rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgresql/contrib/pg_trgm/pg_trgm--unpackaged--1.0.sql

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

112 lines
4.6 KiB
MySQL
Raw Normal View History

Convert contrib modules to use the extension facility. This isn't fully tested as yet, in particular I'm not sure that the "foo--unpackaged--1.0.sql" scripts are OK. But it's time to get some buildfarm cycles on it. sepgsql is not converted to an extension, mainly because it seems to require a very nonstandard installation process. Dimitri Fontaine and Tom Lane
2011-02-14 02:06:41 +01:00
/* contrib/pg_trgm/pg_trgm--unpackaged--1.0.sql */
Throw a useful error message if an extension script file is fed to psql. We have seen one too many reports of people trying to use 9.1 extension files in the old-fashioned way of sourcing them in psql. Not only does that usually not work (due to failure to substitute for MODULE_PATHNAME and/or @extschema@), but if it did work they'd get a collection of loose objects not an extension. To prevent this, insert an \echo ... \quit line that prints a suitable error message into each extension script file, and teach commands/extension.c to ignore lines starting with \echo. That should not only prevent any adverse consequences of loading a script file the wrong way, but make it crystal clear to users that they need to do it differently now. Tom Lane, following an idea of Andrew Dunstan's. Back-patch into 9.1 ... there is not going to be much value in this if we wait till 9.2.
2011-10-12 21:45:03 +02:00
-- complain if script is sourced in psql, rather than via CREATE EXTENSION
Fix typos in some error messages thrown by extension scripts when fed to psql. Some of the many error messages introduced in 458857cc missed 'FROM unpackaged'. Also e016b724 and 45ffeb7e forgot to quote extension version numbers. Backpatch to 9.1, just like 458857cc which introduced the messages. Do so because the error messages thrown when the wrong command is copy & pasted aren't easy to understand.
2014-08-25 18:30:37 +02:00
\echo Use "CREATE EXTENSION pg_trgm FROM unpackaged" to load this file. \quit
Throw a useful error message if an extension script file is fed to psql. We have seen one too many reports of people trying to use 9.1 extension files in the old-fashioned way of sourcing them in psql. Not only does that usually not work (due to failure to substitute for MODULE_PATHNAME and/or @extschema@), but if it did work they'd get a collection of loose objects not an extension. To prevent this, insert an \echo ... \quit line that prints a suitable error message into each extension script file, and teach commands/extension.c to ignore lines starting with \echo. That should not only prevent any adverse consequences of loading a script file the wrong way, but make it crystal clear to users that they need to do it differently now. Tom Lane, following an idea of Andrew Dunstan's. Back-patch into 9.1 ... there is not going to be much value in this if we wait till 9.2.
2011-10-12 21:45:03 +02:00
Convert contrib modules to use the extension facility. This isn't fully tested as yet, in particular I'm not sure that the "foo--unpackaged--1.0.sql" scripts are OK. But it's time to get some buildfarm cycles on it. sepgsql is not converted to an extension, mainly because it seems to require a very nonstandard installation process. Dimitri Fontaine and Tom Lane
2011-02-14 02:06:41 +01:00
ALTER EXTENSION pg_trgm ADD function set_limit(real);
ALTER EXTENSION pg_trgm ADD function show_limit();
ALTER EXTENSION pg_trgm ADD function show_trgm(text);
ALTER EXTENSION pg_trgm ADD function similarity(text,text);
ALTER EXTENSION pg_trgm ADD function similarity_op(text,text);
ALTER EXTENSION pg_trgm ADD operator %(text,text);
ALTER EXTENSION pg_trgm ADD type gtrgm;
ALTER EXTENSION pg_trgm ADD function gtrgm_in(cstring);
ALTER EXTENSION pg_trgm ADD function gtrgm_out(gtrgm);
ALTER EXTENSION pg_trgm ADD function gtrgm_consistent(internal,text,integer,oid,internal);
ALTER EXTENSION pg_trgm ADD function gtrgm_compress(internal);
ALTER EXTENSION pg_trgm ADD function gtrgm_decompress(internal);
ALTER EXTENSION pg_trgm ADD function gtrgm_penalty(internal,internal,internal);
ALTER EXTENSION pg_trgm ADD function gtrgm_picksplit(internal,internal);
ALTER EXTENSION pg_trgm ADD function gtrgm_union(bytea,internal);
ALTER EXTENSION pg_trgm ADD function gtrgm_same(gtrgm,gtrgm,internal);
ALTER EXTENSION pg_trgm ADD operator family gist_trgm_ops using gist;
ALTER EXTENSION pg_trgm ADD operator class gist_trgm_ops using gist;
ALTER EXTENSION pg_trgm ADD operator family gin_trgm_ops using gin;
ALTER EXTENSION pg_trgm ADD operator class gin_trgm_ops using gin;
Assorted fixups for "unpackaged" conversion scripts. From first pass of testing. Notably, there seems to be no need for adminpack--unpackaged--1.0.sql because none of the objects that the old module creates would ever be dumped by pg_dump anyway (they are all in pg_catalog).
