]> granicus.if.org Git - postgresql/log
postgresql
14 years agoAvoid starting walreceiver in states where it shouldn't be running.
Robert Haas [Thu, 27 May 2010 02:01:37 +0000 (02:01 +0000)]
Avoid starting walreceiver in states where it shouldn't be running.

In particular, it's bad to start walreceiver when in state
PM_WAIT_BACKENDS, because we have no provision to kill walreceiver
when in that state.

Fujii Masao

14 years agoAdjust comment to reflect that we now have Hot Standby. Pointed out by
Heikki Linnakangas [Thu, 27 May 2010 00:38:39 +0000 (00:38 +0000)]
Adjust comment to reflect that we now have Hot Standby. Pointed out by
Robert Haas.

14 years agoFix SGML markup
Bruce Momjian [Wed, 26 May 2010 23:55:51 +0000 (23:55 +0000)]
Fix SGML markup

14 years agoImprove SSL-related documentation. Explain how to deal with certificate
Tom Lane [Wed, 26 May 2010 23:49:19 +0000 (23:49 +0000)]
Improve SSL-related documentation.  Explain how to deal with certificate
chains, do assorted wordsmithing.

14 years agoDocument pgFouine and check_postgres as log analysis options.
Bruce Momjian [Wed, 26 May 2010 23:29:45 +0000 (23:29 +0000)]
Document pgFouine and check_postgres as log analysis options.

14 years agoThinko in previous commit: ensure that MAX_SEND_SIZE is always greater
Heikki Linnakangas [Wed, 26 May 2010 22:34:49 +0000 (22:34 +0000)]
Thinko in previous commit: ensure that MAX_SEND_SIZE is always greater
than XLOG_BLCKSZ, by defining it as 16 * XLOG_BLCKSZ rather than directly
as 128k bytes.

14 years agoIn walsender, don't sleep if there's outstanding WAL waiting to be sent,
Heikki Linnakangas [Wed, 26 May 2010 22:21:33 +0000 (22:21 +0000)]
In walsender, don't sleep if there's outstanding WAL waiting to be sent,
otherwise we effectively rate-limit the streaming as pointed out by
Simon Riggs. Also, send the WAL in smaller chunks, to respond to signals
more promptly.

14 years agoRearrange libpq's SSL initialization to simplify it and make it handle some
Tom Lane [Wed, 26 May 2010 21:39:27 +0000 (21:39 +0000)]
Rearrange libpq's SSL initialization to simplify it and make it handle some
additional cases correctly.  The original coding failed to load additional
(chain) certificates from the client cert file, meaning that indirectly signed
client certificates didn't work unless one hacked the server's root.crt file
to include intermediate CAs (not the desired approach).  Another problem was
that everything got loaded into the shared SSL_context object, which meant
that concurrent connections trying to use different sslcert settings could
well fail due to conflicting over the single available slot for a keyed
certificate.

To fix, get rid of the use of SSL_CTX_set_client_cert_cb(), which is
deprecated anyway in the OpenSSL documentation, and instead just
unconditionally load the client cert and private key during connection
initialization.  This lets us use SSL_CTX_use_certificate_chain_file(),
which does the right thing with additional certs, and is lots simpler than
the previous hacking about with BIO-level access.  A small disadvantage is
that we have to load the primary client cert a second time with
SSL_use_certificate_file, so that that one ends up in the correct slot
within the connection's SSL object where it can get paired with the key.
Given the other overhead of making an SSL connection, that doesn't seem
worth worrying about.

Per discussion ensuing from bug #5468.

14 years agoFix bogus error message for SSL-cert authentication, due to lack of
Tom Lane [Wed, 26 May 2010 20:47:13 +0000 (20:47 +0000)]
Fix bogus error message for SSL-cert authentication, due to lack of
a uaCert entry in auth_failed().  Put the switch entries into a sane
order, namely the one the enum is declared in.

