Add FATAL_CLIENT_ONLY to ereport/elog

SASL exchanges must end with either an AuthenticationOk or an
ErrorResponse from the server, and the standard way to produce an
ErrorResponse packet is for auth_failed() to call ereport(FATAL). This
means that there's no way for a SASL mechanism to suppress the server
log entry if the "authentication attempt" was really just a query for
authentication metadata, as is done with OAUTHBEARER.

Following the example of 1f9158ba4, add a FATAL_CLIENT_ONLY elevel. This
will allow ClientAuthentication() to choose not to log a particular
failure, while still correctly ending the authentication exchange before
process exit.

(The provenance of this patch is convoluted: since it's a mechanical
copy-paste of 1f9158ba4, both Zsolt Parragi and I produced nearly
identical versions independently, and Andrey Borodin reviewed Zsolt's
version. Tom Lane is the author of 1f9158ba4, but I don't want to imply
that he's signed off on this adaptation. See Discussion.)

Reviewed-by: Andrey Borodin <x4mmm@yandex-team.ru>
Discussion: https://postgr.es/m/CAN4CZFPim7hUiyb7daNKQPSZ8CvQRBGkVhbvED7yZi8VktSn4Q%40mail.gmail.com

diff --git a/src/backend/utils/error/elog.c b/src/backend/utils/error/elog.c
index 314ef85fdb447b7b20d9927f3c4369f59e0d6633..c270c62e213968bf58317f665a9940bda18c0992 100644 (file)
--- a/src/backend/utils/error/elog.c
+++ b/src/backend/utils/error/elog.c
@@ -217,7 +217,7 @@ is_log_level_output(int elevel, int log_min_level)
                if (log_min_level == LOG || log_min_level <= ERROR)
                        return true;
        }
-       else if (elevel == WARNING_CLIENT_ONLY)
+       else if (elevel == WARNING_CLIENT_ONLY || elevel == FATAL_CLIENT_ONLY)
        {
                /* never sent to log, regardless of log_min_level */
                return false;
@@ -573,7 +573,7 @@ errfinish(const char *filename, int lineno, const char *funcname)
        /*
         * Perform error recovery action as specified by elevel.
         */
-       if (elevel == FATAL)
+       if (elevel == FATAL || elevel == FATAL_CLIENT_ONLY)
        {
                /*
                 * For a FATAL error, we let proc_exit clean up and exit.
@@ -2965,6 +2965,7 @@ write_eventlog(int level, const char *line, int len)
                        break;
                case ERROR:
                case FATAL:
+               case FATAL_CLIENT_ONLY:
                case PANIC:
                default:
                        eventlevel = EVENTLOG_ERROR_TYPE;
@@ -3800,6 +3801,7 @@ send_message_to_server_log(ErrorData *edata)
                                syslog_level = LOG_WARNING;
                                break;
                        case FATAL:
+                       case FATAL_CLIENT_ONLY:
                                syslog_level = LOG_ERR;
                                break;
                        case PANIC:
@@ -4182,6 +4184,7 @@ error_severity(int elevel)
                        prefix = gettext_noop("ERROR");
                        break;
                case FATAL:
+               case FATAL_CLIENT_ONLY:
                        prefix = gettext_noop("FATAL");
                        break;
                case PANIC:

diff --git a/src/include/utils/elog.h b/src/include/utils/elog.h
index a12b379e09a6138136b8210240bc6b84c39dcd40..440a02dd147417993227100e292ee95fe0f3ccec 100644 (file)
--- a/src/include/utils/elog.h
+++ b/src/include/utils/elog.h
@@ -53,7 +53,8 @@ struct Node;
                                                                 * known state */
 #define PGERROR                21                      /* Must equal ERROR; see NOTE below. */
 #define FATAL          22                      /* fatal error - abort process */
-#define PANIC          23                      /* take down the other backends with me */
+#define FATAL_CLIENT_ONLY 23   /* fatal version of WARNING_CLIENT_ONLY */
+#define PANIC          24                      /* take down the other backends with me */
 
 /*
  * NOTE: the alternate names PGWARNING and PGERROR are useful for dealing