2011-02-14 04:53:00 +01:00
Fix contrib/pg_trgm to have smoother updates from 9.0. Take care of some loose ends in the update-from-unpackaged script, and apply some ugly hacks to ensure that it produces the same catalog state as the fresh-install script. Per discussion, this seems like a safer plan than having two different catalog states that both call themselves "pg_trgm 1.0", even if it's not immediately clear that the subtle differences would ever matter. Also, fix the stub function gin_extract_trgm() so that it works instead of just bleating. Needed because this function will get called during a regular dump and reload, if there are any indexes using its opclass. The user won't have an opportunity to update the extension till later, so telling him to do so is unhelpful.
2011-02-17 21:03:30 +01:00
-- These functions had different names/signatures in 9.0. We can't just
-- drop and recreate them because they are linked into the GIN opclass,
-- so we need some ugly hacks.
-- First, absorb them into the extension under their old names.
ALTER EXTENSION pg_trgm ADD function gin_extract_trgm(text, internal);
ALTER EXTENSION pg_trgm ADD function gin_extract_trgm(text, internal, int2, internal, internal);
ALTER EXTENSION pg_trgm ADD function gin_trgm_consistent(internal,smallint,text,integer,internal,internal);
-- Fix the names, and then do CREATE OR REPLACE to adjust the function
-- bodies to be correct (ie, reference the correct C symbol).
ALTER FUNCTION gin_extract_trgm(text, internal)
RENAME TO gin_extract_value_trgm;
CREATE OR REPLACE FUNCTION gin_extract_value_trgm(text, internal)
RETURNS internal
AS 'MODULE_PATHNAME'
LANGUAGE C IMMUTABLE STRICT;
ALTER FUNCTION gin_extract_trgm(text, internal, int2, internal, internal)
RENAME TO gin_extract_query_trgm;
CREATE OR REPLACE FUNCTION gin_extract_query_trgm(text, internal, int2, internal, internal)
RETURNS internal
AS 'MODULE_PATHNAME'
LANGUAGE C IMMUTABLE STRICT;
-- gin_trgm_consistent didn't change name.
-- Last, fix the parameter lists by means of direct UPDATE on the pg_proc
-- entries. This is ugly as can be, but there's no other way to do it
-- while preserving the identities (OIDs) of the functions.