14 years agoHS Defer buffer pin deadlock check until deadlock_timeout has expired.
Simon Riggs [Wed, 26 May 2010 19:52:52 +0000 (19:52 +0000)]
HS Defer buffer pin deadlock check until deadlock_timeout has expired.
During Hot Standby we need to check for buffer pin deadlocks when the
Startup process begins to wait, in case it never wakes up again. We
previously made the deadlock check immediately on the basis it was
cheap, though clearer thinking and prima facie evidence shows that
was too simple. Refactor existing code to make it easy to add in
deferral of deadlock check until deadlock_timeout allowing a good
reduction in deadlock checks since far few buffer pins are held for
that duration. It's worth doing anyway, though major goal is to
prevent further reports of context switching with high numbers of
users on occasional tests.

14 years agoFix psql help: \da+ is same as \da, but \daS is not.
Robert Haas [Wed, 26 May 2010 19:29:22 +0000 (19:29 +0000)]
Fix psql help: \da+ is same as \da, but \daS is not.

Noted by Stephen Frost.

14 years agoThe message style police pay a visit to hba.c.
Tom Lane [Wed, 26 May 2010 16:43:13 +0000 (16:43 +0000)]
The message style police pay a visit to hba.c.

14 years agoMinor editorialization for be-secure.c: fix comments and some formatting
Tom Lane [Wed, 26 May 2010 16:15:57 +0000 (16:15 +0000)]
Minor editorialization for be-secure.c: fix comments and some formatting
infelicities.

14 years agoTell openssl to include the names of the root certs the server trusts in
Tom Lane [Wed, 26 May 2010 15:52:37 +0000 (15:52 +0000)]
Tell openssl to include the names of the root certs the server trusts in
requests for client certs.  This lets a client with a keystore select the
appropriate client certificate to send.  In particular, this is necessary
to get Java clients to work in all but the most trivial configurations.
Per discussion of bug #5468.

Craig Ringer

14 years agoMore fixes for shutdown during recovery.
Robert Haas [Wed, 26 May 2010 12:32:41 +0000 (12:32 +0000)]
More fixes for shutdown during recovery.

1. If we receive a fast shutdown request while in the PM_STARTUP state,
process it just as we would in PM_RECOVERY, PM_HOT_STANDBY, or PM_RUN.
Without this change, an early fast shutdown followed by Hot Standby causes
the database to get stuck in a state where a shutdown is pending (so no new
connections are allowed) but the shutdown request is never processed unless
we end Hot Standby and enter normal running.

2. Avoid removing the backup label file when a smart or fast shutdown occurs
during recovery.  It makes sense to do this once we've reached normal running,
since we must be taking a backup which now won't be valid.  But during
recovery we must be recovering from a previously taken backup, and any backup
label file is needed to restart recovery from the right place.

Fujii Masao and Robert Haas

14 years agoAdd missing newlines to some SSL-related error messages. Noted while testing.
Tom Lane [Tue, 25 May 2010 22:03:27 +0000 (22:03 +0000)]
Add missing newlines to some SSL-related error messages.  Noted while testing.

14 years agoFix oversight in construction of sort/unique plans for UniquePaths.
Tom Lane [Tue, 25 May 2010 17:44:41 +0000 (17:44 +0000)]
Fix oversight in construction of sort/unique plans for UniquePaths.
If the original IN operator is cross-type, for example int8 = int4,
we need to use int4 < int4 to sort the inner data and int4 = int4
to unique-ify it.  We got the first part of that right, but tried to
use the original IN operator for the equality checks.  Per bug #5472
from Vlad Romascanu.

Backpatch to 8.4, where the bug was introduced by the patch that unified
SortClause and GroupClause.  I was able to take out a whole lot of on-the-fly
calls of get_equality_op_for_ordering_op(), but failed to realize that
I needed to put one back in right here :-(

14 years agoReplace self written 'long long int' configure test by standard 'AC_TYPE_LONG_LONG_IN...
Michael Meskes [Tue, 25 May 2010 17:28:20 +0000 (17:28 +0000)]
Replace self written 'long long int' configure test by standard 'AC_TYPE_LONG_LONG_INT' macro call.

14 years agoRemove IMPLEMENTATION.jp file from pg_upgrade docs; still in pgFoundry
Bruce Momjian [Tue, 25 May 2010 16:53:24 +0000 (16:53 +0000)]
Remove IMPLEMENTATION.jp file from pg_upgrade docs;  still in pgFoundry
for pg_migrator, per suggestion from Magnus.

