seems we have a choice between annoying messages and leaking memory
(or dumping core, but that's right out). Patch also fixes several
other problems in pg_disconnect, such as being willing to close a
channel that isn't a PG channel.
Gerhard Hintermayer, revised and documented by Tom Lane.
This patch also fixes a 'must fix' bug: libpgtcl's LISTEN/NOTIFY
support was broken by the recent changes to the PGnotify structure.
Guess that change wasn't quite so safe as we thought.
already fixed by You. However there were a few left and attached patch
should fix the rest of them.
I used StringInfo only in 2 places and both of them are inside debug
ifdefs. Only performance penalty will come from using strlen() like all
the other code does.
I also modified some of the already patched parts by changing
snprintf(buf, 2 * BUFSIZE, ... style lines to
snprintf(buf, sizeof(buf), ... where buf is an array.
Jukka Holappa
Fixed support in the driver for notifications (added PGConnection.getNotifications()) - problem reported by Benjamin.Feinstein@guardent.com
Worked around server problems with int8/int2 and constants; quote values when they are intended to bind to an int8/int2 column - reported by many
Fixed bug in the Array interface with string parsing not handling escaped characters correctly - reported by devajx@yahoo.com
Added workaround to support 'infinity' and '-infinity' for dates - reported bydmitry@openratings.com
Fixed some performance issues with setBlob - reported by d.wall@computer.org
Added support for using new prepared statements functionality in 7.3 (added PGStatement.setUseServerPrepare() and isUseServerPrepare() methods)
Modified Files:
jdbc/org/postgresql/PGConnection.java
jdbc/org/postgresql/PGStatement.java
jdbc/org/postgresql/core/QueryExecutor.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1Connection.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1ResultSet.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1Statement.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2Statement.java
jdbc/org/postgresql/jdbc2/Array.java
Added Files:
jdbc/org/postgresql/PGNotification.java
jdbc/org/postgresql/core/Notification.java
> > > > where is the code to verify that PGPASSWORDFILE points at a
> > > > non-world-readable file? That needs to be there now, not later, or
> > > > we'll have people moaning about backward compatibility when we finally
> > > > do plug that hole.
Alvaro Herrera
should be pretty safe in practice, but it's probably better to be safe
than sorry.
I was actually looking for cases where NAMEDATALEN is assumed to be
32, but only found one. That's fixed too, as well as a few bits of
code cleanup.
Neil Conway
recently. I just ran into it while running a set of python test scripts,
and I'm not sure who the normal maintainer is for interfaces/python.
John Nield
the 'override CPPFLAGS' to include the source directory during compile,
and makes the install target look in the proper place for the man page.
Changes are only required when building outside the source directory.
J. R. Nield
value '-2' is used to indicate a variable-width type whose width is
computed as strlen(datum)+1. Everything that looks at typlen is updated
except for array support, which Joe Conway is working on; at the moment
it wouldn't work to try to create an array of cstring.
the server. Previously we allocated a new String object for the entire final
query we were sending to the database. If you had a big query, or especially
if you had large bind values you ended up with essentially two copies in memory.
This change will reuse the existing objects and therefore should take 1/2 the
memory it does today for a given query. This restructuring will also allow
in the future the ability to stream bytea data to the server instead of the current approach of pulling it all into memory.
I also fixed a test that was failing on a 7.2 database.
Also renamed some internal variables and some minor cleanup.
Modified Files:
jdbc/org/postgresql/core/QueryExecutor.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1Connection.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1Statement.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2ResultSet.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2Statement.java
jdbc/org/postgresql/test/jdbc2/DatabaseMetaDataTest.java
from the core repository ... I haven't *moved* the libpq++ files out of the
tree, mainly as we want to keep them in place for past branches ...
Peter, I think I've covered all the files I need, and re-ran autoconf to make
sure the configure file is in place properly ...
for the last two releases.
