Add FATAL_CLIENT_ONLY to ereport/elog

SASL exchanges must end with either an AuthenticationOk or an ErrorResponse from the server, and the standard way to produce an ErrorResponse packet is for auth_failed() to call ereport(FATAL). This means that there's no way for a SASL mechanism to suppress the server log entry if the "authentication attempt" was really just a query for authentication metadata, as is done with OAUTHBEARER. Following the example of 1f9158ba4, add a FATAL_CLIENT_ONLY elevel. This will allow ClientAuthentication() to choose not to log a particular failure, while still correctly ending the authentication exchange before process exit. (The provenance of this patch is convoluted: since it's a mechanical copy-paste of 1f9158ba4, both Zsolt Parragi and I produced nearly identical versions independently, and Andrey Borodin reviewed Zsolt's version. Tom Lane is the author of 1f9158ba4, but I don't want to imply that he's signed off on this adaptation. See Discussion.) Reviewed-by: Andrey Borodin <x4mmm@yandex-team.ru> Discussion: https://postgr.es/m/CAN4CZFPim7hUiyb7daNKQPSZ8CvQRBGkVhbvED7yZi8VktSn4Q%40mail.gmail.com
2026-04-15 22:10:45 -04:00 · 2026-03-31 11:47:29 -07:00 · 2026-03-31 11:47:29 -07:00 · c2bca7cc96
commit c2bca7cc96
parent 09532b4040
2 changed files with 7 additions and 3 deletions
--- a/src/backend/utils/error/elog.c
+++ b/src/backend/utils/error/elog.c
@ -217,7 +217,7 @@ is_log_level_output(int elevel, int log_min_level)
 		if (log_min_level == LOG || log_min_level <= ERROR)
 			return true;
 	}
-	else if (elevel == WARNING_CLIENT_ONLY)
+	else if (elevel == WARNING_CLIENT_ONLY || elevel == FATAL_CLIENT_ONLY)
 	{
 		/* never sent to log, regardless of log_min_level */
 		return false;
@ -573,7 +573,7 @@ errfinish(const char *filename, int lineno, const char *funcname)
 	/*
 	 * Perform error recovery action as specified by elevel.
 	 */
-	if (elevel == FATAL)
+	if (elevel == FATAL || elevel == FATAL_CLIENT_ONLY)
 	{
 		/*
 		 * For a FATAL error, we let proc_exit clean up and exit.
@ -2965,6 +2965,7 @@ write_eventlog(int level, const char *line, int len)
 			break;
 		case ERROR:
 		case FATAL:
+		case FATAL_CLIENT_ONLY:
 		case PANIC:
 		default:
 			eventlevel = EVENTLOG_ERROR_TYPE;
@ -3800,6 +3801,7 @@ send_message_to_server_log(ErrorData *edata)
 				syslog_level = LOG_WARNING;
 				break;
 			case FATAL:
+			case FATAL_CLIENT_ONLY:
 				syslog_level = LOG_ERR;
 				break;
 			case PANIC:
@ -4182,6 +4184,7 @@ error_severity(int elevel)
 			prefix = gettext_noop("ERROR");
 			break;
 		case FATAL:
+		case FATAL_CLIENT_ONLY:
 			prefix = gettext_noop("FATAL");
 			break;
 		case PANIC:
--- a/src/include/utils/elog.h
+++ b/src/include/utils/elog.h
@ -53,7 +53,8 @@ struct Node;
 								 * known state */
 #define PGERROR		21			/* Must equal ERROR; see NOTE below. */
 #define FATAL		22			/* fatal error - abort process */
-#define PANIC		23			/* take down the other backends with me */
+#define FATAL_CLIENT_ONLY 23	/* fatal version of WARNING_CLIENT_ONLY */
+#define PANIC		24			/* take down the other backends with me */

 /*
 * NOTE: the alternate names PGWARNING and PGERROR are useful for dealing