14 years agoUpdate pg_upgrade IMPLEMENTATION doc file to match current 9.0 behavior.
Bruce Momjian [Tue, 25 May 2010 16:09:29 +0000 (16:09 +0000)]
Update pg_upgrade IMPLEMENTATION doc file to match current 9.0 behavior.

14 years agoModify pg_standby, pgbench, and pg_upgrade manual pages to be consistent
Bruce Momjian [Tue, 25 May 2010 15:55:28 +0000 (15:55 +0000)]
Modify pg_standby, pgbench, and pg_upgrade manual pages to be consistent
in their display of command-line options with other client applications.

14 years agoAdd pg_upgrade docs about binary compatibility, per Robert Haas.
Bruce Momjian [Tue, 25 May 2010 14:50:56 +0000 (14:50 +0000)]
Add pg_upgrade docs about binary compatibility, per Robert Haas.

14 years agoAdded a configure test for "long long" datatypes. So far this is only used in ecpg...
Michael Meskes [Tue, 25 May 2010 14:32:55 +0000 (14:32 +0000)]
Added a configure test for "long long" datatypes. So far this is only used in ecpg and replaces the old test that was kind of hackish.

14 years agoAdd Japanese Implementation file to CVS.
Bruce Momjian [Tue, 25 May 2010 02:56:36 +0000 (02:56 +0000)]
Add Japanese Implementation file to CVS.

14 years agoRe-order pg_upgrade 'help' options to be alphabetical.
Bruce Momjian [Tue, 25 May 2010 02:55:58 +0000 (02:55 +0000)]
Re-order pg_upgrade 'help' options to be alphabetical.

14 years agoIn pg_upgrade, test for datallowconn instead of hardcoding template0.
Bruce Momjian [Mon, 24 May 2010 19:52:33 +0000 (19:52 +0000)]
In pg_upgrade, test for datallowconn instead of hardcoding template0.

14 years agoUpdate pg_upgrade docs to show options in alphabetical order, and
Bruce Momjian [Mon, 24 May 2010 17:43:39 +0000 (17:43 +0000)]
Update pg_upgrade docs to show options in alphabetical order, and
improve 8.3 doc limitations paragraph.

14 years agoSplit apart pg_upgrade user lookup and root check so '--help' shows
Bruce Momjian [Mon, 24 May 2010 16:34:35 +0000 (16:34 +0000)]
Split apart pg_upgrade user lookup and root check so '--help' shows
proper default username.

14 years agoissue_warnings() has no business freeing its parameter, especially not when
Tom Lane [Sun, 23 May 2010 16:54:13 +0000 (16:54 +0000)]
issue_warnings() has no business freeing its parameter, especially not when
its sole caller does that too.  Jan Matousek, via Pavel Stehule

14 years agoFix oversight in join removal patch: we have to delete the removed relation
Tom Lane [Sun, 23 May 2010 16:34:38 +0000 (16:34 +0000)]
Fix oversight in join removal patch: we have to delete the removed relation
from SpecialJoinInfo relid sets as well.  Per example from Vaclav Novotny.

14 years agoUnbreak \h; can't do strlen(NULL).
Robert Haas [Fri, 21 May 2010 17:37:44 +0000 (17:37 +0000)]
Unbreak \h; can't do strlen(NULL).

This was broken by the following commmit.  Although the original commit was
backpatched all the way to 7.4, this particular bug exists only in the version
applied to HEAD.

http://archives.postgresql.org/pgsql-committers/2010-05/msg00058.php

14 years agoEcpg now accepts "long long" datatypes even if "long" is 64bit wide. This used to...
Michael Meskes [Thu, 20 May 2010 22:10:46 +0000 (22:10 +0000)]
Ecpg now accepts "long long" datatypes even if "long" is 64bit wide. This used to cover the equally long "long long" type. This patch closes bug #5464.

14 years agoFix index entry for lo_compat_privileges, per bug #5467 from KOIZUMI Satoru.
Tom Lane [Thu, 20 May 2010 20:32:27 +0000 (20:32 +0000)]
Fix index entry for lo_compat_privileges, per bug #5467 from KOIZUMI Satoru.

