1. 30 Dec, 2020 5 commits
  2. 29 Dec, 2020 6 commits
    • Tom Lane's avatar
      Suppress log spam from multiple reports of SIGQUIT shutdown. · 1f9158ba
      Tom Lane authored
      When the postmaster sends SIGQUIT to its children, there's no real
      need for all the children to log that fact; the postmaster already
      made a log entry about it, so adding perhaps dozens or hundreds of
      child-process log entries adds nothing of value.  So, let's introduce
      a new ereport level to specify "WARNING, but never send to log" and
      use that for these messages.
      
      Such a change wouldn't have been desirable before commit 7e784d1d,
      because if someone manually SIGQUIT's a backend, we *do* want to log
      that.  But now we can tell the difference between a signal that was
      issued by the postmaster and one that was not with reasonable
      certainty.
      
      While we're here, also clear error_context_stack before ereport'ing,
      to prevent error callbacks from being invoked in the signal-handler
      context.  This should reduce the odds of getting hung up while trying
      to notify the client.
      
      Per a suggestion from Andres Freund.
      
      Discussion: https://postgr.es/m/20201225230331.hru3u6obyy6j53tk@alap3.anarazel.de
      1f9158ba
    • Alexander Korotkov's avatar
      Add support of multirange matching to the existing range GiST indexes · db6335b5
      Alexander Korotkov authored
      6df7a969 has introduced a set of operators between ranges and multiranges.
      Existing GiST indexes for ranges could easily support majority of them.
      This commit adds support for new operators to the existing range GiST indexes.
      New operators resides the same strategy numbers as existing ones.  Appropriate
      check function is determined using the subtype.
      
      Catversion is bumped.
      db6335b5
    • Alexander Korotkov's avatar
      Improve the signature of internal multirange functions · d1d61a8b
      Alexander Korotkov authored
      There is a set of *_internal() functions exposed in
      include/utils/multirangetypes.h.  This commit improves the signatures of these
      functions in two ways.
       * Add const qualifies where applicable.
       * Replace multirange typecache argument with range typecache argument.
         Multirange typecache was used solely to find the range typecache.  At the
         same time, range typecache is easier for the caller to find.
      d1d61a8b
    • Alexander Korotkov's avatar
      Implement operators for checking if the range contains a multirange · 4d7684cc
      Alexander Korotkov authored
      We have operators for checking if the multirange contains a range but don't
      have the opposite.  This commit improves completeness of the operator set by
      adding two new operators: @> (anyrange,anymultirange) and
      <@(anymultirange,anyrange).
      
      Catversion is bumped.
      4d7684cc
    • Alexander Korotkov's avatar
      Fix bugs in comparison functions for multirange_bsearch_match() · a5b81b6f
      Alexander Korotkov authored
      Two functions multirange_range_overlaps_bsearch_comparison() and
      multirange_range_contains_bsearch_comparison() contain bugs of returning -1
      instead of 1.  This commit fixes these bugs and adds corresponding regression
      tests.
      a5b81b6f
    • Michael Paquier's avatar
      doc: Improve description of min_dynamic_shared_memory · 1b3433e2
      Michael Paquier authored
      While on it, fix one oversight in 90fbf7c5, that introduced a reference
      to an incorrect value for the compression level of pg_dump.
      
      Author: Justin Pryzby
      Reviewed-by: Thomas Munro, Michael Paquier
      Discussion: https://postgr.es/m/CA+hUKGJRTLWWPcQfjm_xaOk98M8aROK903X92O0x-4vLJPWrrA@mail.gmail.com
      1b3433e2
  3. 28 Dec, 2020 9 commits
    • Tom Lane's avatar
      Improve log messages related to pg_hba.conf not matching a connection. · 3995c424
      Tom Lane authored
      Include details on whether GSS encryption has been activated;
      since we added "hostgssenc" type HBA entries, that's relevant info.
      
      Kyotaro Horiguchi and Tom Lane.  Back-patch to v12 where
      GSS encryption was introduced.
      
      Discussion: https://postgr.es/m/e5b0b6ed05764324a2f3fe7acfc766d5@smhi.se
      3995c424
    • Tom Lane's avatar
      Fix assorted issues in backend's GSSAPI encryption support. · 622ae462
      Tom Lane authored
      Unrecoverable errors detected by GSSAPI encryption can't just be
      reported with elog(ERROR) or elog(FATAL), because attempting to
      send the error report to the client is likely to lead to infinite
      recursion or loss of protocol sync.  Instead make this code do what
      the SSL encryption code has long done, which is to just report any
      such failure to the server log (with elevel COMMERROR), then pretend
      we've lost the connection by returning errno = ECONNRESET.
      
