]>
granicus.if.org Git - pgbouncer/log
Marko Kreen [Tue, 26 Jan 2016 20:39:29 +0000 (22:39 +0200)]
Upgrade libusual
Marko Kreen [Mon, 25 Jan 2016 12:09:35 +0000 (14:09 +0200)]
Clean allocated memory on exit.
Helps to track potential memory leaks.
Marko Kreen [Mon, 25 Jan 2016 12:08:42 +0000 (14:08 +0200)]
Upgrade libevent
Marko Kreen [Mon, 25 Jan 2016 12:05:19 +0000 (14:05 +0200)]
hba_test: include usual/event.h
Helps to build without real libevent.
Marko Kreen [Mon, 25 Jan 2016 11:00:37 +0000 (13:00 +0200)]
Freeing db may leak host.
Marko Kreen [Mon, 25 Jan 2016 10:53:22 +0000 (12:53 +0200)]
test: make asynctest.c compile again
Marko Kreen [Fri, 18 Dec 2015 18:02:12 +0000 (20:02 +0200)]
v1.7
Marko Kreen [Fri, 4 Dec 2015 13:25:47 +0000 (15:25 +0200)]
Merge pull request #85 from doismellburning/feature/gitignore-tests
.gitignore various test files/dirs
Marko Kreen [Fri, 4 Dec 2015 13:15:10 +0000 (15:15 +0200)]
Add no-dep rule to create manpages if missing.
For building from git where manpages are missing.
Fixes: #82, #94
Marko Kreen [Fri, 4 Dec 2015 12:55:03 +0000 (14:55 +0200)]
hba: initialize struct before opening file
Otherwise is can crash when walking uninitialized list.
Fixes: #95
Marko Kreen [Fri, 4 Dec 2015 10:14:03 +0000 (12:14 +0200)]
sbuf: improved sbuf_loopcnt logic
Simple early exit won't work for TLS as all data
may be in libssl buffers and no network wakeup is coming.
Use special-case event_add() with timeout for postponing.
It might be even improve non-tls case as there could
be specific buffers lengths when even that does
postponing while nothing is coming from network.
Marko Kreen [Thu, 3 Dec 2015 18:53:13 +0000 (20:53 +0200)]
tls: avoid recursive socket loop
TLS handshake may happen immediately without
going though libevent poll. (Loaded CPU with fast
network - local testing). This will lead to
sbuf_main_loop
->sbuf_tls_connect
->SBUF_EV_TLS_READY
->sbuf_continue
->sbuf_main_loop
call which finally end up in sbuf_send_pending()
running on JUSTFREE socket which crashes.
To improve things:
* Always perform sbuf_pause before handshake.
Otherwise sbuf_continue can be called on
unpaused socket.
* Move actual handshake out from from sbuf_tls_* functions
to avoid recursive sbuf_main_loop().
Fixes: #97
Marko Kreen [Thu, 3 Dec 2015 18:51:15 +0000 (20:51 +0200)]
configure: make plain --with-cares work
Marko Kreen [Tue, 10 Nov 2015 18:59:26 +0000 (20:59 +0200)]
Build on win32
Marko Kreen [Tue, 10 Nov 2015 18:08:15 +0000 (20:08 +0200)]
Update news
Marko Kreen [Tue, 10 Nov 2015 18:08:08 +0000 (20:08 +0200)]
Update authors
Marko Kreen [Mon, 9 Nov 2015 13:08:34 +0000 (15:08 +0200)]
readme: add links to CVE-s
Marko Kreen [Sun, 8 Nov 2015 10:36:33 +0000 (12:36 +0200)]
Increase pkt_buf to 4k
Apparently (#87) TLS performs better with larger buffer.
The behaviour is probably load-specific, but it should be
safe to do as since v1.2 the packet buffers are split
from connections and used lazily from pool.
In fact the pkt_buf should have been increased in v1.2.
Marko Kreen [Fri, 6 Nov 2015 17:56:10 +0000 (19:56 +0200)]
Postpone change of expect_rfq_count
When changed too early and client socket is paused,
then packet will processed again when socket is woken
up and expect_rfq_count will be too high.