14 years agoChange the "N. Central Asia Standard Time" timezone to map to
Magnus Hagander [Thu, 20 May 2010 14:13:11 +0000 (14:13 +0000)]
Change the "N. Central Asia Standard Time" timezone to map to
Asia/Novosibirsk on Windows.

Microsoft changed the behaviour of this zone in the timezone update
from KB976098. The zones differ in handling of DST, and the old
zone was just removed.

Noted by Dmitry Funk

14 years agoShow oid2name command-line arguments in documentation like we do for
Bruce Momjian [Thu, 20 May 2010 03:45:38 +0000 (03:45 +0000)]
Show oid2name command-line arguments in documentation like we do for
non-contrib command-line tools (no longer in a single table display).

14 years agoSGML markup cleanup for pg_upgrade.
Bruce Momjian [Wed, 19 May 2010 20:47:18 +0000 (20:47 +0000)]
SGML markup cleanup for pg_upgrade.

14 years agoDoc change: Rename of directory no longer required for pg_migrator 9.0.
Bruce Momjian [Wed, 19 May 2010 20:40:33 +0000 (20:40 +0000)]
Doc change:  Rename of directory no longer required for pg_migrator 9.0.

Alvaro

14 years agopg_upgrade doc cleanup
Bruce Momjian [Wed, 19 May 2010 20:37:03 +0000 (20:37 +0000)]
pg_upgrade doc cleanup

Stefan Kaltenbrunner

14 years agoRestore oid2name doc change.
Bruce Momjian [Wed, 19 May 2010 20:22:05 +0000 (20:22 +0000)]
Restore oid2name doc change.

14 years agoAdd command-line documentation for pg_upgrade.
Bruce Momjian [Wed, 19 May 2010 20:20:38 +0000 (20:20 +0000)]
Add command-line documentation for pg_upgrade.

14 years agoSimplify pg_upgrade queries by using IN instead of multiple OR clauses
Bruce Momjian [Wed, 19 May 2010 18:56:47 +0000 (18:56 +0000)]
Simplify pg_upgrade queries by using IN instead of multiple OR clauses
comparing the same column to multiple values.

14 years agoFor pg_upgrade, update template0's datfrozenxid and its relfrozenxids to
Bruce Momjian [Wed, 19 May 2010 18:27:43 +0000 (18:27 +0000)]
For pg_upgrade, update template0's datfrozenxid and its relfrozenxids to
match the behavior of autovacuum, which does this as the xid advances
even if autovacuum is turned off.

14 years agoRefer to pg_ident.conf as config file for username mapping, as it's
Magnus Hagander [Tue, 18 May 2010 19:05:17 +0000 (19:05 +0000)]
Refer to pg_ident.conf as config file for username mapping, as it's
now used for other things than just ident authentication.

Noted by Stephen Frost

14 years agoUse a 'datallowconn' check for avoiding 'template0', rather than
Bruce Momjian [Tue, 18 May 2010 18:40:51 +0000 (18:40 +0000)]
Use a 'datallowconn' check for avoiding 'template0', rather than
hardcoding a 'template0' check, per suggestion from Alvaro.

This might fix a problem where someone has allowed 'template0'
connections, but it is a cleaner approach even if doesn't fix the
bug.

14 years agoMake pg_upgrade documentation refer to 9.0 instead of 8.4.
Magnus Hagander [Tue, 18 May 2010 15:41:36 +0000 (15:41 +0000)]
Make pg_upgrade documentation refer to 9.0 instead of 8.4.

Fujii Masao

14 years agoFix regression tests to match error message change
Andrew Dunstan [Tue, 18 May 2010 03:35:34 +0000 (03:35 +0000)]
Fix regression tests to match error message change

14 years agoAdd pg_upgrade TESTING files explaining a testing method.
Bruce Momjian [Tue, 18 May 2010 03:26:12 +0000 (03:26 +0000)]
Add pg_upgrade TESTING files explaining a testing method.

14 years agoMove pg_notify() details to a subsection within the NOTIFY reference page.
Robert Haas [Tue, 18 May 2010 02:28:53 +0000 (02:28 +0000)]
Move pg_notify() details to a subsection within the NOTIFY reference page.

