Skip to content
Snippets Groups Projects
  1. Dec 23, 2009
  2. Dec 21, 2009
  3. Dec 20, 2009
  4. Dec 19, 2009
    • Peter Eisentraut's avatar
      Translation updates · baab7a04
      Peter Eisentraut authored
      baab7a04
    • Itagaki Takahiro's avatar
      Add a whitespace to fix the query to dump large objects. · ce1489fa
      Itagaki Takahiro authored
      PL/pgSQL-by-default patch broke the code for 8.3 <= server_version < 8.5.
      ce1489fa
    • Tom Lane's avatar
      Bump catversion to reflect the fact that HS patch changed pg_proc · 4fca795d
      Tom Lane authored
      contents, and PG_CONTROL_VERSION to reflect the fact that it changed
      pg_control contents.  (I see we did at least remember to change
      XLOG_PAGE_MAGIC for the WAL contents changes.)
      4fca795d
    • Tom Lane's avatar
      plpgsql patch broke the MSVC build, too. · d37cda2c
      Tom Lane authored
      d37cda2c
    • Alvaro Herrera's avatar
    • Simon Riggs's avatar
      Allow read only connections during recovery, known as Hot Standby. · efc16ea5
      Simon Riggs authored
      Enabled by recovery_connections = on (default) and forcing archive recovery using a recovery.conf. Recovery processing now emulates the original transactions as they are replayed, providing full locking and MVCC behaviour for read only queries. Recovery must enter consistent state before connections are allowed, so there is a delay, typically short, before connections succeed. Replay of recovering transactions can conflict and in some cases deadlock with queries during recovery; these result in query cancellation after max_standby_delay seconds have expired. Infrastructure changes have minor effects on normal running, though introduce four new types of WAL record.
      
      New test mode "make standbycheck" allows regression tests of static command behaviour on a standby server while in recovery. Typical and extreme dynamic behaviours have been checked via code inspection and manual testing. Few port specific behaviours have been utilised, though primary testing has been on Linux only so far.
      
      This commit is the basic patch. Additional changes will follow in this release to enhance some aspects of behaviour, notably improved handling of conflicts, deadlock detection and query cancellation. Changes to VACUUM FULL are also required.
      
      Simon Riggs, with significant and lengthy review by Heikki Linnakangas, including streamlined redesign of snapshot creation and two-phase commit.
      
      Important contributions from Florian Pflug, Mark Kirkwood, Merlin Moncure, Greg Stark, Gianni Ciolli, Gabriele Bartolini, Hannu Krosing, Robert Haas, Tatsuo Ishii, Hiroyuki Yamada plus support and feedback from many other community members.
      efc16ea5
    • Bruce Momjian's avatar
      binary migration: pg_migrator · 78a09145
      Bruce Momjian authored
      Add comments about places where system oids have to be preserved for
      binary migration.
      78a09145
  5. Dec 18, 2009
  6. Dec 17, 2009
  7. Dec 16, 2009
    • Peter Eisentraut's avatar
      If there is no sigdelset(), define it as a macro. · b63b967a
      Peter Eisentraut authored
      This removes some duplicate code that recreated the identical workaround
      when the newer signal API is missing.
      b63b967a
    • Tom Lane's avatar
      Avoid a premature coercion failure in transformSetOperationTree() when · 52fc0075
      Tom Lane authored
      presented with an UNKNOWN-type Var, which can happen in cases where an
      unknown literal appeared in a subquery.  While many such cases will fail
      later on anyway in the planner, there are some cases where the planner is
      able to flatten the query and replace the Var by the constant before it has
      to coerce the union column to the final type.  I had added this check in 8.4
      to provide earlier/better error detection, but it causes a regression for
      some cases that worked OK before.  Fix by not making the check if the input
      node is UNKNOWN type and not a Const or Param.  If it isn't going to work,
      it will fail anyway at plan time, with the only real loss being inability to
      provide an error cursor.  Per gripe from Britt Piehler.
      
      In passing, rename a couple of variables to remove confusion from an
      inner scope masking the same variable names in an outer scope.
      52fc0075
    • Robert Haas's avatar
      Several fixes for EXPLAIN (FORMAT YAML), plus one for EXPLAIN (FORMAT JSON). · ff499613
      Robert Haas authored
      ExplainSeparatePlans() was busted for both JSON and YAML output - the present
      code is a holdover from the original version of my machine-readable explain
      patch, which didn't have the grouping_stack machinery.  Also, fix an odd
      distribution of labor between ExplainBeginGroup() and ExplainYAMLLineStarting()
      when marking lists with "- ", with each providing one character.  This broke
      the output format for multi-query statements.  Also, fix ExplainDummyGroup()
      for the YAML output format.
      
      Along the way, make the YAML format use escape_yaml() in situations where the
      JSON format uses escape_json().  Right now, it doesn't matter because all the
      values are known not to need escaping, but it seems safer this way.  Finally,
      I added some comments to better explain what the YAML output format is doing.
      
      Greg Sabino Mullane reported the issues with multi-query statements.
      Analysis and remaining cleanups by me.
      ff499613
    • Michael Meskes's avatar
      Fixed auto-prepare to not try preparing statements that are not preparable. Bug · d19669e5
      Michael Meskes authored
      found and solved by Boszormenyi Zoltan <zb@cybertec.at>, some small adjustments
      by me.
      d19669e5
  8. Dec 15, 2009
  9. Dec 14, 2009
    • Tom Lane's avatar
      Fix a bug introduced when set-returning SQL functions were made inline-able: · a620d500
      Tom Lane authored
      we have to cope with the possibility that the declared result rowtype contains
      dropped columns.  This fails in 8.4, as per bug #5240.
      
