]> granicus.if.org Git - pgbouncer/log
pgbouncer
7 years agoFree user_name and db_name in hba rule_free to avoid memory leak on hba file reload
secwall [Sat, 10 Jun 2017 10:45:35 +0000 (13:45 +0300)]
Free user_name and db_name in hba rule_free to avoid memory leak on hba file reload

7 years agoMerge pull request #178 from marco44/master
Petr Jelinek [Tue, 24 Jan 2017 19:59:13 +0000 (20:59 +0100)]
Merge pull request #178 from marco44/master

Add paused and disabled field to the SHOW DATABASES command

7 years agoAdd paused and disabled field on the show databases command
Marc Cousin [Tue, 24 Jan 2017 15:25:54 +0000 (16:25 +0100)]
Add paused and disabled field on the show databases command

7 years agoMerge pull request #157 from anayrat/master
Marko Kreen [Tue, 27 Dec 2016 15:06:38 +0000 (17:06 +0200)]
Merge pull request #157 from anayrat/master

Mention auth_user in pgbouncer.ini example

7 years agoMerge pull request #171 from macobo/patch-1
Marko Kreen [Tue, 27 Dec 2016 14:43:08 +0000 (16:43 +0200)]
Merge pull request #171 from macobo/patch-1

Improve build instructions

7 years agodoc: auth_query - mention that function is run in target db
Marko Kreen [Tue, 20 Dec 2016 10:39:25 +0000 (12:39 +0200)]
doc: auth_query - mention that function is run in target db

7 years agoUpgrade libusual
Marko Kreen [Sat, 17 Dec 2016 11:10:04 +0000 (13:10 +0200)]
Upgrade libusual

Mainly to get OpenSSL 1.1 fixes

Fixes: #159
7 years agoImprove build instructions
Karl-Aksel Puulmann [Fri, 16 Dec 2016 12:15:13 +0000 (14:15 +0200)]
Improve build instructions

Ran into this when building a docker image.

7 years agoMerge branch 'master' of https://github.com/pgbouncer/pgbouncer
Marko Kreen [Tue, 6 Dec 2016 16:57:44 +0000 (18:57 +0200)]
Merge branch 'master' of https://github.com/pgbouncer/pgbouncer

7 years agoconsole: change server_encoding to UTF8 from SQL_ASCII
Marko Kreen [Tue, 6 Dec 2016 16:42:22 +0000 (18:42 +0200)]
console: change server_encoding to UTF8 from SQL_ASCII

cannot see any benefit of keeping SQL_ASCII around here.

7 years agoconsole: use UTF8 instead UNICODE as client_encoding
Marko Kreen [Tue, 6 Dec 2016 16:40:25 +0000 (18:40 +0200)]
console: use UTF8 instead UNICODE as client_encoding

Seems UTF8 is proper encoding and UNICODE is alias.
Java JDBC driver gets confused by UNICODE.

Fixes: #165
7 years agoMerge pull request #137 from waldyrious/patch-1
Marko Kreen [Mon, 5 Dec 2016 15:37:44 +0000 (17:37 +0200)]
Merge pull request #137 from waldyrious/patch-1

add license title

7 years agoMerge pull request #162 from mhagander/typofix
Marko Kreen [Mon, 5 Dec 2016 15:27:36 +0000 (17:27 +0200)]
Merge pull request #162 from mhagander/typofix

Fix typo

7 years agoFix typo
Magnus Hagander [Tue, 15 Nov 2016 13:45:46 +0000 (14:45 +0100)]
Fix typo

8 years agoMerge pull request #147 from cpatru/issue-141
Petr Jelinek [Mon, 7 Nov 2016 18:19:02 +0000 (19:19 +0100)]
Merge pull request #147 from cpatru/issue-141

Don't send ReadyForQuery on main_connection for CancelQuery requests

8 years agoMention auth_user in pgbouncer.ini example
anayrat [Thu, 27 Oct 2016 08:27:53 +0000 (10:27 +0200)]
Mention auth_user in pgbouncer.ini example

8 years agoDon't send ReadyForQuery on main_connection as it may cause clients to get out of...
cpatru [Wed, 14 Sep 2016 17:17:40 +0000 (18:17 +0100)]
Don't send ReadyForQuery on main_connection as it may cause clients to get out of sync.