This allows the index to reference the pg_notify() subsection specifically,
rather than Notes section of the NOTIFY reference page more generally.

Fujii Masao

14 years agoMake table in example less wide.
Alvaro Herrera [Mon, 17 May 2010 20:50:44 +0000 (20:50 +0000)]
Make table in example less wide.

14 years agoFollow up a visit from the style police.
Andrew Dunstan [Mon, 17 May 2010 19:43:04 +0000 (19:43 +0000)]
Follow up a visit from the style police.

14 years agoClarify plperl subroutine name release notes item, remove now redundant Safe.pm item.
Andrew Dunstan [Mon, 17 May 2010 17:46:13 +0000 (17:46 +0000)]
Clarify plperl subroutine name release notes item, remove now redundant Safe.pm item.

14 years agoInsert line breaks in two places in SQL functions documentation.
Robert Haas [Sun, 16 May 2010 04:35:04 +0000 (04:35 +0000)]
Insert line breaks in two places in SQL functions documentation.

This avoids a formatting problem in the PDF output.  In the HTML output this
isn't necessary, but we've done similar things elsewhere in the documentation
so I think it's OK to do it here, too.  I've refrained from breaking a longish
error message which also causes problems for the PDF output, because that would
make the HTML output look wrong.

Erik Rijkers

14 years agoFix longstanding typo in V1 calling conventions documentation.
Robert Haas [Sun, 16 May 2010 03:55:41 +0000 (03:55 +0000)]
Fix longstanding typo in V1 calling conventions documentation.

Erik Rijkers

14 years agoEnsure that pg_restore -l will output DATABASE entries whether or not -C
Tom Lane [Sat, 15 May 2010 21:41:16 +0000 (21:41 +0000)]
Ensure that pg_restore -l will output DATABASE entries whether or not -C
is specified.  Per bug report from Russell Smith and ensuing discussion.
Since this is a corner case behavioral change, I'm going to be conservative
and not back-patch it.

In passing, also rename the RestoreOptions field for the -C switch to
something less generic than "create".

14 years agoRename PM_RECOVERY_CONSISTENT and PMSIGNAL_RECOVERY_CONSISTENT.
Robert Haas [Sat, 15 May 2010 20:01:32 +0000 (20:01 +0000)]
Rename PM_RECOVERY_CONSISTENT and PMSIGNAL_RECOVERY_CONSISTENT.

The new names PM_HOT_STANDBY and PMSIGNAL_BEGIN_HOT_STANDBY more accurately
reflect their actual function.

14 years agoImprove documentation of pg_restore's -l and -L switches to point out their
Tom Lane [Sat, 15 May 2010 18:11:07 +0000 (18:11 +0000)]
Improve documentation of pg_restore's -l and -L switches to point out their
interactions with filtering switches, such as -n and -t.  Per a complaint
from Russell Smith.

14 years agoSpell __NetBSD__ the same way everywhere. Per Giles Lean.
Tom Lane [Sat, 15 May 2010 14:44:13 +0000 (14:44 +0000)]
Spell __NetBSD__ the same way everywhere.  Per Giles Lean.

14 years agoAdjust pg_upgrade BSD defines for scandir(), per report from Giles Lean
Bruce Momjian [Sat, 15 May 2010 10:21:54 +0000 (10:21 +0000)]
Adjust pg_upgrade BSD defines for scandir(), per report from Giles Lean

14 years agoUse __bsdi__ consistently.
Bruce Momjian [Sat, 15 May 2010 10:14:20 +0000 (10:14 +0000)]
Use __bsdi__ consistently.

14 years agoChange bsdi define to __bsdi__
Bruce Momjian [Sat, 15 May 2010 10:08:28 +0000 (10:08 +0000)]
Change bsdi define to __bsdi__

14 years agoFix typos in comments, spotted by Josh Kupershmidt.
Heikki Linnakangas [Sat, 15 May 2010 09:31:57 +0000 (09:31 +0000)]
Fix typos in comments, spotted by Josh Kupershmidt.

14 years agoFix bug in processing of checkpoint time for max_standby_delay. Latest
Simon Riggs [Sat, 15 May 2010 07:14:43 +0000 (07:14 +0000)]
Fix bug in processing of checkpoint time for max_standby_delay. Latest
log time was incorrectly set, typically leading to dates in the past,
which would cause more cancellations in Hot Standby on a quiet server.