Marko Kreen [Tue, 3 Nov 2015 10:44:46 +0000 (12:44 +0200)]
Import ssl test data into git
Marko Kreen [Tue, 3 Nov 2015 10:41:02 +0000 (12:41 +0200)]
Merge remote-tracking branch 'main/master'
Marko Kreen [Mon, 2 Nov 2015 18:39:44 +0000 (20:39 +0200)]
v1.7rc1
Marko Kreen [Mon, 2 Nov 2015 18:53:19 +0000 (20:53 +0200)]
Add missing files to 'make dist'
Marko Kreen [Mon, 2 Nov 2015 16:11:09 +0000 (18:11 +0200)]
Update libusual
Kristian Glass [Mon, 26 Oct 2015 21:32:00 +0000 (21:32 +0000)]
.gitignore various test files/dirs
Petr Jelinek [Sun, 18 Oct 2015 03:11:44 +0000 (05:11 +0200)]
Merge pull request #76 from ChristophBerg/patch-1
Fix typo in pgbouncer.ini
Marko Kreen [Mon, 12 Oct 2015 07:44:18 +0000 (10:44 +0300)]
Merge remote-tracking branch 'main/master'
Marko Kreen [Mon, 12 Oct 2015 07:43:38 +0000 (10:43 +0300)]
Merge pull request #80 from sammcj/master
Document version requirement for hba auth_type
Sam [Sun, 11 Oct 2015 23:17:37 +0000 (10:17 +1100)]
Document version requirement for hba auth_type
Relates to:
* https://github.com/pgbouncer/pgbouncer/issues/77
* https://github.com/pgbouncer/pgbouncer/issues/70
Christoph Berg [Wed, 7 Oct 2015 13:08:08 +0000 (15:08 +0200)]
Fix typo in pgbouncer.ini
Marko Kreen [Tue, 15 Sep 2015 21:14:21 +0000 (00:14 +0300)]
Sync with TLS API changes
Marko Kreen [Thu, 3 Sep 2015 20:04:15 +0000 (23:04 +0300)]
Update news
Marko Kreen [Thu, 3 Sep 2015 14:17:41 +0000 (17:17 +0300)]
Set query_wait_timeout to 120s by default.
Current default (0) causes infinite queuing,
which is not useful.
Fixes: #46, #48
Marko Kreen [Thu, 3 Sep 2015 14:17:27 +0000 (17:17 +0300)]
Update todo
Marko Kreen [Thu, 3 Sep 2015 13:05:59 +0000 (16:05 +0300)]
test.sh: add tests for auth_user
Marko Kreen [Thu, 3 Sep 2015 12:21:24 +0000 (15:21 +0300)]
Remove too early set of auth_user
When query returns 0 rows (user not found),
this user stays as login user...
Should fix #69.
Marko Kreen [Thu, 3 Sep 2015 12:20:52 +0000 (15:20 +0300)]
Fix server_reset_query_always declaration
Marko Kreen [Wed, 2 Sep 2015 13:04:43 +0000 (16:04 +0300)]
Sync libusual
Marko Kreen [Mon, 31 Aug 2015 16:58:06 +0000 (19:58 +0300)]
server_reset_query_always
Do not use server_reset_query for non-session pools.
New setting `server_reset_query_always` to restore
old behaviour. 1.6 will also have this setting
but with different default perhaps.
Marko Kreen [Mon, 31 Aug 2015 16:33:03 +0000 (19:33 +0300)]
Merge remote-tracking branch 'main/master'
Marko Kreen [Mon, 31 Aug 2015 16:31:28 +0000 (19:31 +0300)]
console: Fill auth_user when auth_type=any.
Otherwise logging can crash (#67).
Marko Kreen [Mon, 31 Aug 2015 16:26:20 +0000 (19:26 +0300)]
Sync again
Marko Kreen [Sun, 23 Aug 2015 16:19:25 +0000 (19:19 +0300)]
Merge pull request #65 from bobpoekert/master
Fix typo in comment in loader.c
Bob Poekert [Sun, 23 Aug 2015 15:38:44 +0000 (08:38 -0700)]
Fix typo in comment in loader.c
Marko Kreen [Sun, 23 Aug 2015 13:11:22 +0000 (16:11 +0300)]
Sync tls changes
Marko Kreen [Thu, 20 Aug 2015 18:04:54 +0000 (21:04 +0300)]
Remove pointless cf_auth_type check
Marko Kreen [Thu, 20 Aug 2015 16:58:26 +0000 (19:58 +0300)]
Fix password/md5 auth.
Password auth ignored auth method calculated by HBA.
Fixes: #64
Marko Kreen [Thu, 20 Aug 2015 09:10:55 +0000 (12:10 +0300)]
Import tls changes
Marko Kreen [Sat, 8 Aug 2015 19:21:47 +0000 (22:21 +0300)]
todo: fix syntax
Marko Kreen [Sat, 8 Aug 2015 18:15:05 +0000 (21:15 +0300)]
todo: pool_mode=tx vs. server_reset_query
Marko Kreen [Sat, 8 Aug 2015 09:56:27 +0000 (12:56 +0300)]
test.sh: simpler sed expression
Marko Kreen [Sat, 8 Aug 2015 09:54:38 +0000 (12:54 +0300)]
Support pipelining - count expected ReadyForQuery packets.