Make contrib modules' installation scripts more secure. Hostile objects located within the installation-time search_path could capture references in an extension's installation or upgrade script. If the extension is being installed with superuser privileges, this opens the door to privilege escalation. While such hazards have existed all along, their urgency increases with the v13 "trusted extensions" feature, because that lets a non-superuser control the installation path for a superuser-privileged script. Therefore, make a number of changes to make such situations more secure: * Tweak the construction of the installation-time search_path to ensure that references to objects in pg_catalog can't be subverted; and explicitly add pg_temp to the end of the path to prevent attacks using temporary objects. * Disable check_function_bodies within installation/upgrade scripts, so that any security gaps in SQL-language or PL-language function bodies cannot create a risk of unwanted installation-time code execution. * Adjust lookup of type input/receive functions and join estimator functions to complain if there are multiple candidate functions. This prevents capture of references to functions whose signature is not the first one checked; and it's arguably more user-friendly anyway. * Modify various contrib upgrade scripts to ensure that catalog modification queries are executed with secure search paths. (These are in-place modifications with no extension version changes, since it is the update process itself that is at issue, not the end result.) Extensions that depend on other extensions cannot be made fully secure by these methods alone; therefore, revert the "trusted" marking that commit eb67623c9 applied to earthdistance and hstore_plperl, pending some better solution to that set of issues. Also add documentation around these issues, to help extension authors write secure installation scripts. Patch by me, following an observation by Andres Freund; thanks to Noah Misch for review. Security: CVE-2020-14350
2020-08-10 16:44:42 +02:00
DO LANGUAGE plpgsql
$$
DECLARE
my_schema pg_catalog.text := pg_catalog.quote_ident(pg_catalog.current_schema());
old_path pg_catalog.text := pg_catalog.current_setting('search_path');
BEGIN
-- for safety, transiently set search_path to just pg_catalog+pg_temp
PERFORM pg_catalog.set_config('search_path', 'pg_catalog, pg_temp', true);
Fix contrib/pg_trgm to have smoother updates from 9.0. Take care of some loose ends in the update-from-unpackaged script, and apply some ugly hacks to ensure that it produces the same catalog state as the fresh-install script. Per discussion, this seems like a safer plan than having two different catalog states that both call themselves "pg_trgm 1.0", even if it's not immediately clear that the subtle differences would ever matter. Also, fix the stub function gin_extract_trgm() so that it works instead of just bleating. Needed because this function will get called during a regular dump and reload, if there are any indexes using its opclass. The user won't have an opportunity to update the extension till later, so telling him to do so is unhelpful.
2011-02-17 21:03:30 +01:00
UPDATE pg_catalog.pg_proc
SET pronargs = 7, proargtypes = '25 2281 21 2281 2281 2281 2281'
Make contrib modules' installation scripts more secure. Hostile objects located within the installation-time search_path could capture references in an extension's installation or upgrade script. If the extension is being installed with superuser privileges, this opens the door to privilege escalation. While such hazards have existed all along, their urgency increases with the v13 "trusted extensions" feature, because that lets a non-superuser control the installation path for a superuser-privileged script. Therefore, make a number of changes to make such situations more secure: * Tweak the construction of the installation-time search_path to ensure that references to objects in pg_catalog can't be subverted; and explicitly add pg_temp to the end of the path to prevent attacks using temporary objects. * Disable check_function_bodies within installation/upgrade scripts, so that any security gaps in SQL-language or PL-language function bodies cannot create a risk of unwanted installation-time code execution. * Adjust lookup of type input/receive functions and join estimator functions to complain if there are multiple candidate functions. This prevents capture of references to functions whose signature is not the first one checked; and it's arguably more user-friendly anyway. * Modify various contrib upgrade scripts to ensure that catalog modification queries are executed with secure search paths. (These are in-place modifications with no extension version changes, since it is the update process itself that is at issue, not the end result.) Extensions that depend on other extensions cannot be made fully secure by these methods alone; therefore, revert the "trusted" marking that commit eb67623c9 applied to earthdistance and hstore_plperl, pending some better solution to that set of issues. Also add documentation around these issues, to help extension authors write secure installation scripts. Patch by me, following an observation by Andres Freund; thanks to Noah Misch for review. Security: CVE-2020-14350
2020-08-10 16:44:42 +02:00
WHERE oid = (my_schema || '.gin_extract_query_trgm(text,internal,int2,internal,internal)')::pg_catalog.regprocedure;
Fix contrib/pg_trgm to have smoother updates from 9.0. Take care of some loose ends in the update-from-unpackaged script, and apply some ugly hacks to ensure that it produces the same catalog state as the fresh-install script. Per discussion, this seems like a safer plan than having two different catalog states that both call themselves "pg_trgm 1.0", even if it's not immediately clear that the subtle differences would ever matter. Also, fix the stub function gin_extract_trgm() so that it works instead of just bleating. Needed because this function will get called during a regular dump and reload, if there are any indexes using its opclass. The user won't have an opportunity to update the extension till later, so telling him to do so is unhelpful.