14 years agoWe now accept read-only connections in state PM_RECOVERY_CONSISTENT.
Robert Haas [Fri, 14 May 2010 18:08:33 +0000 (18:08 +0000)]
We now accept read-only connections in state PM_RECOVERY_CONSISTENT.

14 years agoRemove CRs.
Itagaki Takahiro [Fri, 14 May 2010 10:37:02 +0000 (10:37 +0000)]
Remove CRs.

14 years agoAdd many new Asserts in code and fix simple bug that slipped through
Simon Riggs [Fri, 14 May 2010 07:11:49 +0000 (07:11 +0000)]
Add many new Asserts in code and fix simple bug that slipped through
without them, related to previous commit. Report by Bruce Momjian.

14 years agoFix another obvious bug pointed out by a compiler warning.
Tom Lane [Fri, 14 May 2010 00:43:42 +0000 (00:43 +0000)]
Fix another obvious bug pointed out by a compiler warning.

14 years agoRemove another unsafe use of random data as a format string.
Tom Lane [Fri, 14 May 2010 00:39:51 +0000 (00:39 +0000)]
Remove another unsafe use of random data as a format string.

14 years agoGet rid of unsafe sprintf and snprintf usages. Per compiler warnings.
Tom Lane [Fri, 14 May 2010 00:32:21 +0000 (00:32 +0000)]
Get rid of unsafe sprintf and snprintf usages.  Per compiler warnings.

14 years agoSpell __darwin__ correctly, to suppress compiler warning on OSX.
Tom Lane [Fri, 14 May 2010 00:19:46 +0000 (00:19 +0000)]
Spell __darwin__ correctly, to suppress compiler warning on OSX.

14 years agoUse NAMEDATALEN instead of local define.
Bruce Momjian [Fri, 14 May 2010 00:13:38 +0000 (00:13 +0000)]
Use NAMEDATALEN instead of local define.

Modify path separators for Win32.

Per ideas from Takahiro Itagaki

14 years agoRemove all mentions of EnterpriseDB Advanced Server from pg_upgrade;
Bruce Momjian [Thu, 13 May 2010 22:51:00 +0000 (22:51 +0000)]
Remove all mentions of EnterpriseDB Advanced Server from pg_upgrade;
EDB must maintain their own patch set for this.

14 years agoFix up lame idea of not using autoconf to determine if platform has scandir().
Tom Lane [Thu, 13 May 2010 22:07:43 +0000 (22:07 +0000)]
Fix up lame idea of not using autoconf to determine if platform has scandir().
Should fix buildfarm failures.

14 years agoFix MSVC builds for recent plperl changes. Go back to version 8.2, which is
Andrew Dunstan [Thu, 13 May 2010 21:33:00 +0000 (21:33 +0000)]
Fix MSVC builds for recent plperl changes. Go back to version 8.2, which is
where we started supporting MSVC builds.

Security: CVE-2010-1169

14 years agoUpdate release notes with security issues.
Tom Lane [Thu, 13 May 2010 21:26:59 +0000 (21:26 +0000)]
Update release notes with security issues.

Security: CVE-2010-1169, CVE-2010-1170

14 years agoUse an entity instead of non-ASCII letter. Thom Brown
Tom Lane [Thu, 13 May 2010 19:16:14 +0000 (19:16 +0000)]
Use an entity instead of non-ASCII letter.  Thom Brown

14 years agoUse "TOAST table" in place of the vague, not-used-elsewhere phrase
Tom Lane [Thu, 13 May 2010 18:54:18 +0000 (18:54 +0000)]
Use "TOAST table" in place of the vague, not-used-elsewhere phrase
"supplementary storage table".

14 years agoPrevent PL/Tcl from loading the "unknown" module from pltcl_modules unless
Tom Lane [Thu, 13 May 2010 18:29:12 +0000 (18:29 +0000)]
Prevent PL/Tcl from loading the "unknown" module from pltcl_modules unless
that is a regular table or view owned by a superuser.  This prevents a
trojan horse attack whereby any unprivileged SQL user could create such a
table and insert code into it that would then get executed in other users'
sessions whenever they call pltcl functions.