      While at it, be more paranoid about inserting binary coercions when inlining.
      The pre-8.4 code did not really need to worry about that because it could not
      inline at all in any case where an added coercion could change the behavior
      of the function's statement.  However, when inlining a SRF we allow sorting,
      grouping, and set-ops such as UNION.  In these cases, modifying one of the
      targetlist entries that the sort/group/setop depends on could conceivably
      change the behavior of the function's statement --- so don't inline when
      such a case applies.
      a620d500
    • Itagaki Takahiro's avatar
      Additional fixes for large object access control. · 84f910a7
      Itagaki Takahiro authored
      Use pg_largeobject_metadata.oid instead of pg_largeobject.loid
      to enumerate existing large objects in pg_dump, pg_restore, and
      contrib modules.
      84f910a7
  10. Dec 12, 2009
    • Magnus Hagander's avatar
      Allow LDAP authentication to operate in search+bind mode, meaning it · 0182d6f6
      Magnus Hagander authored
      does a search for the user in the directory first, and then binds with
      the DN found for this user.
      
      This allows for LDAP logins in scenarios where the DN of the user cannot
      be determined simply by prefix and suffix, such as the case where different
      users are located in different containers.
      
      The old way of authentication can be significantly faster, so it's kept
      as an option.
      
      Robert Fleming and Magnus Hagander
      0182d6f6
    • Tom Lane's avatar
      Fix integer-to-bit-string conversions to handle the first fractional byte · a4e035b2
      Tom Lane authored
      correctly when the output bit width is wider than the given integer by
      something other than a multiple of 8 bits.
      
      This has been wrong since I first wrote that code for 8.0 :-(.  Kudos to
      Roman Kononov for being the first to notice, though I didn't use his
      patch.  Per bug #5237.
      a4e035b2
    • Robert Haas's avatar
      Export ExplainBeginOutput() and ExplainEndOutput() for auto_explain. · 02490d46
      Robert Haas authored
      Without these functions, anyone outside of explain.c can't actually use
      ExplainPrintPlan, because the ExplainState won't be initialized properly.
      The user-visible result of this was a crash when using auto_explain with
      the JSON output format.
      
      Report by Euler Taveira de Oliveira.  Analysis by Tom Lane.  Patch by me.
      02490d46
  11. Dec 11, 2009
  12. Dec 10, 2009
    • Peter Eisentraut's avatar
      PL/Python array support · db738618
      Peter Eisentraut authored
      Support arrays as parameters and return values of PL/Python functions.
      db738618
    • Peter Eisentraut's avatar
      Add init[db] option to pg_ctl · a37b001b
      Peter Eisentraut authored
      pg_ctl gets a new mode that runs initdb.  Adjust the documentation a bit to
      not assume that initdb is the only way to run database cluster initialization.
      But don't replace initdb as the canonical way.
      
      Author: Zdenek Kotala <Zdenek.Kotala@Sun.COM>
      a37b001b
  13. Dec 09, 2009
    • Tom Lane's avatar
      Prevent indirect security attacks via changing session-local state within · 62aba765
      Tom Lane authored
      an allegedly immutable index function.  It was previously recognized that
      we had to prevent such a function from executing SET/RESET ROLE/SESSION
      AUTHORIZATION, or it could trivially obtain the privileges of the session
      user.  However, since there is in general no privilege checking for changes
      of session-local state, it is also possible for such a function to change
      settings in a way that might subvert later operations in the same session.
      Examples include changing search_path to cause an unexpected function to
      be called, or replacing an existing prepared statement with another one
      that will execute a function of the attacker's choosing.
      
      The present patch secures VACUUM, ANALYZE, and CREATE INDEX/REINDEX against
      these threats, which are the same places previously deemed to need protection
      against the SET ROLE issue.  GUC changes are still allowed, since there are
      many useful cases for that, but we prevent security problems by forcing a
      rollback of any GUC change after completing the operation.  Other cases are
      handled by throwing an error if any change is attempted; these include temp
      table creation, closing a cursor, and creating or deleting a prepared
      statement.  (In 7.4, the infrastructure to roll back GUC changes doesn't
      exist, so we settle for rejecting changes of "search_path" in these contexts.)
      
      Original report and patch by Gurjeet Singh, additional analysis by
      Tom Lane.
      
      Security: CVE-2009-4136
      62aba765
    • Magnus Hagander's avatar
      Add notes about updating disk and shared memory size information in the · 7aeaa97d
      Magnus Hagander authored
      documentation when doing new major release.
      7aeaa97d
    • Magnus Hagander's avatar
      Reject certificates with embedded NULLs in the commonName field. This stops · abf23ee8
      Magnus Hagander authored
      attacks where an attacker would put <attack>\0<propername> in the field and
      trick the validation code that the certificate was for <attack>.
      
      This is a very low risk attack since it reuqires the attacker to trick the
      CA into issuing a certificate with an incorrect field, and the common
      PostgreSQL deployments are with private CAs, and not external ones. Also,
      default mode in 8.4 does not do any name validation, and is thus also not
      vulnerable - but the higher security modes are.
      
      Backpatch all the way. Even though versions 8.3.x and before didn't have
      certificate name validation support, they still exposed this field for
      the user to perform the validation in the application code, and there
      is no way to detect this problem through that API.
      
      Security: CVE-2009-4034
      abf23ee8
    • Tom Lane's avatar
      Update time zone data files to tzdata release 2009s: DST law changes in · 65ed2039
      Tom Lane authored
      Antarctica, Argentina, Bangladesh, Fiji, Novokuznetsk, Pakistan, Palestine,
      Samoa, Syria.  Also historical corrections for Hong Kong.
      65ed2039
  14. Dec 07, 2009
Loading