8 years agoMerge pull request #155 from mhagander/pam_thread_fix
Petr Jelinek [Tue, 25 Oct 2016 15:44:48 +0000 (17:44 +0200)]
Merge pull request #155 from mhagander/pam_thread_fix

Make pam_init happen in the child process when forking

8 years agoMake pam_init happen in the child process when forking
Magnus Hagander [Tue, 25 Oct 2016 15:12:49 +0000 (17:12 +0200)]
Make pam_init happen in the child process when forking

Previously, pam_init would happen in the master process that then
quickly died, rendering pam authentication inoperative.

8 years agoadd license title
Waldir Pimenta [Fri, 1 Jul 2016 17:36:59 +0000 (18:36 +0100)]
add license title

It's not strictly required, but it's useful metadata, and part of the recommended license template text (see http://choosealicense.com/licenses/isc/ and https://opensource.org/licenses/isc-license)

8 years agoAdd PAM authentication support
Ilya Staheev [Mon, 21 Mar 2016 16:29:08 +0000 (17:29 +0100)]
Add PAM authentication support

Adds support for PAM authentication. Since PAM API is synchronous, this
patch introduces PAM authentication thread which processes the
authentication requests in backgrouns so that the normal poll operations
of the main thread are not blocked.

This feature is turned off by default and has to be enabled by
--with-pam configure parameter.

Author: Ilya Staheev
Reviewed by Marko Kreen and Petr Jelinek

8 years agohba: Skip unparseable lines, keep parsing to the end.
Marko Kreen [Mon, 14 Mar 2016 10:09:07 +0000 (12:09 +0200)]
hba: Skip unparseable lines, keep parsing to the end.

Rejecting whole HBA file on failure seems bad usability.

Show warning but keep parsing.

Fixes #118

8 years agotls: reject client TLS request on unix socket
Marko Kreen [Sat, 12 Mar 2016 12:31:26 +0000 (14:31 +0200)]
tls: reject client TLS request on unix socket

8 years agotls: do not ask TLS on unix socket
Marko Kreen [Sat, 12 Mar 2016 12:12:18 +0000 (14:12 +0200)]
tls: do not ask TLS on unix socket

8 years agov1.7.2 pgbouncer_1_7_2
Marko Kreen [Fri, 26 Feb 2016 11:53:32 +0000 (13:53 +0200)]
v1.7.2

8 years agodeb: turn on full hardening, needs v9 dh
Marko Kreen [Fri, 26 Feb 2016 10:24:19 +0000 (12:24 +0200)]
deb: turn on full hardening, needs v9 dh

8 years agoSort tarball files too, just in case.
Marko Kreen [Fri, 26 Feb 2016 08:57:03 +0000 (10:57 +0200)]
Sort tarball files too, just in case.

8 years agoDisable cleanup.
Marko Kreen [Fri, 26 Feb 2016 08:13:50 +0000 (10:13 +0200)]
Disable cleanup.

Not useful for production loads, only for debugging.

8 years agoRevert "Skip cleanup if there is takeover"
Marko Kreen [Thu, 25 Feb 2016 18:52:39 +0000 (20:52 +0200)]
Revert "Skip cleanup if there is takeover"

This reverts commit 7c03a6c8f8d9ffcc3f0152e74c629213487b6d64.