Worse yet, because the code was automatically loaded into both the "normal"
and "safe" interpreters at first use, the attacker could execute unrestricted
Tcl code in the "normal" interpreter without there being any pltclu functions
anywhere, or indeed anyone else using pltcl at all: installing pltcl is
sufficient to open the hole.  Change the initialization logic so that the
"unknown" code is only loaded into an interpreter when the interpreter is
first really used.  (That doesn't add any additional security in this
particular context, but it seems a prudent change, and anyway the former
behavior violated the principle of least astonishment.)

Security: CVE-2010-1170

14 years agoAbandon the use of Perl's Safe.pm to enforce restrictions in plperl, as it is
Andrew Dunstan [Thu, 13 May 2010 16:39:43 +0000 (16:39 +0000)]
Abandon the use of Perl's Safe.pm to enforce restrictions in plperl, as it is
fundamentally insecure. Instead apply an opmask to the whole interpreter that
imposes restrictions on unsafe operations. These restrictions are much harder
to subvert than is Safe.pm, since there is no container to be broken out of.
Backported to release 7.4.

In releases 7.4, 8.0 and 8.1 this also includes the necessary backporting of
the two interpreters model for plperl and plperlu adopted in release 8.2.

In versions 8.0 and up, the use of Perl's POSIX module to undo its locale
mangling on Windows has become insecure with these changes, so it is
replaced by our own routine, which is also faster.

Nice side effects of the changes include that it is now possible to use perl's
"strict" pragma in a natural way in plperl, and that perl's $a and
$b variables now work as expected in sort routines, and that function
compilation is significantly faster.

Tim Bunce and Andrew Dunstan, with reviews from Alex Hunsaker and
Alexey Klyukin.

Security: CVE-2010-1169

14 years agoAssorted fixes to make pg_upgrade build on MSVC.
Magnus Hagander [Thu, 13 May 2010 15:58:15 +0000 (15:58 +0000)]
Assorted fixes to make pg_upgrade build on MSVC.

* There is no chmod() on Windows.
* Must always use the 3-parameter version of open()
* There is no dynloader.h - but it also appears unnecessary on all platforms
* Don't include shlobj.h because it causes compile errors, and from what I can
  see it's not actually used. This may need to be added back for mingw
  and/or cygwin in the worst case.

14 years agoTranslation update
Peter Eisentraut [Thu, 13 May 2010 15:56:43 +0000 (15:56 +0000)]
Translation update

14 years agoProperly support multi-line entires (such as OBJS=) when building
Magnus Hagander [Thu, 13 May 2010 15:56:22 +0000 (15:56 +0000)]
Properly support multi-line entires (such as OBJS=) when building
PROGRAM, not just MODULE, in contrib.

14 years agoComment out EnterpriseDB Advanced Server mention in SGML docs.
Bruce Momjian [Thu, 13 May 2010 15:03:24 +0000 (15:03 +0000)]
Comment out EnterpriseDB Advanced Server mention in SGML docs.

14 years agoAvoid error from mkdir if no languages are to be installed
Peter Eisentraut [Thu, 13 May 2010 14:35:28 +0000 (14:35 +0000)]
Avoid error from mkdir if no languages are to be installed

mkinstalldirs used to handle no arguments, but mkdir doesn't.

Also remove the .SILENT setting, that was previously removed from
Makefile.global as well.

14 years agoFix some spelling errors.
Magnus Hagander [Thu, 13 May 2010 14:16:41 +0000 (14:16 +0000)]
Fix some spelling errors.

Thom Brown

14 years agoAdd missing library and include support for pg_upgrade to MSVC build system.
Andrew Dunstan [Thu, 13 May 2010 13:40:03 +0000 (13:40 +0000)]
Add missing library and include support for pg_upgrade to MSVC build system.

14 years agoFix HISTORY.html build using </link>, not </>.
Bruce Momjian [Thu, 13 May 2010 12:47:50 +0000 (12:47 +0000)]
Fix HISTORY.html build using </link>, not </>.