This avoids releasing server too early.
Should fix #44 and #52.
Marko Kreen [Sat, 8 Aug 2015 09:21:52 +0000 (12:21 +0300)]
handle_client_work - move logic out of switch
Marko Kreen [Fri, 7 Aug 2015 19:18:17 +0000 (22:18 +0300)]
auth code cleanup
Marko Kreen [Fri, 7 Aug 2015 17:16:59 +0000 (20:16 +0300)]
Remove crypt auth.
Highly obsolete.
Marko Kreen [Fri, 7 Aug 2015 16:35:12 +0000 (19:35 +0300)]
doc: remove converted files
Marko Kreen [Thu, 6 Aug 2015 20:52:12 +0000 (23:52 +0300)]
Fix makefile, add 'htmls' target to see rst as html
Marko Kreen [Thu, 6 Aug 2015 20:50:56 +0000 (23:50 +0300)]
doc: convert readme & todo also to rst
Now they look good directly on github.
Marko Kreen [Thu, 6 Aug 2015 18:23:47 +0000 (21:23 +0300)]
test.sh: dont re-exec, use bash directly
Marko Kreen [Thu, 6 Aug 2015 18:17:39 +0000 (21:17 +0300)]
Merge remote-tracking branch 'main/master'
Marko Kreen [Thu, 6 Aug 2015 18:17:11 +0000 (21:17 +0300)]
Merge pull request #62 from eradman/master
Adapt system tests to work with modern BSD and MacOS
Marko Kreen [Thu, 6 Aug 2015 17:03:11 +0000 (20:03 +0300)]
news: fix makefile, mention 1.5.5
Marko Kreen [Thu, 6 Aug 2015 16:59:50 +0000 (19:59 +0300)]
Convert NEWS to rst, then it's usable in web too.
Eric Radman [Thu, 6 Aug 2015 16:00:43 +0000 (12:00 -0400)]
Adapt system tests to work with modern BSD and MacOS
- Replace `seq a b` with {a..b}, and auto-upgrade to bash if shell does
not support range expansion (DASH on Ubuntu)
- Replace ipfw with pf; (MacOS 10.7+, *BSD)
- Replace `echo -n` with `printf` (MacOS)
- Change to test directory before starting
- Provide aproximate compatibility between MacOS and Linux options for
sed and nc
- Auto-populate userlist.txt
Tested on MacOS 10.10, Ubuntu 14, OpenBSD 5.7
Marko Kreen [Thu, 6 Aug 2015 13:16:18 +0000 (16:16 +0300)]
Skip NoticeResponce in handle_auth_response.
Otherwise verbose log levels cause auth failures.
Marko Kreen [Thu, 6 Aug 2015 12:46:06 +0000 (15:46 +0300)]
Import TLS fixes.
Marko Kreen [Wed, 5 Aug 2015 17:22:39 +0000 (20:22 +0300)]
doc: remove faq & overview - they are on web now
its annoying to maintain things in two places
Marko Kreen [Wed, 5 Aug 2015 15:04:38 +0000 (18:04 +0300)]
doc: more fixes
Marko Kreen [Wed, 5 Aug 2015 15:00:01 +0000 (18:00 +0300)]
doc: markup cleanups
pandoc does not support +x+
Marko Kreen [Wed, 5 Aug 2015 14:54:26 +0000 (17:54 +0300)]
doc: remove `` tags around deflists keys, not needed anymore
Marko Kreen [Wed, 5 Aug 2015 14:50:13 +0000 (17:50 +0300)]
doc: consistent ws spacing for deflists
Marko Kreen [Wed, 5 Aug 2015 11:49:29 +0000 (14:49 +0300)]
doc: use rst2man for manpages
Although Asciidoc has nice markup and nice output,
it depends on DocBook & TeX, which makes it rather
annoying to have around.
Website is now based on Markdown, but it's not fit for
manpage conversion - not enough syntax. It is really
meant for only HTML production, as it expect HTML fallbacks
for anything.
So use rst2man for manpages, it makes docs readable on github
too and via some hacks can be converted to markdown.
Marko Kreen [Tue, 4 Aug 2015 20:57:39 +0000 (23:57 +0300)]
tls: Use "fast" as default cipher shortcut.
This keeps pgbouncer clean of magic spells for OpenSSL...
Marko Kreen [Tue, 4 Aug 2015 20:57:11 +0000 (23:57 +0300)]
Docs for TLS & HBA features.
