Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1w2bow-000RJh-1T for pgsql-hackers@arkaria.postgresql.org; Tue, 17 Mar 2026 21:19:22 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1w2bov-005PVR-15 for pgsql-hackers@arkaria.postgresql.org; Tue, 17 Mar 2026 21:19:21 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1w2bov-005PT9-04 for pgsql-hackers@lists.postgresql.org; Tue, 17 Mar 2026 21:19:21 +0000 Received: from mail-yw1-x112b.google.com ([2607:f8b0:4864:20::112b]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.98.2) (envelope-from ) id 1w2bor-00000000FhA-1Mtv for pgsql-hackers@postgresql.org; Tue, 17 Mar 2026 21:19:19 +0000 Received: by mail-yw1-x112b.google.com with SMTP id 00721157ae682-79a5ad7cc52so23596957b3.2 for ; Tue, 17 Mar 2026 14:19:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1773782358; cv=none; d=google.com; s=arc-20240605; b=W3Co4zVXtCrjqbLXbUguIQc1vHfvf0v/RF/ttB7Ak8R7TaD1bXE5xzyQALkLZ8AWcD z8f57YN3qsYyfaJaP9BXrTFpWCeWe50RfYsMQt+e7gTjXHLGVktb9jrr2rsjAxVlr03W trjPP7NPkZtur9gsAbQDTl5O32ie5xHZWn/SSKEE8Z/DYmRHGn5Pl1WUspp7YA/iRLku O/2LMnvJ8lvwTQmyF0/zGwyHGxwFR7D+RoeU3dnJ7IY65slGimltcE1m0C6K31TSD0BU 8gf3IFtSC0OvD++YMd0MLvKbt6qNhDX6KVbFSfrvf91oFNjks4jnYdGONjPf5/5uWBUB g09Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=20CzfBgtk85xLhcDKBYnFOU2cbhsd2h8CTfVNYGhwuI=; fh=vsluYzD1e/A3/qUmyiIdM+TCBNBC3BCBPapaM29i7kU=; b=XqzZHPvkwceaAVjpGSPyH92MfQM5tFGICzZnWSSkAMbtJIyjtL7E33CRaq51A1SJvq 3z/bAp81LIrXMjLxynoaK38yKKKNGPzPlnrhiiFkVCNelmjp8yM+wDwoMCg89FZ6tS3N FnmxqgjazpSCYI2QMiTLRoo+CHQacArZYyZtolRQms9EsZQJCwEGyWOoewbQ5YLL9rPY iqwqc9KkhxEmf979g6noohgTUAvNXbK57wedtQBIDwwVChUagSIAjyqaS6CqYTKayX8H I1BjmQ+GIZhysYsCUi1Y+WAusUZmJmzY+MiNz0jKIWAofNTUiVVi5oUup2A8bYHSm97t Nj5w==; darn=postgresql.org ARC-Authentication-Results: i=1; mx.google.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=percona.com; s=google; t=1773782358; x=1774387158; darn=postgresql.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=20CzfBgtk85xLhcDKBYnFOU2cbhsd2h8CTfVNYGhwuI=; b=GkVoAV4eaiLHwpmnOP576hAntWn4v8VlU5KTVJcpUKy3TUrKqjynd2vPVNdvV/STMD ZSZfXXRFzaFxmGXGyjQ/Qm6MEaR61Q/So/6cK0LQHbNCL9FPv1RrMs5pj9x83cP1gyxH CbZFqpHjxlVvqLnB+iZ0wAlqqHvtpOXTfSGLg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1773782358; x=1774387158; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=20CzfBgtk85xLhcDKBYnFOU2cbhsd2h8CTfVNYGhwuI=; b=fLVu7J5OrzThdEKzT/j4Ig6kNk/5Z14KY7FHmydFgB9oBhs5LgrnfPpVpuKv81/Z6m IQgy8VCoGnuwxywLhqz0+yMzVk0MyxL4QEPAQUyxC37QG7w4yhDeQRyjGUfYrHO+fVLX 6EcmV4fRXg762SRH50tD/7YYXcaF3vM5NBQne9Q1i/QSuoPG2nL21T6JwXXSHje5SYLI L7jEzWNK2TVMUShYNQiVZ2j4YvAkM4++atpPRRBPo1JyiWX/EboMfgGLpjRkZuztaRfO L8egtzV614J/1J0c7Xe0gO8J31QZYy10gCY7iHIpU+cO6jxjnbZhcpMqlgvUsdb2sKjR ZQbw== X-Forwarded-Encrypted: i=1; AJvYcCXJCVQldqGHwCH0x/pJQn+kjeCEibbJbalHwrnjmZoudY2nvWssPmYgrk7fz7A3kxTmesLakWC1Zar8sxSu@postgresql.org X-Gm-Message-State: AOJu0YwtVq21yHYVy4ZuFL4WKvqbQ0/bvF+d97OWxTz18UJBEuvvhzCo F/B5AOXCJ4AIGGAvML3Ylp4xqqsw7NI9ab8Vt/DWFUMKDrV2WXvUiwxpIQd9fvCMKX07PG7AA3r x+eyOVFGSYnqejwFkYfnWIJQdmWTRUNwLxC7KHKL808A5kMuDx6+tujk5poC7imkmR54Gsyfp5E jSxjPCgTF3W7FNzwB0BMtpf8h5e+OmffiokV7f2/5JG98Z/kOhQZOeBgj+whhDp3Ue6WwgOlGqB Or0078n5NVsGwMQI16QhumxepLSKP3ciHoFSfFedavux1pzZ1LEG7mbumTRbMxdXRiQhg== X-Gm-Gg: ATEYQzz2HfYVVkTzdE9kIgR5OfY2I42TkF8GNFl6MY3lqUwr2QX46f1Q5+Unclbf3vr hF0ea8OKLmdAaOL7bZ8IOMP47OFOXZKLF58rcaRKMCXkAmRXj3QaaG93Hmr7+HyHqlC/tqnrWB+ p+hkAycM4NGZU+IptoRFtIU6ZKDeg+76bSp2hRrSbjfrwSIVPmk7het31XI+Vmf1XMuNV0Z/NGB QiEP/69wAH1w9c1VVq0q1zFtq80vDze9vx5PUDS4/W4A5bobr+YFBVvJXd4oBy37CYjtLhcD/qj LFQckrdI5q1DvBERHzajLDszmAHLAI+kIOVA2AlTf12+q9x66qYAVeR7+FrDexhnahF+ X-Received: by 2002:a05:690c:c14a:b0:799:1fa3:c915 with SMTP id 00721157ae682-79a71cbe82cmr9507037b3.56.1773782358156; Tue, 17 Mar 2026 14:19:18 -0700 (PDT) MIME-Version: 1.0 References: <7DB528BA-C7A0-4B23-890C-5332FB35A16E@yesql.se> <7094F798-8DD1-4974-9A04-10E147B29581@gmail.com> <15434512-B3FB-4AB3-B6B3-5D85ED0B4BBE@yandex-team.ru> <99C6E80B-8770-41C2-8084-BF3C7F389FFF@yandex-team.ru> <1B58D836-6B8F-4B9A-9B84-08965E5AA06B@yandex-team.ru> <1AB529D5-6F5D-426D-AB99-12BB7DD394D3@gmail.com> In-Reply-To: From: Zsolt Parragi Date: Tue, 17 Mar 2026 21:19:07 +0000 X-Gm-Features: AaiRm52cwnQ8eH7MMsBfAl7TmVkwF3VVwwIMrlrMaNmi6JB1sCPYwOIPhayf9Gg Message-ID: Subject: Re: Improve OAuth discovery logging To: Jacob Champion Cc: Chao Li , Andrey Borodin , Daniel Gustafsson , PostgreSQL Hackers , Michael Paquier , Tom Lane Content-Type: text/plain; charset="UTF-8" X-CLOUD-SEC-AV-Sent: true X-CLOUD-SEC-AV-Info: percona,google_mail,monitor X-Gm-Spam: 0 X-Gm-Phishy: 0 List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk > That's not really true, because the caller hardcodes the mechanism > descriptor. I meant that the caller shouldn't depend on the implementation details of the mechanism. The abandoned comment says that '"Abandoned" is a SASL-specific state similar to STATUS_EOF ...', yet later it also depends on an implementation detail of which sasl mechanism actually use it. > (If more things than OAuth need this eventually, maybe it becomes > STATUS_SILENT_ERROR or something, to make it even more generic?) That's a good idea, better than my error level suggestion. The code would actually shorter, because you could remove the programmer error check from CheckSASLAuth. The diff also, because it would work without modifying the calls to it. The patch is also good as-is, all these comments in the last few messages are just very minor details, I probably spent way too much time thinging about how to make this not oauth specific in the generic part of the code.