Modified Files:
jdbc/org/postgresql/Driver.java.in
jdbc/org/postgresql/PG_Stream.java
Removed Files:
jdbc/org/postgresql/core/BytePoolDim1.java
jdbc/org/postgresql/core/BytePoolDim2.java
jdbc/org/postgresql/core/MemoryPool.java
jdbc/org/postgresql/core/ObjectPool.java
jdbc/org/postgresql/core/SimpleObjectPool.java
Everytime if I do PQconsumeInput (when the backend channel gets
readable) I check for the return value. (0 == error) and generate a
notification manually, e.g. fixed string connection_closed) and pass it to the
Everytime if I do PQconsumeInput (when the backend channel gets
readable) I check for the return value. (0 == error) and generate a
notification manually, e.g. fixed string connection_closed) and pass it to the
TCL event queue. The only other thing I had to do is to comment out removing
all pending events in PgStopNotifyEventSource whenever the connection was
unexpectedly closed (so the manually generated event will not be deleted).
A broken backend connection triggers a notify event to the client (fixed
notification string "connection_closed") so proper action can be taken to switch
to another database server etc. Remember that this is event driven. If you have
applications, that have idle database connections most of the time, you'll get
immediate feedback of a dying server. Upon connection to the server issue a
pg_notify for notify event "connection_closed" and whenever the backend crashes
(which it does do in very very rare cases) you get an event driven recovery. (of
course the Tcl-Event loop has to be processed). Issuing a notification
"connection_closed" on a still working database could be used for switching to
another db-server (which I've actually impelemented right now).
Gerhard Hintermayer
syscat.py scripts were both modified. pg.py uses it to cache a list of
pks (which is seemingly does for every db connection) and various
attributes. syscat uses it to walk the list of system tables and
queries the various attributes from these tables.
In both cases, it seemingly makes sense to apply what you've requested.
Greg Copeland
saw a fix offered up. Since I'm gearing up to use Postgres and Python
soon, I figured I'd have a hand at trying to get this sucker addressed.
Apologies if this has already been plugged. I looked in the archives
and never saw a response.
At any rate, I must admit I don't think I fully understand the
implications of some of the changes I made even though they appear to be
straight forward. We all know the devil is in the details. Anyone more
knowledgeable is requested to review my changes. :(
I also updated the advanced.py script in a somewhat nonsensical fashion
to make use of an int8 field in an effort to test this change. It seems
to run okay, however, this is by no means an all exhaustive test. So,
it's possible that a bumpy road may lay ahead for some. On the other
hand...overflows (hopefully) previously lurked (long -> int conversion).
Greg Copeland
PGPASSWORDFILE environment variable. I have modified libpq to make use
of this variable. I present the first cut here.
Currently the format for the file should be
host:port:database:user:password
Alvaro Herrera
This concludes my changes that restructured the code to support JDBC3.
The jdbc unit tests were also resturctured to allow different tests between
jdbc2 and jdbc3, although currently make check (aka ant test) for JDBC3 just
runs the JDBC2 tests. Of special note the largeobject/PGblob and PGclob
classes have been moved under the jdbc2/jdbc3 specific directories as they
now differ by jdbc version. Also note that this checkin removes the
PostgresqlDataSource and files in the xa directory. A recent checkin has
added new datasource support that replaces the functionality provided by these
classes.
