oauth: Run Autoconf tests with correct compiler flags
Commit b0635bfda split off the CPPFLAGS/LDFLAGS/LDLIBS for libcurl into
their own separate Makefile variables, but I neglected to move the
existing AC_CHECKs for Curl into a place where they would make use of
those variables. They instead teste
oauth: Run Autoconf tests with correct compiler flags
Commit b0635bfda split off the CPPFLAGS/LDFLAGS/LDLIBS for libcurl into
their own separate Makefile variables, but I neglected to move the
existing AC_CHECKs for Curl into a place where they would make use of
those variables. They instead teste
On Wed, Jul 9, 2025 at 8:55 PM Michael Paquier wrote:
>
> On Wed, Jul 09, 2025 at 11:49:55AM -0400, Tom Lane wrote:
> > Not sure. Yesterday I saw such warnings from arowana,
> > boa, dhole, rhinoceros, and shelduck, eg
> >
> > arowana | 2025-07-08 04:54:18 | xpath.c:274:6: warning: 'worksp
oauth: Fix kqueue detection on OpenBSD
In b0635bfda, I added an early header check to the Meson OAuth support,
which was intended to duplicate the later checks for
HAVE_SYS_[EVENT|EPOLL]_H. However, I implemented the new test via
check_header() -- which tries to compile -- rather than has_header()
oauth: Fix kqueue detection on OpenBSD
In b0635bfda, I added an early header check to the Meson OAuth support,
which was intended to duplicate the later checks for
HAVE_SYS_[EVENT|EPOLL]_H. However, I implemented the new test via
check_header() -- which tries to compile -- rather than has_header()
oauth: Correct missing comma in Requires.private
I added libcurl to the Requires.private section of libpq.pc in commit
b0635bfda, but I missed that the Autoconf side needs commas added
explicitly. Configurations which used both --with-libcurl and
--with-openssl ended up with the following entry:
oauth: Limit JSON parsing depth in the client
Check the ctx->nested level as we go, to prevent a server from running
the client out of stack space.
The limit we choose when communicating with authorization servers can't
be overly strict, since those servers will continue to add extensions in
thei
oauth: Correct SSL dependency for libpq-oauth.a
libpq-oauth.a includes libpq-int.h, which includes OpenSSL headers. The
Autoconf side picks up the necessary include directories via CPPFLAGS,
but Meson needs the dependency to be made explicit.
Reported-by: Nathan Bossart
Tested-by: Nathan Bossart
oauth: Fix Autoconf build on macOS
Oversight in b0635bfda. -lintl is necessary for gettext on Mac, which
libpq-oauth depends on via pgport/pgcommon. (I'd incorrectly removed
this change from an earlier version of the patch, where it was suggested
by Peter Eisentraut.)
Per buildfarm member indri.
On Thu, May 1, 2025 at 10:48 AM Tom Lane wrote:
> It looks like you need to mention libintl explicitly in the link
> command for libpq-oauth, if we're building with NLS.
> macOS is picky that way ...
Yeah, and that was in at one point at Peter's suggestion. :/ I made
the mistake of taking it back
On Thu, May 1, 2025 at 10:26 AM Jacob Champion wrote:
>
> oauth: Move the builtin flow into a separate module
I'm taking a look at the MacPorts failure now.
--Jacob
oauth: Move the builtin flow into a separate module
The additional packaging footprint of the OAuth Curl dependency, as well
as the existence of libcurl in the address space even if OAuth isn't
ever used by a client, has raised some concerns. Split off this
dependency into a separate loadable modu
oauth: Disallow OAuth connections via postgres_fdw/dblink
A subsequent commit will reclassify oauth_client_secret from dispchar=""
to dispchar="*", so that UIs will treat it like a secret. For our FDWs,
this change will move that option from SERVER to USER MAPPING, which we
need to avoid.
But upo
Bump the minimum supported Python version to 3.6.8
Python 3.2 is no longer tested by the buildfarm, and there are only a
handful of buildfarm animals running versions older than 3.6, which
itself went end-of-life in 2021. Python 3.6.8 is the default version
shipped in RHEL8, so that seems like a r
oauth: Classify oauth_client_secret as a password
Tell UIs to hide the value of oauth_client_secret, like the other
passwords. Due to the previous commit, this does not affect postgres_fdw
and dblink, but add a comment to try to warn others of the hazard in the
future.
Reported-by: Noah Misch
Re
oauth: Support Python 3.6 in tests
RHEL8 ships a patched 3.6.8 as its base Python version, and I
accidentally let some newer Python-isms creep into oauth_server.py
during development.
Reported-by: Tom Lane
Reviewed-by: Jelte Fennema-Nio
Tested-by: Renan Alves Fonseca
Tested-by: Tom Lane
Discu
On Wed, Apr 16, 2025 at 9:30 AM Daniel Gustafsson wrote:
> It seems like this commit didn't run autoheader, which leaves a trivial diff
> in
> pg_config.h.in carried over for future callers. It doesn't change anuything
> really as the HAVE_LIBNUMA macro isn't used, but for completeness sake we
>
On Fri, Mar 22, 2024 at 2:17 PM Daniel Gustafsson wrote:
> (We have only defined a minimum supported
> version of OpenSSL, we should do the same for LibreSSL since it's right now
> unclear what we support and for how long.)
+1
> Adding checks for symbol existence
> in autoconf/meson seems like t
On Wed, 2021-04-07 at 10:27 -0400, Tom Lane wrote:
> Michael Paquier writes:
> > On Wed, Apr 07, 2021 at 01:17:34AM +, Michael Paquier wrote:
> > > Add some information about authenticated identity via log_connections
> > So, fairywren, that is able to run the SSL tests on Windows, has been
>
19 matches
Mail list logo