      Along the way, fix confusion about whether message translation is done
      by pg_GSS_error() or its callers (the latter should do it), and make
      the backend version of that function work more like the frontend
      version.
      
      Avoid allocating the port->gss struct until it's needed; we surely
      don't need to allocate it in the postmaster.
      
      Improve logging of "connection authorized" messages with GSS enabled.
      (As part of this, I back-patched the code changes from dc11f31a.)
      
      Make BackendStatusShmemSize() account for the GSS-related space that
      will be allocated by CreateSharedBackendStatus().  This omission
      could possibly cause out-of-shared-memory problems with very high
      max_connections settings.
      
      Remove arbitrary, pointless restriction that only GSS authentication
      can be used on a GSS-encrypted connection.
      
      Improve documentation; notably, document the fact that libpq now
      prefers GSS encryption over SSL encryption if both are possible.
      
      Per report from Mikael Gustavsson.  Back-patch to v12 where
      this code was introduced.
      
      Discussion: https://postgr.es/m/e5b0b6ed05764324a2f3fe7acfc766d5@smhi.se
      622ae462
    • Tom Lane's avatar
      Fix bugs in libpq's GSSAPI encryption support. · ff6ce9a3
      Tom Lane authored
      The critical issue fixed here is that if a GSSAPI-encrypted connection
      is successfully made, pqsecure_open_gss() cleared conn->allow_ssl_try,
      as an admittedly-hacky way of preventing us from then trying to tunnel
      SSL encryption over the already-encrypted connection.  The problem
      with that is that if we abandon the GSSAPI connection because of a
      failure during authentication, we would not attempt SSL encryption
      in the next try with the same server.  This can lead to unexpected
      connection failure, or silently getting a non-encrypted connection
      where an encrypted one is expected.
      
      Fortunately, we'd only manage to make a GSSAPI-encrypted connection
      if both client and server hold valid tickets in the same Kerberos
      infrastructure, which is a relatively uncommon environment.
      Nonetheless this is a very nasty bug with potential security
      consequences.  To fix, don't reset the flag, instead adding a
      check for conn->gssenc being already true when deciding whether
      to try to initiate SSL.
      
      While here, fix some lesser issues in libpq's GSSAPI code:
      
      * Use the need_new_connection stanza when dropping an attempted
      GSSAPI connection, instead of partially duplicating that code.
      The consequences of this are pretty minor: AFAICS it could only
      lead to auth_req_received or password_needed remaining set when
      they shouldn't, which is not too harmful.
      
      * Fix pg_GSS_error() to not repeat the "mprefix" it's given multiple
      times, and to notice any failure return from gss_display_status().
      
      * Avoid gratuitous dependency on NI_MAXHOST in
      pg_GSS_load_servicename().
      
      Per report from Mikael Gustavsson.  Back-patch to v12 where
      this code was introduced.
      
      Discussion: https://postgr.es/m/e5b0b6ed05764324a2f3fe7acfc766d5@smhi.se
      ff6ce9a3
    • Tom Lane's avatar
      Expose the default for channel_binding in PQconndefaults(). · cf61b073
      Tom Lane authored
      If there's a static default value for a connection option,
      it should be shown in the PQconninfoOptions array.
      
      Daniele Varrazzo
      
      Discussion: https://postgr.es/m/CA+mi_8Zo8Rgn7p+6ZRY7QdDu+23ukT9AvoHNyPbgKACxwgGhZA@mail.gmail.com
      cf61b073
    • Tom Lane's avatar
      Further fix thinko in plpgsql memory leak fix. · 5f2e09bc
      Tom Lane authored
      There's a second call of get_eval_mcontext() that should also be
      get_stmt_mcontext().  This is actually dead code, since no
      interesting allocations happen before switching back to the
      original context, but we should keep it in sync with the other
      call to forestall possible future bugs.
      