Modified Files:
jdbc/build.xml
jdbc/org/postgresql/jdbc1/AbstractJdbc1DatabaseMetaData.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1ResultSet.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1ResultSetMetaData.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1Statement.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2Connection.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2DatabaseMetaData.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2ResultSet.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2ResultSetMetaData.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2Statement.java
jdbc/org/postgresql/jdbc2/Array.java
jdbc/org/postgresql/jdbc2/Jdbc2CallableStatement.java
jdbc/org/postgresql/jdbc2/Jdbc2Connection.java
jdbc/org/postgresql/jdbc2/Jdbc2DatabaseMetaData.java
jdbc/org/postgresql/jdbc2/Jdbc2PreparedStatement.java
jdbc/org/postgresql/jdbc2/Jdbc2ResultSet.java
jdbc/org/postgresql/jdbc2/Jdbc2ResultSetMetaData.java
jdbc/org/postgresql/jdbc2/Jdbc2Statement.java
jdbc/org/postgresql/test/jdbc2/BatchExecuteTest.java
jdbc/org/postgresql/test/jdbc2/BlobTest.java
jdbc/org/postgresql/test/jdbc2/CallableStmtTest.java
jdbc/org/postgresql/test/jdbc2/ConnectionTest.java
jdbc/org/postgresql/test/jdbc2/DatabaseMetaDataTest.java
jdbc/org/postgresql/test/jdbc2/DateTest.java
jdbc/org/postgresql/test/jdbc2/DriverTest.java
jdbc/org/postgresql/test/jdbc2/JBuilderTest.java
jdbc/org/postgresql/test/jdbc2/MiscTest.java
jdbc/org/postgresql/test/jdbc2/ResultSetTest.java
jdbc/org/postgresql/test/jdbc2/TimeTest.java
jdbc/org/postgresql/test/jdbc2/TimestampTest.java
jdbc/org/postgresql/test/jdbc2/UpdateableResultTest.java
Added Files:
jdbc/org/postgresql/jdbc2/AbstractJdbc2Blob.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2Clob.java
jdbc/org/postgresql/jdbc2/Jdbc2Blob.java
jdbc/org/postgresql/jdbc2/Jdbc2Clob.java
jdbc/org/postgresql/jdbc3/AbstractJdbc3Blob.java
jdbc/org/postgresql/jdbc3/AbstractJdbc3Clob.java
jdbc/org/postgresql/jdbc3/AbstractJdbc3Connection.java
jdbc/org/postgresql/jdbc3/AbstractJdbc3DatabaseMetaData.java
jdbc/org/postgresql/jdbc3/AbstractJdbc3ResultSet.java
jdbc/org/postgresql/jdbc3/AbstractJdbc3Statement.java
jdbc/org/postgresql/jdbc3/Jdbc3Blob.java
jdbc/org/postgresql/jdbc3/Jdbc3CallableStatement.java
jdbc/org/postgresql/jdbc3/Jdbc3Clob.java
jdbc/org/postgresql/jdbc3/Jdbc3Connection.java
jdbc/org/postgresql/jdbc3/Jdbc3DatabaseMetaData.java
jdbc/org/postgresql/jdbc3/Jdbc3PreparedStatement.java
jdbc/org/postgresql/jdbc3/Jdbc3ResultSet.java
jdbc/org/postgresql/jdbc3/Jdbc3ResultSetMetaData.java
jdbc/org/postgresql/jdbc3/Jdbc3Statement.java
jdbc/org/postgresql/test/TestUtil.java
jdbc/org/postgresql/test/jdbc2/Jdbc2TestSuite.java
jdbc/org/postgresql/test/jdbc3/Jdbc3TestSuite.java
Removed Files:
jdbc/org/postgresql/PostgresqlDataSource.java
jdbc/org/postgresql/largeobject/PGblob.java
jdbc/org/postgresql/largeobject/PGclob.java
jdbc/org/postgresql/test/JDBC2Tests.java
jdbc/org/postgresql/xa/ClientConnection.java
jdbc/org/postgresql/xa/TwoPhaseConnection.java
jdbc/org/postgresql/xa/TxConnection.java
jdbc/org/postgresql/xa/XAConnectionImpl.java
jdbc/org/postgresql/xa/XADataSourceImpl.java
of duplicated code between the jdbc1 and jdbc2. This checkin restructures
the code so that the duplication is removed so that the jdbc3 support
can be added without adding yet another copy of everything. Also many
classes were renamed to avoid confusion with multiple different objects
having the same name. The timestamp tests were also updated to add support
for testing timestamp without time zone in addition to timestamp with time zone
Modified Files:
jdbc/Makefile jdbc/build.xml jdbc/example/ImageViewer.java
jdbc/example/basic.java jdbc/example/blobtest.java
jdbc/example/threadsafe.java
jdbc/org/postgresql/Driver.java.in
jdbc/org/postgresql/Field.java
jdbc/org/postgresql/core/QueryExecutor.java
jdbc/org/postgresql/fastpath/Fastpath.java