8 years agoSkip cleanup if there is takeover
Marko Kreen [Wed, 24 Feb 2016 19:15:15 +0000 (21:15 +0200)]
Skip cleanup if there is takeover

8 years agoShow TLS backend version
Marko Kreen [Wed, 24 Feb 2016 18:28:59 +0000 (20:28 +0200)]
Show TLS backend version

8 years agoSync libusual
Marko Kreen [Wed, 24 Feb 2016 18:28:46 +0000 (20:28 +0200)]
Sync libusual

8 years agotakeover: wait for pidfile to go away
Marko Kreen [Wed, 24 Feb 2016 18:12:28 +0000 (20:12 +0200)]
takeover: wait for pidfile to go away

8 years agoMissing var declaration.
Marko Kreen [Wed, 24 Feb 2016 17:58:31 +0000 (19:58 +0200)]
Missing var declaration.

8 years agoSync libusual
Marko Kreen [Tue, 23 Feb 2016 10:08:41 +0000 (12:08 +0200)]
Sync libusual

8 years agoProper stale pidfile handling in check_pidfile.
Marko Kreen [Tue, 23 Feb 2016 09:20:43 +0000 (11:20 +0200)]
Proper stale pidfile handling in check_pidfile.

- Don't use remove_pidfile as that also frees value.
- Check for error, exit if failed.

8 years agoMerge remote-tracking branch 'main/master'
Marko Kreen [Tue, 23 Feb 2016 09:03:44 +0000 (11:03 +0200)]
Merge remote-tracking branch 'main/master'

8 years agoAlways check for NULL cf_pidfile
Marko Kreen [Mon, 22 Feb 2016 08:20:55 +0000 (10:20 +0200)]
Always check for NULL cf_pidfile

It is used before config is loaded.

8 years agoMerge pull request #112 from credativ/reproducible
Marko Kreen [Sun, 21 Feb 2016 15:53:30 +0000 (17:53 +0200)]
Merge pull request #112 from credativ/reproducible

Make build reproducible by dropping DBGVER handling

8 years agoMake build reproducible by dropping DBGVER handling
Christoph Berg [Sun, 21 Feb 2016 14:35:18 +0000 (15:35 +0100)]
Make build reproducible by dropping DBGVER handling

Debian wants debug symbols for all builds (the binaries are stripped by
debhelper's dh_strip), but the "(compiled by...)" information added for
debug builds defeats the goal to make builds reproducible on the binary
level. Fix by dropping the DBGVER information which doesn't serve any
purpose if the build output is byte-identical on rebuild.

https://wiki.debian.org/ReproducibleBuilds

8 years agov1.7.1 pgbouncer_1_7_1
Marko Kreen [Thu, 18 Feb 2016 16:56:47 +0000 (18:56 +0200)]
v1.7.1

8 years agodoc: improve auth_user docs
Marko Kreen [Thu, 18 Feb 2016 16:36:42 +0000 (18:36 +0200)]
doc: improve auth_user docs

8 years agodoc: fix manpage section
Marko Kreen [Thu, 18 Feb 2016 16:35:53 +0000 (18:35 +0200)]
doc: fix manpage section

8 years agotodo cleanup
Marko Kreen [Thu, 18 Feb 2016 16:35:34 +0000 (18:35 +0200)]
todo cleanup

8 years agolibusual: sync, change url
Marko Kreen [Wed, 17 Feb 2016 15:54:22 +0000 (17:54 +0200)]
libusual: sync, change url

8 years agoSync libusual
Marko Kreen [Mon, 15 Feb 2016 07:18:36 +0000 (09:18 +0200)]
Sync libusual

8 years agoAdd TLS options to sample config file.
Marko Kreen [Sun, 14 Feb 2016 11:57:05 +0000 (13:57 +0200)]
Add TLS options to sample config file.