14 years agoFix vpath installation from distribution tarball (bug #5447)
Peter Eisentraut [Thu, 13 May 2010 11:49:48 +0000 (11:49 +0000)]
Fix vpath installation from distribution tarball (bug #5447)

14 years agoEnsure that top level aborts call XLogSetAsyncCommit(). Not doing
Simon Riggs [Thu, 13 May 2010 11:39:30 +0000 (11:39 +0000)]
Ensure that top level aborts call XLogSetAsyncCommit(). Not doing
so simply leads to data waiting in wal_buffers which then causes
later commits to potentially do emergency writes and for all forms
of replication to be potentially delayed without need or benefit.
Issue pointed out exactly by Fujii Masao, following bug report
by Robert Haas on a separate though related topic.

14 years agoCleanup initialization of Hot Standby. Clarify working with reanalysis
Simon Riggs [Thu, 13 May 2010 11:15:38 +0000 (11:15 +0000)]
Cleanup initialization of Hot Standby. Clarify working with reanalysis
of requirements and documentation on LogStandbySnapshot(). Fixes
two minor bugs reported by Tom Lane that would lead to an incorrect
snapshot after transaction wraparound. Also fix two other problems
discovered that would give incorrect snapshots in certain cases.
ProcArrayApplyRecoveryInfo() substantially rewritten. Some minor
refactoring of xact_redo_apply() and ExpireTreeKnownAssignedTransactionIds().

14 years agoFix wrong subdir. Per buildfarm.
Tom Lane [Thu, 13 May 2010 05:17:16 +0000 (05:17 +0000)]
Fix wrong subdir.  Per buildfarm.

14 years agoUpdate release notes to current.
Bruce Momjian [Thu, 13 May 2010 01:57:01 +0000 (01:57 +0000)]
Update release notes to current.

14 years agoMove pg_upgrade shared library out into its own /contrib directory
Bruce Momjian [Thu, 13 May 2010 01:03:01 +0000 (01:03 +0000)]
Move pg_upgrade shared library out into its own /contrib directory
(pg_upgrade_support).

14 years agoUpdate comment about why postmaster doesn't get an icon.
Bruce Momjian [Wed, 12 May 2010 23:48:36 +0000 (23:48 +0000)]
Update comment about why postmaster doesn't get an icon.

14 years agoPreliminary release notes for releases 8.4.4, 8.3.11, 8.2.17, 8.1.21, 8.0.25,
Tom Lane [Wed, 12 May 2010 23:20:49 +0000 (23:20 +0000)]
Preliminary release notes for releases 8.4.4, 8.3.11, 8.2.17, 8.1.21, 8.0.25,
7.4.29.

14 years agoRemove Makefile PGFILEDESC tag that the postmaster is an executable.
Bruce Momjian [Wed, 12 May 2010 21:42:21 +0000 (21:42 +0000)]
Remove Makefile PGFILEDESC tag that the postmaster is an executable.

14 years agoGive most recovery conflict errors a retryable error code. From recent
Simon Riggs [Wed, 12 May 2010 19:45:02 +0000 (19:45 +0000)]
Give most recovery conflict errors a retryable error code. From recent
requests and discussions with Yeb Havinga and Kevin Grittner.

14 years agoHook pg_upgrade into the contrib makefile structure so it gets built
Tom Lane [Wed, 12 May 2010 16:50:58 +0000 (16:50 +0000)]
Hook pg_upgrade into the contrib makefile structure so it gets built
on the buildfarm.

14 years agoUpdate config.guess and config.sub
Peter Eisentraut [Wed, 12 May 2010 16:50:57 +0000 (16:50 +0000)]
Update config.guess and config.sub

14 years agoClean up unnecessary unportability and compiler warnings by removing the
Tom Lane [Wed, 12 May 2010 16:50:00 +0000 (16:50 +0000)]
Clean up unnecessary unportability and compiler warnings by removing the
cmp parameter for pg_scandir().  The code failed to support this anyway
for Sun/Windows, so pretending we could accept a parameter other than
NULL was just asking for trouble.

14 years agoMove pg_upgrade TODO to TODO wiki.
Bruce Momjian [Wed, 12 May 2010 13:59:21 +0000 (13:59 +0000)]
Move pg_upgrade TODO to TODO wiki.