Hi, On 2025-03-13 09:23:10 -0700, Jacob Champion wrote: > On Wed, Mar 12, 2025 at 3:16 PM Jacob Champion > <jacob.champ...@enterprisedb.com> wrote: > > I missed PAM_CONV, sorry. I'm worried about the sendAuthRequest() > > being done there; it doesn't seem safe to potentially ereport(ERROR) > > and longjmp through a PAM call stack?
That indeed doesn't seem safe. I am wondering if PAM is so fundamentally incompatible with handling interrupts / a non-blocking interface that we have little choice but to eventually remove it... > PAM aside... Michael, what's your level of enthusiasm for the rest of this > patch? I was confidently, embarrassingly wrong about how CheckPAMAuth > worked, and it makes me think I need to put this down and take a completely > new crack at it in 19. FWIW, I continue to think that it's better to invest in making more auth methods non-blocking, rather than adding wait events for code that could maybe sometimes wait on different things internally. Greetings, Andres Freund