8 years agooptscan: fix doc path
Marko Kreen [Sun, 14 Feb 2016 11:56:28 +0000 (13:56 +0200)]
optscan: fix doc path

8 years agoRename sslmode "disabled" to "disable" as in libpq
Marko Kreen [Sun, 14 Feb 2016 11:55:15 +0000 (13:55 +0200)]
Rename sslmode "disabled" to "disable" as in libpq

8 years agosbuf: remove unused function
Marko Kreen [Sun, 14 Feb 2016 11:32:16 +0000 (13:32 +0200)]
sbuf: remove unused function

8 years agoSync libusual
Marko Kreen [Fri, 12 Feb 2016 13:35:03 +0000 (15:35 +0200)]
Sync libusual

8 years agoFix some format warnings under win64
Marko Kreen [Fri, 12 Feb 2016 13:34:41 +0000 (15:34 +0200)]
Fix some format warnings under win64

8 years agotags: look deeper under libusual
Marko Kreen [Fri, 12 Feb 2016 13:34:11 +0000 (15:34 +0200)]
tags: look deeper under libusual

8 years agodoc: Improve server_reset_query description
Marko Kreen [Wed, 10 Feb 2016 18:08:16 +0000 (20:08 +0200)]
doc: Improve server_reset_query description

Based on feedback in #110

Also remove obsolete suggestion for pre-8.3 postgres.

8 years agosbuf: in varify-ca/full checking should not be optional
Marko Kreen [Wed, 3 Feb 2016 10:35:09 +0000 (12:35 +0200)]
sbuf: in varify-ca/full checking should not be optional

8 years agoUpdate libusual
Marko Kreen [Wed, 3 Feb 2016 10:26:26 +0000 (12:26 +0200)]
Update libusual

8 years agocleanup: proparly free autodbs
Marko Kreen [Tue, 26 Jan 2016 20:52:08 +0000 (22:52 +0200)]
cleanup: proparly free autodbs

8 years agosbuf: define handle_tls_handshake for non-tls build
Marko Kreen [Tue, 26 Jan 2016 20:39:44 +0000 (22:39 +0200)]
sbuf: define handle_tls_handshake for non-tls build

Fixes: #101
8 years agoUpgrade libusual
Marko Kreen [Tue, 26 Jan 2016 20:39:29 +0000 (22:39 +0200)]
Upgrade libusual

8 years agoClean allocated memory on exit.
Marko Kreen [Mon, 25 Jan 2016 12:09:35 +0000 (14:09 +0200)]
Clean allocated memory on exit.

Helps to track potential memory leaks.

8 years agoUpgrade libevent
Marko Kreen [Mon, 25 Jan 2016 12:08:42 +0000 (14:08 +0200)]
Upgrade libevent

8 years agohba_test: include usual/event.h
Marko Kreen [Mon, 25 Jan 2016 12:05:19 +0000 (14:05 +0200)]
hba_test: include usual/event.h

Helps to build without real libevent.

8 years agoFreeing db may leak host.
Marko Kreen [Mon, 25 Jan 2016 11:00:37 +0000 (13:00 +0200)]
Freeing db may leak host.

8 years agotest: make asynctest.c compile again
Marko Kreen [Mon, 25 Jan 2016 10:53:22 +0000 (12:53 +0200)]
test: make asynctest.c compile again

8 years agov1.7 pgbouncer_1_7
Marko Kreen [Fri, 18 Dec 2015 18:02:12 +0000 (20:02 +0200)]
v1.7

8 years agoMerge pull request #85 from doismellburning/feature/gitignore-tests
Marko Kreen [Fri, 4 Dec 2015 13:25:47 +0000 (15:25 +0200)]
Merge pull request #85 from doismellburning/feature/gitignore-tests

.gitignore various test files/dirs

8 years agoAdd no-dep rule to create manpages if missing.
Marko Kreen [Fri, 4 Dec 2015 13:15:10 +0000 (15:15 +0200)]
Add no-dep rule to create manpages if missing.

For building from git where manpages are missing.

Fixes: #82, #94
8 years agohba: initialize struct before opening file
Marko Kreen [Fri, 4 Dec 2015 12:55:03 +0000 (14:55 +0200)]
hba: initialize struct before opening file

Otherwise is can crash when walking uninitialized list.

