Log message for GSS connection is missing once connection authorization is successful.

Tue, 27 Oct 2020 20:00:24 -0700 

Hi,

Log message for GSS connection is missing once connection
authorization is successful. We have similar log messages for SSL
connections once the connection authorization is successful. This
message will help the user to identify the connection that was
selected from the logfile. I'm not sure if this log message was
intentionally left out due to some reason for GSS.
If the above analysis looks correct, then please find a patch that
adds log for gss connections.

Thoughts?

Regards,
Vignesh
EnterpriseDB: http://www.enterprisedb.com

From 95c906b9eaf1493ad10ac65d6cf7b27a7dd6acb9 Mon Sep 17 00:00:00 2001
From: Vignesh C <vignes...@gmail.com>
Date: Wed, 28 Oct 2020 08:19:06 +0530
Subject: [PATCH v1] Log message for GSS connection is missing once connection
 authorization is successful.

Log message for GSS connection is missing once connection authorization is
successful. We have similar log message for SSL connections once the connection
authorization is successful. This message will help the user to identify the
connection that was selected from the logfile.
---
 src/backend/utils/init/postinit.c | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/src/backend/utils/init/postinit.c b/src/backend/utils/init/postinit.c
index d4ab4c7..0fd38b7 100644
--- a/src/backend/utils/init/postinit.c
+++ b/src/backend/utils/init/postinit.c
@@ -267,6 +267,21 @@ PerformAuthentication(Port *port)
 								  be_tls_get_compression(port) ? _("on") : _("off"))));
 			else
 #endif
+#ifdef ENABLE_GSS
+			if (be_gssapi_get_enc(port))
+				ereport(LOG,
+						(port->application_name != NULL
+						 ? errmsg("replication connection authorized: user=%s application_name=%s GSS enabled (gssapi autorization=%s, principal=%s)",
+								  port->user_name,
+								  port->application_name,
+								  be_gssapi_get_auth(port) ? _("on") : _("off"),
+								  be_gssapi_get_princ(port))
+						 : errmsg("replication connection authorized: user=%s GSS enabled (gssapi autorization=%s, principal=%s)",
+								  port->user_name,
+								  be_gssapi_get_auth(port) ? _("on") : _("off"),
+								  be_gssapi_get_princ(port))));
+			else
+#endif
 				ereport(LOG,
 						(port->application_name != NULL
 						 ? errmsg("replication connection authorized: user=%s application_name=%s",
@@ -295,6 +310,20 @@ PerformAuthentication(Port *port)
 								  be_tls_get_compression(port) ? _("on") : _("off"))));
 			else
 #endif
+#ifdef ENABLE_GSS
+			if (be_gssapi_get_enc(port))
+				ereport(LOG,
+						(port->application_name != NULL
+						 ? errmsg("connection authorized: user=%s database=%s application_name=%s GSS enabled (gssapi autorization=%s, principal=%s)",
+								  port->user_name, port->database_name, port->application_name,
+								  be_gssapi_get_auth(port) ? _("on") : _("off"),
+								  be_gssapi_get_princ(port))
+						 : errmsg("connection authorized: user=%s database=%s GSS enabled (gssapi autorization=%s, principal=%s)",
+								  port->user_name, port->database_name,
+								  be_gssapi_get_auth(port) ? _("on") : _("off"),
+								  be_gssapi_get_princ(port))));
+			else
+#endif
 				ereport(LOG,
 						(port->application_name != NULL
 						 ? errmsg("connection authorized: user=%s database=%s application_name=%s",
-- 
1.8.3.1

Reply via email to