jdbc/org/postgresql/jdbc1/CallableStatement.java
jdbc/org/postgresql/jdbc1/DatabaseMetaData.java
jdbc/org/postgresql/jdbc1/PreparedStatement.java
jdbc/org/postgresql/jdbc2/Array.java
jdbc/org/postgresql/jdbc2/CallableStatement.java
jdbc/org/postgresql/jdbc2/DatabaseMetaData.java
jdbc/org/postgresql/jdbc2/PreparedStatement.java
jdbc/org/postgresql/jdbc2/UpdateableResultSet.java
jdbc/org/postgresql/largeobject/LargeObjectManager.java
jdbc/org/postgresql/largeobject/PGblob.java
jdbc/org/postgresql/largeobject/PGclob.java
jdbc/org/postgresql/test/jdbc2/BlobTest.java
jdbc/org/postgresql/test/jdbc2/ConnectionTest.java
jdbc/org/postgresql/test/jdbc2/DatabaseMetaDataTest.java
jdbc/org/postgresql/test/jdbc2/TimestampTest.java
jdbc/org/postgresql/test/jdbc2/UpdateableResultTest.java
jdbc/org/postgresql/util/Serialize.java
Added Files:
jdbc/org/postgresql/PGConnection.java
jdbc/org/postgresql/PGStatement.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1Connection.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1ResultSet.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1Statement.java
jdbc/org/postgresql/jdbc1/Jdbc1Connection.java
jdbc/org/postgresql/jdbc1/Jdbc1ResultSet.java
jdbc/org/postgresql/jdbc1/Jdbc1Statement.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2Connection.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2ResultSet.java
jdbc/org/postgresql/jdbc2/AbstractJdbc2Statement.java
jdbc/org/postgresql/jdbc2/Jdbc2Connection.java
jdbc/org/postgresql/jdbc2/Jdbc2ResultSet.java
jdbc/org/postgresql/jdbc2/Jdbc2Statement.java
Removed Files:
jdbc/org/postgresql/Connection.java
jdbc/org/postgresql/ResultSet.java
jdbc/org/postgresql/Statement.java
jdbc/org/postgresql/jdbc1/Connection.java
jdbc/org/postgresql/jdbc1/ResultSet.java
jdbc/org/postgresql/jdbc1/Statement.java
jdbc/org/postgresql/jdbc2/Connection.java
jdbc/org/postgresql/jdbc2/ResultSet.java
jdbc/org/postgresql/jdbc2/Statement.java
.
So i took the opportunity to fix some stuff:
1. Made the thing compile (typos & needed definitions) with the new pqsecure_* s
tuff, and added fe-secure.c to the win32.mak makefile.
2. Fixed some MULTIBYTE compile errors (when building without MB support).
3. Made it do that you can build with debug info: "nmake -f win32.mak DEBUG=1".
4. Misc small compiler speedup changes.
The resulting .dll has been tested in production, and everything seems ok.
I CC:ed -hackers because i'm not sure about two things:
1. In libpq-int.h I typedef ssize_t as an int because Visual C (v6.0)
doesn't de fine ssize_t. Is that ok, or is there any standard about what
type should be use d for ssize_t?
2. To keep the .dll api consistent regarding MULTIBYTE I just return -1
in fe-connect.c:PQsetClientEncoding() instead of taking away the whole
function. I wonder if i should do any compares with the
conn->client_encoding and return 0 if not hing would have changed (if so
how do i check that?).
Regards
Magnus Naeslund
conversion procs and conversions are added in initdb. Currently
supported conversions are:
UTF-8(UNICODE) <--> SQL_ASCII, ISO-8859-1 to 16, EUC_JP, EUC_KR,
EUC_CN, EUC_TW, SJIS, BIG5, GBK, GB18030, UHC,
JOHAB, TCVN
EUC_JP <--> SJIS
EUC_TW <--> BIG5
MULE_INTERNAL <--> EUC_JP, SJIS, EUC_TW, BIG5
Note that initial contents of pg_conversion system catalog are created
in the initdb process. So doing initdb required is ideal, it's
possible to add them to your databases by hand, however. To accomplish
this:
psql -f your_postgresql_install_path/share/conversion_create.sql your_database
So I did not bump up the version in cataversion.h.
TODO:
Add more conversion procs
Add [CASCADE|RESTRICT] to DROP CONVERSION
Add tuples to pg_depend
Add regression tests
Write docs
Add SQL99 CONVERT command?
--
Tatsuo Ishii
files rather than a header file where they belong. Pay some modicum
of attention to picking global routine names that aren't likely to
conflict with surrounding applications.