Marko Kreen [Mon, 3 Aug 2015 21:05:24 +0000 (00:05 +0300)]
Bump version to 1.7dev
Marko Kreen [Mon, 3 Aug 2015 18:58:23 +0000 (21:58 +0300)]
Support pg_hba.conf-style syntax
Also add peer auth.
Main reason to have it is that unix and tcp connections may
want different auth and configuring it in plain .ini is pain.
As a bonus it provides ip-based filtering too.
No username mapping yet though.
Marko Kreen [Mon, 3 Aug 2015 18:56:43 +0000 (21:56 +0300)]
tls: Test scripts
Todo: merge with main test.sh
Marko Kreen [Mon, 3 Aug 2015 18:55:49 +0000 (21:55 +0300)]
tls: Auth based on client certs, some login code cleanups
Marko Kreen [Mon, 3 Aug 2015 18:54:49 +0000 (21:54 +0300)]
Support TLS connections.
Marko Kreen [Mon, 3 Aug 2015 18:52:48 +0000 (21:52 +0300)]
sbuf: Move i/o operations to callbacks.
Preparation for TLS.
Petr Jelinek [Sat, 1 Aug 2015 10:35:11 +0000 (12:35 +0200)]
v1.6
Petr Jelinek [Sat, 1 Aug 2015 10:32:54 +0000 (12:32 +0200)]
Update AUTHORS - remove myself from contributors.
Maintainers don't belong to contributors list.
Petr Jelinek [Sat, 1 Aug 2015 10:26:19 +0000 (12:26 +0200)]
Document the include directive
Marko Kreen [Fri, 31 Jul 2015 13:13:18 +0000 (16:13 +0300)]
Update NEWS again
Marko Kreen [Fri, 31 Jul 2015 13:08:29 +0000 (16:08 +0300)]
Disable server_idle_timeout when server count gets below min_pool (#60)
Marko Kreen [Fri, 31 Jul 2015 12:11:55 +0000 (15:11 +0300)]
Change application_name_add_host default to 'off'
It can have effect on performance, so it seems it should not
be on by default, especially as it applies to all connections,
not only those that do use application_name from client.
Marko Kreen [Fri, 31 Jul 2015 11:51:29 +0000 (14:51 +0300)]
News update again
Marko Kreen [Fri, 31 Jul 2015 11:32:20 +0000 (14:32 +0300)]
Merge pull request #49 from eulerto/coverity
Fix errors detected by Coverity.
Marko Kreen [Fri, 31 Jul 2015 10:45:07 +0000 (13:45 +0300)]
Update AUTHORS, new maintainer: Petr Jelinek
Big cheer to Petr who agreed to help maintain PgBouncer!
Marko Kreen [Fri, 31 Jul 2015 10:44:54 +0000 (13:44 +0300)]
Update NEWS
Marko Kreen [Fri, 31 Jul 2015 10:34:16 +0000 (13:34 +0300)]
Upgrade libusual
Marko Kreen [Fri, 31 Jul 2015 09:55:44 +0000 (12:55 +0300)]
test.sh; sync with 9.4, make more robust
Marko Kreen [Fri, 31 Jul 2015 10:08:03 +0000 (13:08 +0300)]
Wait for client header during login (#53)
It's bit complicated as during login there are both
V2 (8-byte) and V3 (5-byte) headers. And it's possible
for V3 packet to be smaller than 8 bytes.
To keep things becoming too messy, avoid looking at state
and just accept both headers always. Like get_header()
does already.
For consistency, apply same logic to server connections too.
Marko Kreen [Mon, 27 Jul 2015 11:50:47 +0000 (14:50 +0300)]
c-style: More consistent brace usage
Use more braces in places where statement boundaries are
not obvious at glance.
Marko Kreen [Fri, 31 Jul 2015 09:10:31 +0000 (12:10 +0300)]
doc: add missing options to sample config
Marko Kreen [Mon, 27 Jul 2015 08:57:24 +0000 (11:57 +0300)]
doc: missing vars
Marko Kreen [Mon, 27 Jul 2015 08:34:26 +0000 (11:34 +0300)]
etc/optscan.sh - show undocumented options
PJMODOS [Sun, 14 Jun 2015 00:58:20 +0000 (02:58 +0200)]
Merge pull request #47 from olshevskiy87/t.1
Fix spelling mistakes, part 2
PJMODOS [Sun, 14 Jun 2015 00:57:35 +0000 (02:57 +0200)]
Merge pull request #45 from olshevskiy87/patch-1
Fix spelling mistake
Euler Taveira [Thu, 30 Apr 2015 15:21:21 +0000 (12:21 -0300)]
There is a typo while checking for error.
Spotted by Coverity.