodV8suVe9o++pv=hP8KxxvWkmCx7A@mail.gmail.com>
 <CAOYmi+kMuA7t9ao6rWZ=5kn_Zmd7qtwOay_ocEBXwkzKWbefhQ@mail.gmail.com>
 <CAE2r8H439jg+e5gXJpNNMoroe4CfWauDRfUBZC_9NUNTOhqzBQ@mail.gmail.com>
 <CAN4CZFN9RMF_79kx75SkQZezd91DocUzz89bJeBJrMO=uNuG2w@mail.gmail.com>
 <CAOYmi+krPZDC8K+9z64M2EY9fELTKzLbqw8fD_wK=87YV+TBgw@mail.gmail.com>
 <CAN4CZFPvjAt+eZJd=Rxp=yXRjva8CpJ_BbnF=vQW6uXCqfrjEg@mail.gmail.com>
 <CAOYmi+nbCrvcE9wLQdNCgMwDbbi_UzGYrzfC54txmMBJ9KxO=Q@mail.gmail.com>
 <CAN4CZFNywvG59B+nBgD1_1fHE2uODBH3EcF_gwLmC7Y5U6Ru4Q@mail.gmail.com>
 <CAOYmi+=-OdzHMzqg9i8TwYvgKwE-vroj0d-9SqnRnwbz02SgTg@mail.gmail.com>
 <CAN4CZFPo1POb9fWMihTACFxE=xSxKEANHRkxN4YbMMN-0SML=w@mail.gmail.com> <CAOYmi+kVAiKf=WrnyzGxCmx-uu=arPE0=+Mf_AOhuTzkvCNC2w@mail.gmail.com>
In-Reply-To: <CAOYmi+kVAiKf=WrnyzGxCmx-uu=arPE0=+Mf_AOhuTzkvCNC2w@mail.gmail.com>
From: Zsolt Parragi <zsolt.parragi@percona.com>
Date: Fri, 16 Jan 2026 08:30:50 +0000
X-Gm-Features: AZwV_QhxzjqMwJKaDBr5XqlPnBfLPxvDZ-ZKUGGav_M3KUQoxdxvAjeRoK0Z60k
Message-ID: <CAN4CZFMeTuH4uANV1bOox0d-1mycCnyghY49cL+E8PYZ4Y=0Kw@mail.gmail.com>
Subject: Re: Custom oauth validator options
To: Jacob Champion <jacob.champion@enterprisedb.com>
Cc: VASUKI M <vasukianand0119@gmail.com>, 
	PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>, david.g.johnston@gmail.com, 
	Robert Haas <robertmhaas@gmail.com>, myon@debian.org
Content-Type: text/plain; charset="UTF-8"
X-CLOUD-SEC-AV-Sent: true
X-CLOUD-SEC-AV-Info: percona,google_mail,monitor
X-Gm-Spam: 0
X-Gm-Phishy: 0
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: <https://www.postgresql.org/message-id/CAN4CZFMeTuH4uANV1bOox0d-1mycCnyghY49cL%2BE8PYZ4Y%3D0Kw%40mail.gmail.com>
Precedence: bulk

> Let me think about that a bit, and look over your v2 approach; my
> kneejerk reaction was that this is a dangerous situation to be in. I
> want to know that my HBA is invalid when I reload, not later on down
> the line.

Yes, I see that concern, but that's a bit trickier. To do that
properly we have to validate the variables, including their values,
not just their names. If we only validate the names, that doesn't
guarantee anything.

> And it makes sense that the postmaster is not going to somehow unload
> and reload those libraries during SIGHUP, just to check GUC settings.
> Hrmmm...

Would it be a good idea for it to dlopen/dlclose libraries? The
requirements of dlclose are not that strict, I'm not sure if it could
cause any issues. Opening a quick background process to verify it
seems safer, but even then, it could only verify the libraries
mentioned directly in the configuration.

I could write the code that does this for pg_hba on startup/reload,
but the tricky part is that we have to document that properly, to make
sure that the extensions also expects and handles the situation
correctly (that we try to validate gucs for all hba lines). Or start
one background process per hba line...

> I might be misunderstanding, but wouldn't that imply that DBAs could
> now put every existing SIGHUP setting into HBA? That doesn't seem
> good.

Yes, that would mean that. I'm not saying that would be
better/semantically correct, but technically it could also work,
that's why I mentioned it. The main use of PGC_HBA in this patch is to
add additional error reporting / separate what can be placed into
pg_hba. I could argue both for this approach and the opposite where we
allow other variables in pg_hba.