I am no longer pursuing a total non-blocking implementation. I haven't
found a good way to test it with the type of work that I do with
PostgreSQL. I do use blocking SSL sockets with this mod and have had no
problem whatsoever. The bug that I fixed in this patch is exceptionally
hard to reproduce reliably.
Jack Bates
file.
The program seems to compile ok, but when linking a program that uses
the call,
g++ chokes with an undefined reference error.
If you know how this problem might be fixed, list the solution below:
---------------------------------------------------------------------
I include the code:
Oid PgLargeObject::LOid(){
return pgObject;
}
in the .cc file.
Chris Traylor
PQExec(" ") in the wrapper around PQnotifies(), fix the Makefile for
the examples so that they will actually compile properly (with the
exception of #5, which depends on internal headers), make a minor change
to libpq++.h so that "make examples" now works on my machine, update
some documentation, fix some grammatical problems, and remove some of
the more hideous comments.
Neil Conway
Remove ODBC-compatible empty parentheses from calls to SQL99 functions
for which these parentheses do not match the standard.
Update the ODBC driver to ensure compatibility with the ODBC standard
for these functions (e.g. CURRENT_TIMESTAMP, CURRENT_USER, etc).
Include a new appendix in the User's Guide which lists the labeled features
for SQL99 (the labeled features replaced the "basic", "intermediate",
and "advanced" categories from SQL92). features.sgml does not yet split
this list into "supported" and "unsupported" lists.
on the server, if DebugLvl >= 2.
The patch also includes a late addition to the last patch
(X509_check_private_key()). I'm not sure why it the currect
revision wasn't tagged.
Bear Giles
If the user has certificates in $HOME/.postgresql/postgresql.crt
and $HOME/.postgresql/postgresql.key exist, they are provided
to the server. The certificate used to sign this cert must be
known to the server, in $DataDir/root.crt. If successful, the
cert's "common name" is logged.
Client certs are not used for authentication, but they could be
via the port->peer (X509 *), port->peer_dn (char *) or
port->peer_cn (char *) fields. Or any other function could be
used, e.g., many sites like the issuer + serial number hash.
Bear Giles
As the comment headers in be-secure.c discusses, EPH preserves
confidentiality even if the static private key (which is usually
kept unencrypted) is compromised.
Because of the value of this, common default values are hard-coded
to protect the confidentiality of the data even if an attacker
successfully deletes or modifies the external file.
Bear Giles
Attached are a revised set of SSL patches. Many of these patches
are motivated by security concerns, it's not just bug fixes. The key
differences (from stock 7.2.1) are:
*) almost all code that directly uses the OpenSSL library is in two
new files,
src/interfaces/libpq/fe-ssl.c
src/backend/postmaster/be-ssl.c
in the long run, it would be nice to merge these two files.
*) the legacy code to read and write network data have been
encapsulated into read_SSL() and write_SSL(). These functions
should probably be renamed - they handle both SSL and non-SSL
cases.
the remaining code should eliminate the problems identified
earlier, albeit not very cleanly.
*) both front- and back-ends will send a SSL shutdown via the
new close_SSL() function. This is necessary for sessions to
work properly.
(Sessions are not yet fully supported, but by cleanly closing
the SSL connection instead of just sending a TCP FIN packet
other SSL tools will be much happier.)
*) The client certificate and key are now expected in a subdirectory
of the user's home directory. Specifically,
- the directory .postgresql must be owned by the user, and
allow no access by 'group' or 'other.'
- the file .postgresql/postgresql.crt must be a regular file
owned by the user.
- the file .postgresql/postgresql.key must be a regular file
owned by the user, and allow no access by 'group' or 'other'.
At the current time encrypted private keys are not supported.
There should also be a way to support multiple client certs/keys.
*) the front-end performs minimal validation of the back-end cert.
Self-signed certs are permitted, but the common name *must*
match the hostname used by the front-end. (The cert itself
should always use a fully qualified domain name (FDQN) in its
common name field.)
This means that
psql -h eris db
will fail, but
psql -h eris.example.com db
will succeed. At the current time this must be an exact match;
future patches may support any FQDN that resolves to the address
returned by getpeername(2).