      Discussion: https://postgr.es/m/f075f7be-c654-9aa8-3ffc-e9214622f02a@enterprisedb.com
      5f2e09bc
    • Tom Lane's avatar
      Fix thinko in plpgsql memory leak fix. · ea80d8d9
      Tom Lane authored
      Commit a6b1f536 intended to place the transient "target" list of
      a CALL statement in the function's statement-lifespan context,
      but I fat-fingered that and used get_eval_mcontext() instead of
      get_stmt_mcontext().  The eval_mcontext belongs to the "simple
      expression" infrastructure, which is destroyed at transaction end.
      The net effect is that a CALL in a procedure to another procedure
      that has OUT or INOUT parameters would fail if the called procedure
      did a COMMIT.
      
      Per report from Peter Eisentraut.  Back-patch to v11, like the
      prior patch.
      
      Discussion: https://postgr.es/m/f075f7be-c654-9aa8-3ffc-e9214622f02a@enterprisedb.com
      ea80d8d9
    • Michael Paquier's avatar
      Fix inconsistent code with shared invalidations of snapshots · 643428c5
      Michael Paquier authored
      The code in charge of processing a single invalidation message has been
      using since 568d4138 the structure for relation mapping messages.  This
      had fortunately no consequence as both locate the database ID at the
      same location, but it could become a problem in the future if this area
      of the code changes.
      
      Author: Konstantin Knizhnik
      Discussion: https://postgr.es/m/8044c223-4d3a-2cdb-42bf-29940840ce94@postgrespro.ru
      Backpatch-through: 9.5
      643428c5
    • Fujii Masao's avatar
      postgres_fdw: Fix connection leak. · e3ebcca8
      Fujii Masao authored
      In postgres_fdw, the cached connections to foreign servers will not be
      closed until the local session exits if the user mappings or foreign servers
      that those connections depend on are dropped. Those connections can be
      leaked.
      
      To fix that connection leak issue, after a change to a pg_foreign_server
      or pg_user_mapping catalog entry, this commit makes postgres_fdw close
      the connections depending on that entry immediately if current
      transaction has not used those connections yet. Otherwise, mark those
      connections as invalid and then close them at the end of current transaction,
      since they cannot be closed in the midst of the transaction using them.
      Closed connections will be remade at the next opportunity if necessary.
      
      Back-patch to all supported branches.
      
      Author: Bharath Rupireddy
      Reviewed-by: Zhihong Yu, Zhijie Hou, Fujii Masao
      Discussion: https://postgr.es/m/CALj2ACVNcGH_6qLY-4_tXz8JLvA+4yeBThRfxMz7Oxbk1aHcpQ@mail.gmail.com
      e3ebcca8
    • Bruce Momjian's avatar
      Revert "Add key management system" (978f869b) & later commits · 3187ef7c
      Bruce Momjian authored
      The patch needs test cases, reorganization, and cfbot testing.
      Technically reverts commits 5c31afc4..e35b2bad (exclusive/inclusive)
      and 08db7c63..ccbe3413.
      
      Reported-by: Tom Lane, Michael Paquier
      
      Discussion: https://postgr.es/m/E1ktAAG-0002V2-VB@gemulon.postgresql.org
      3187ef7c
  4. 27 Dec, 2020 3 commits
    • Jeff Davis's avatar
      Second attempt to stabilize 05c02589. · facad314
      Jeff Davis authored
      Removing the EXPLAIN test to stabilize the buildfarm. The execution
      test should still be effective to catch the bug even if the plan is
      slightly different on different platforms.
      facad314
    • Jeff Davis's avatar
      Stabilize test introduced in 05c02589, per buildfarm. · fa0fdf05
      Jeff Davis authored
      In passing, make the capitalization match the rest of the file.
      
      Reported-by: Tom Lane
      fa0fdf05
    • Jeff Davis's avatar
      Fix bug #16784 in Disk-based Hash Aggregation. · 05c02589
      Jeff Davis authored
      Before processing tuples, agg_refill_hash_table() was setting all
      pergroup pointers to NULL to signal to advance_aggregates() that it
      should not attempt to advance groups that had spilled.
      
      The problem was that it also set the pergroups for sorted grouping
      sets to NULL, which caused rescanning to fail.
      
      Instead, change agg_refill_hash_table() to only set the pergroups for
      hashed grouping sets to NULL; and when compiling the expression, pass
      doSort=false.
      
      Reported-by: Alexander Lakhin
      Discussion: https://postgr.es/m/16784-7ff169bf2c3d1588%40postgresql.org
      Backpatch-through: 13
      05c02589
  5. 26 Dec, 2020 9 commits
  6. 25 Dec, 2020 8 commits