2011-02-17 21:03:30 +01:00
UPDATE pg_catalog.pg_proc
SET pronargs = 8, proargtypes = '2281 21 25 23 2281 2281 2281 2281'
Make contrib modules' installation scripts more secure. Hostile objects located within the installation-time search_path could capture references in an extension's installation or upgrade script. If the extension is being installed with superuser privileges, this opens the door to privilege escalation. While such hazards have existed all along, their urgency increases with the v13 "trusted extensions" feature, because that lets a non-superuser control the installation path for a superuser-privileged script. Therefore, make a number of changes to make such situations more secure: * Tweak the construction of the installation-time search_path to ensure that references to objects in pg_catalog can't be subverted; and explicitly add pg_temp to the end of the path to prevent attacks using temporary objects. * Disable check_function_bodies within installation/upgrade scripts, so that any security gaps in SQL-language or PL-language function bodies cannot create a risk of unwanted installation-time code execution. * Adjust lookup of type input/receive functions and join estimator functions to complain if there are multiple candidate functions. This prevents capture of references to functions whose signature is not the first one checked; and it's arguably more user-friendly anyway. * Modify various contrib upgrade scripts to ensure that catalog modification queries are executed with secure search paths. (These are in-place modifications with no extension version changes, since it is the update process itself that is at issue, not the end result.) Extensions that depend on other extensions cannot be made fully secure by these methods alone; therefore, revert the "trusted" marking that commit eb67623c9 applied to earthdistance and hstore_plperl, pending some better solution to that set of issues. Also add documentation around these issues, to help extension authors write secure installation scripts. Patch by me, following an observation by Andres Freund; thanks to Noah Misch for review. Security: CVE-2020-14350
2020-08-10 16:44:42 +02:00
WHERE oid = (my_schema || '.gin_trgm_consistent(internal,smallint,text,integer,internal,internal)')::pg_catalog.regprocedure;
PERFORM pg_catalog.set_config('search_path', old_path, true);
END
$$;
Fix contrib/pg_trgm to have smoother updates from 9.0. Take care of some loose ends in the update-from-unpackaged script, and apply some ugly hacks to ensure that it produces the same catalog state as the fresh-install script. Per discussion, this seems like a safer plan than having two different catalog states that both call themselves "pg_trgm 1.0", even if it's not immediately clear that the subtle differences would ever matter. Also, fix the stub function gin_extract_trgm() so that it works instead of just bleating. Needed because this function will get called during a regular dump and reload, if there are any indexes using its opclass. The user won't have an opportunity to update the extension till later, so telling him to do so is unhelpful.
2011-02-17 21:03:30 +01:00
-- These were not in 9.0:
Assorted fixups for "unpackaged" conversion scripts. From first pass of testing. Notably, there seems to be no need for adminpack--unpackaged--1.0.sql because none of the objects that the old module creates would ever be dumped by pg_dump anyway (they are all in pg_catalog).
2011-02-14 04:53:00 +01:00
CREATE FUNCTION similarity_dist(text,text)
RETURNS float4
AS 'MODULE_PATHNAME'
LANGUAGE C STRICT IMMUTABLE;
CREATE OPERATOR <-> (
LEFTARG = text,
RIGHTARG = text,
PROCEDURE = similarity_dist,
COMMUTATOR = '<->'
);
Fix contrib/pg_trgm to have smoother updates from 9.0. Take care of some loose ends in the update-from-unpackaged script, and apply some ugly hacks to ensure that it produces the same catalog state as the fresh-install script. Per discussion, this seems like a safer plan than having two different catalog states that both call themselves "pg_trgm 1.0", even if it's not immediately clear that the subtle differences would ever matter. Also, fix the stub function gin_extract_trgm() so that it works instead of just bleating. Needed because this function will get called during a regular dump and reload, if there are any indexes using its opclass. The user won't have an opportunity to update the extension till later, so telling him to do so is unhelpful.
2011-02-17 21:03:30 +01:00
CREATE FUNCTION gtrgm_distance(internal,text,int,oid)
RETURNS float8
AS 'MODULE_PATHNAME'
LANGUAGE C IMMUTABLE STRICT;
-- Add new stuff to the operator classes. See comment in pg_trgm--1.0.sql.
ALTER OPERATOR FAMILY gist_trgm_ops USING gist ADD
OPERATOR 2 <-> (text, text) FOR ORDER BY pg_catalog.float_ops,
OPERATOR 3 pg_catalog.~~ (text, text),
OPERATOR 4 pg_catalog.~~* (text, text),
FUNCTION 8 (text, text) gtrgm_distance (internal, text, int, oid);
ALTER OPERATOR FAMILY gin_trgm_ops USING gin ADD
OPERATOR 3 pg_catalog.~~ (text, text),
OPERATOR 4 pg_catalog.~~* (text, text);