Another common "problem" is expiring certs. For now, it may be
a good idea to use a very-long-lived self-signed cert.
As a compile-time option, the front-end can specify a file
containing valid root certificates, but it is not yet required.
*) the back-end performs minimal validation of the client cert.
It allows self-signed certs. It checks for expiration. It
supports a compile-time option specifying a file containing
valid root certificates.
*) both front- and back-ends default to TLSv1, not SSLv3/SSLv2.
*) both front- and back-ends support DSA keys. DSA keys are
moderately more expensive on startup, but many people consider
them preferable than RSA keys. (E.g., SSH2 prefers DSA keys.)
*) if /dev/urandom exists, both client and server will read 16k
of randomization data from it.
*) the server can read empheral DH parameters from the files
$DataDir/dh512.pem
$DataDir/dh1024.pem
$DataDir/dh2048.pem
$DataDir/dh4096.pem
if none are provided, the server will default to hardcoded
parameter files provided by the OpenSSL project.
Remaining tasks:
*) the select() clauses need to be revisited - the SSL abstraction
layer may need to absorb more of the current code to avoid rare
deadlock conditions. This also touches on a true solution to
the pg_eof() problem.
*) the SIGPIPE signal handler may need to be revisited.
*) support encrypted private keys.
*) sessions are not yet fully supported. (SSL sessions can span
multiple "connections," and allow the client and server to avoid
costly renegotiations.)
*) makecert - a script that creates back-end certs.
*) pgkeygen - a tool that creates front-end certs.
*) the whole protocol issue, SASL, etc.
*) certs are fully validated - valid root certs must be available.
This is a hassle, but it means that you *can* trust the identity
of the server.
*) the client library can handle hardcoded root certificates, to
avoid the need to copy these files.
*) host name of server cert must resolve to IP address, or be a
recognized alias. This is more liberal than the previous
iteration.
*) the number of bytes transferred is tracked, and the session
key is periodically renegotiated.
*) basic cert generation scripts (mkcert.sh, pgkeygen.sh). The
configuration files have reasonable defaults for each type
of use.
Bear Giles
are motivated by security concerns, it's not just bug fixes. The key
differences (from stock 7.2.1) are:
*) almost all code that directly uses the OpenSSL library is in two
new files,
src/interfaces/libpq/fe-ssl.c
src/backend/postmaster/be-ssl.c
in the long run, it would be nice to merge these two files.
*) the legacy code to read and write network data have been
encapsulated into read_SSL() and write_SSL(). These functions
should probably be renamed - they handle both SSL and non-SSL
cases.
the remaining code should eliminate the problems identified
earlier, albeit not very cleanly.
*) both front- and back-ends will send a SSL shutdown via the
new close_SSL() function. This is necessary for sessions to
work properly.
(Sessions are not yet fully supported, but by cleanly closing
the SSL connection instead of just sending a TCP FIN packet
other SSL tools will be much happier.)
*) The client certificate and key are now expected in a subdirectory
of the user's home directory. Specifically,
- the directory .postgresql must be owned by the user, and
allow no access by 'group' or 'other.'
- the file .postgresql/postgresql.crt must be a regular file
owned by the user.
- the file .postgresql/postgresql.key must be a regular file
owned by the user, and allow no access by 'group' or 'other'.
At the current time encrypted private keys are not supported.
There should also be a way to support multiple client certs/keys.
*) the front-end performs minimal validation of the back-end cert.
Self-signed certs are permitted, but the common name *must*
match the hostname used by the front-end. (The cert itself
should always use a fully qualified domain name (FDQN) in its
common name field.)
This means that
psql -h eris db
will fail, but
psql -h eris.example.com db
will succeed. At the current time this must be an exact match;
future patches may support any FQDN that resolves to the address
returned by getpeername(2).
Another common "problem" is expiring certs. For now, it may be
a good idea to use a very-long-lived self-signed cert.
As a compile-time option, the front-end can specify a file
containing valid root certificates, but it is not yet required.
*) the back-end performs minimal validation of the client cert.
It allows self-signed certs. It checks for expiration. It
supports a compile-time option specifying a file containing
valid root certificates.
*) both front- and back-ends default to TLSv1, not SSLv3/SSLv2.
