-
Notifications
You must be signed in to change notification settings - Fork 371
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow bypassing authentication #3840
Conversation
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## main #3840 +/- ##
==========================================
- Coverage 76.70% 76.16% -0.55%
==========================================
Files 316 316
Lines 23666 23687 +21
==========================================
- Hits 18153 18041 -112
- Misses 4470 4599 +129
- Partials 1043 1047 +4
... and 17 files with indirect coverage changes
Flags with carried forward coverage won't be shown. Click here to find out more. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
Side question: so, we always store every new username-password group in the connection pool. But we don't cleanup the pool, right? E.g. if 100 users connect with different usernames and passwords, we will store them all unless FerretDB is stopped?
Pools.
Right, we don't clean-up pools.
If there are 100 valid username/password combinations, then yes, in that case we store 100 strings and 100 pointers. Each pointer points to a pool of connections which automatically scales down to zero: FerretDB/internal/backends/postgresql/metadata/pool/uri.go Lines 28 to 31 in 6737d32
|
Why would this cause authentication bypass |
Authentication is bypassed when |
Description
Closes #3459.
Readiness checklist
task all
, and it passed.@FerretDB/core
), Milestone (Next
), Labels, Project and project's Sprint fields.