[pgpool-hackers: 4060] Re: Proposal: add validations of wd_lifecheck_password and recovery_password format.
Tatsuo Ishii
ishii at sraoss.co.jp
Wed Nov 10 17:27:55 JST 2021
Hi,
Thank you for your proposal.
> Hi,
>
> wd_lifecheck_password and recovery_password are not allowed to be md5 hashed format
> but pgppol dont check their password format.
>
> I think this proposal will help users to know why pcp_recovery_node fails and authentication
> failure appears in pgpool log.
>
> What do you think?
I think the proposal is good and should be applied to the all
supported branches.
Some suggestions to the patch.
1.
+ if(chceck_password_type_is_not_md5(pool_config->recovery_user, pool_config->recovery_password) == -1)
You need a space between "if" and "(".
2.
Accoring to the PostgreSQL message guide, problably this:
+ (errmsg("the password of recovery_user %s is invalid format",
+ pool_config->recovery_user),
+ errdetail("recovery_password is not allowed to be md5 hashed format")));
would be better if descrbed:
+ (errmsg("invalid password format for recovery_user: %s",
+ pool_config->recovery_user),
+ errdetail("md5 hashed password is not allowed here")));
Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp
More information about the pgpool-hackers
mailing list