Fixes: #95
8 years agosbuf: improved sbuf_loopcnt logic
Marko Kreen [Fri, 4 Dec 2015 10:14:03 +0000 (12:14 +0200)]
sbuf: improved sbuf_loopcnt logic

Simple early exit won't work for TLS as all data
may be in libssl buffers and no network wakeup is coming.

Use special-case event_add() with timeout for postponing.

It might be even improve non-tls case as there could
be specific buffers lengths when even that does
postponing while nothing is coming from network.

8 years agotls: avoid recursive socket loop
Marko Kreen [Thu, 3 Dec 2015 18:53:13 +0000 (20:53 +0200)]
tls: avoid recursive socket loop

TLS handshake may happen immediately without
going though libevent poll.  (Loaded CPU with fast
network - local testing).  This will lead to

sbuf_main_loop
 ->sbuf_tls_connect
   ->SBUF_EV_TLS_READY
     ->sbuf_continue
       ->sbuf_main_loop

call which finally end up in sbuf_send_pending()
running on JUSTFREE socket which crashes.

To improve things:

* Always perform sbuf_pause before handshake.
  Otherwise sbuf_continue can be called on
  unpaused socket.

* Move actual handshake out from from sbuf_tls_* functions
  to avoid recursive sbuf_main_loop().

Fixes: #97
8 years agoconfigure: make plain --with-cares work
Marko Kreen [Thu, 3 Dec 2015 18:51:15 +0000 (20:51 +0200)]
configure: make plain --with-cares work

8 years agoBuild on win32
Marko Kreen [Tue, 10 Nov 2015 18:59:26 +0000 (20:59 +0200)]
Build on win32

8 years agoUpdate news
Marko Kreen [Tue, 10 Nov 2015 18:08:15 +0000 (20:08 +0200)]
Update news

8 years agoUpdate authors
Marko Kreen [Tue, 10 Nov 2015 18:08:08 +0000 (20:08 +0200)]
Update authors

8 years agoreadme: add links to CVE-s
Marko Kreen [Mon, 9 Nov 2015 13:08:34 +0000 (15:08 +0200)]
readme: add links to CVE-s

9 years agoIncrease pkt_buf to 4k
Marko Kreen [Sun, 8 Nov 2015 10:36:33 +0000 (12:36 +0200)]
Increase pkt_buf to 4k

Apparently (#87) TLS performs better with larger buffer.

The behaviour is probably load-specific, but it should be
safe to do as since v1.2 the packet buffers are split
from connections and used lazily from pool.

In fact the pkt_buf should have been increased in v1.2.

9 years agoPostpone change of expect_rfq_count
Marko Kreen [Fri, 6 Nov 2015 17:56:10 +0000 (19:56 +0200)]
Postpone change of expect_rfq_count

When changed too early and client socket is paused,
then packet will processed again when socket is woken
up and expect_rfq_count will be too high.

9 years agoImport ssl test data into git pgbouncer_1_7_rc1
Marko Kreen [Tue, 3 Nov 2015 10:44:46 +0000 (12:44 +0200)]
Import ssl test data into git

9 years agoMerge remote-tracking branch 'main/master'
Marko Kreen [Tue, 3 Nov 2015 10:41:02 +0000 (12:41 +0200)]
Merge remote-tracking branch 'main/master'

9 years agov1.7rc1
Marko Kreen [Mon, 2 Nov 2015 18:39:44 +0000 (20:39 +0200)]
v1.7rc1

9 years agoAdd missing files to 'make dist'
Marko Kreen [Mon, 2 Nov 2015 18:53:19 +0000 (20:53 +0200)]
Add missing files to 'make dist'

9 years agoUpdate libusual
Marko Kreen [Mon, 2 Nov 2015 16:11:09 +0000 (18:11 +0200)]
Update libusual