*) both front- and back-ends support DSA keys. DSA keys are
moderately more expensive on startup, but many people consider
them preferable than RSA keys. (E.g., SSH2 prefers DSA keys.)
*) if /dev/urandom exists, both client and server will read 16k
of randomization data from it.
*) the server can read empheral DH parameters from the files
$DataDir/dh512.pem
$DataDir/dh1024.pem
$DataDir/dh2048.pem
$DataDir/dh4096.pem
if none are provided, the server will default to hardcoded
parameter files provided by the OpenSSL project.
Remaining tasks:
*) the select() clauses need to be revisited - the SSL abstraction
layer may need to absorb more of the current code to avoid rare
deadlock conditions. This also touches on a true solution to
the pg_eof() problem.
*) the SIGPIPE signal handler may need to be revisited.
*) support encrypted private keys.
*) sessions are not yet fully supported. (SSL sessions can span
multiple "connections," and allow the client and server to avoid
costly renegotiations.)
*) makecert - a script that creates back-end certs.
*) pgkeygen - a tool that creates front-end certs.
*) the whole protocol issue, SASL, etc.
*) certs are fully validated - valid root certs must be available.
This is a hassle, but it means that you *can* trust the identity
of the server.
*) the client library can handle hardcoded root certificates, to
avoid the need to copy these files.
*) host name of server cert must resolve to IP address, or be a
recognized alias. This is more liberal than the previous
iteration.
*) the number of bytes transferred is tracked, and the session
key is periodically renegotiated.
*) basic cert generation scripts (mkcert.sh, pgkeygen.sh). The
configuration files have reasonable defaults for each type
of use.
Bear Giles
> Changes to avoid collisions with WIN32 & MFC names...
> 1. Renamed:
> a. PROC => PGPROC
> b. GetUserName() => GetUserNameFromId()
> c. GetCurrentTime() => GetCurrentDateTime()
> d. IGNORE => IGNORE_DTF in include/utils/datetime.h & utils/adt/datetim
>
> 2. Added _P to some lex/yacc tokens:
> CONST, CHAR, DELETE, FLOAT, GROUP, IN, OUT
Jan
Allows you to set the loglevel at runtime by adding ?loglevel=X to the connection URL, where 1 = INFO and 2 = DEBUG.
Automatically turns on logging by calling DriverManager.setPrintWriter(new PrintWriter(System.out)) if one is not already set.
Adds a Driver.info() message that prints out the version number
Adds member variables logDebug and logInfo that can be checked before making logging methods calls
Adds a build number to the version number string. This build number will need to be manually incremented when we see fit.
----------------------------------------------------------------------
Modified Files:
org/postgresql/Connection.java org/postgresql/Driver.java.in
org/postgresql/fastpath/Fastpath.java
org/postgresql/jdbc1/DatabaseMetaData.java
org/postgresql/jdbc2/Connection.java
org/postgresql/jdbc2/DatabaseMetaData.java
org/postgresql/largeobject/LargeObjectManager.java
org/postgresql/util/PSQLException.java
org/postgresql/util/Serialize.java
----------------------------------------------------------------------
with the Cursor object's fetchmany() method. The API and
inline documentation state that the default is 1. It
currently defaults to 5.
Patrick Macdonald
2) Supprt ARD precision/scale and SQL_C_NUEMRIC.
3) Minimal implementation of SQLGetDiagField().
4) SQLRowCount() reports the result of SQLSetPos and SQLBulkOperation.
5) int8 -> SQL_NUMERIC for Microsoft Jet.
6) Support isolation level change.
7) ODBC3.0 SQLSTATE code.
8) Append mode log files.
GUC support. It's now possible to set datestyle, timezone, and
client_encoding from postgresql.conf and per-database or per-user
settings. Also, implement rollback of SET commands that occur in a
transaction that later fails. Create a SET LOCAL var = value syntax
that sets the variable only for the duration of the current transaction.
All per previous discussions in pghackers.
Barry Lind
Bruce Momjian
Peter Eisentraut
Tom Lane
Dave Cramer
Marc G. Fournier
Tatsuo Ishii
Hiroshi Inoue
Michael Meskes
Thomas G. Lockhart
Jan Wieck