9 years ago.gitignore various test files/dirs
Kristian Glass [Mon, 26 Oct 2015 21:32:00 +0000 (21:32 +0000)]
.gitignore various test files/dirs

9 years agoMerge pull request #76 from ChristophBerg/patch-1
Petr Jelinek [Sun, 18 Oct 2015 03:11:44 +0000 (05:11 +0200)]
Merge pull request #76 from ChristophBerg/patch-1

Fix typo in pgbouncer.ini

9 years agoMerge remote-tracking branch 'main/master'
Marko Kreen [Mon, 12 Oct 2015 07:44:18 +0000 (10:44 +0300)]
Merge remote-tracking branch 'main/master'

9 years agoMerge pull request #80 from sammcj/master
Marko Kreen [Mon, 12 Oct 2015 07:43:38 +0000 (10:43 +0300)]
Merge pull request #80 from sammcj/master

Document version requirement for hba auth_type

9 years agoDocument version requirement for hba auth_type
Sam [Sun, 11 Oct 2015 23:17:37 +0000 (10:17 +1100)]
Document version requirement for hba auth_type

Relates to:

* https://github.com/pgbouncer/pgbouncer/issues/77
* https://github.com/pgbouncer/pgbouncer/issues/70

9 years agoFix typo in pgbouncer.ini
Christoph Berg [Wed, 7 Oct 2015 13:08:08 +0000 (15:08 +0200)]
Fix typo in pgbouncer.ini

9 years agoSync with TLS API changes
Marko Kreen [Tue, 15 Sep 2015 21:14:21 +0000 (00:14 +0300)]
Sync with TLS API changes

9 years agoUpdate news
Marko Kreen [Thu, 3 Sep 2015 20:04:15 +0000 (23:04 +0300)]
Update news

9 years agoSet query_wait_timeout to 120s by default.
Marko Kreen [Thu, 3 Sep 2015 14:17:41 +0000 (17:17 +0300)]
Set query_wait_timeout to 120s by default.

Current default (0) causes infinite queuing,
which is not useful.

Fixes: #46, #48
9 years agoUpdate todo
Marko Kreen [Thu, 3 Sep 2015 14:17:27 +0000 (17:17 +0300)]
Update todo

9 years agotest.sh: add tests for auth_user
Marko Kreen [Thu, 3 Sep 2015 13:05:59 +0000 (16:05 +0300)]
test.sh: add tests for auth_user

9 years agoRemove too early set of auth_user
Marko Kreen [Thu, 3 Sep 2015 12:21:24 +0000 (15:21 +0300)]
Remove too early set of auth_user

When query returns 0 rows (user not found),
this user stays as login user...

Should fix #69.

9 years agoFix server_reset_query_always declaration
Marko Kreen [Thu, 3 Sep 2015 12:20:52 +0000 (15:20 +0300)]
Fix server_reset_query_always declaration

9 years agoSync libusual
Marko Kreen [Wed, 2 Sep 2015 13:04:43 +0000 (16:04 +0300)]
Sync libusual

9 years agoserver_reset_query_always
Marko Kreen [Mon, 31 Aug 2015 16:58:06 +0000 (19:58 +0300)]
server_reset_query_always

Do not use server_reset_query for non-session pools.

New setting `server_reset_query_always` to restore
old behaviour.  1.6 will also have this setting
but with different default perhaps.

9 years agoMerge remote-tracking branch 'main/master'
Marko Kreen [Mon, 31 Aug 2015 16:33:03 +0000 (19:33 +0300)]
Merge remote-tracking branch 'main/master'

9 years agoconsole: Fill auth_user when auth_type=any.
Marko Kreen [Mon, 31 Aug 2015 16:31:28 +0000 (19:31 +0300)]
console: Fill auth_user when auth_type=any.

Otherwise logging can crash (#67).

9 years agoSync again
Marko Kreen [Mon, 31 Aug 2015 16:26:20 +0000 (19:26 +0300)]
Sync again