not all SQL identifiers taken from command line arguments. We decided
years ago that that was a bad idea: identifiers taken from the command
line should be treated as literally correct. Remove the inconsistent
code that has crept in recently. Also fix pg_dump so that the combination
of --schema and --table does what you'd expect, namely dump exactly one
table from exactly one schema. Per gripe from Deepak Bhole of Red Hat.
some reading on the subject.
1) PostgreSQL uses ephemeral keying, for its connections (good thing)
2) PostgreSQL doesn't set the cipher list that it allows (bad thing,
fixed)
3) PostgreSQL's renegotiation code wasn't text book correct (could be
bad, fixed)
4) The rate of renegotiating was insanely low (as Tom pointed out, set
to a more reasonable level)
I haven't checked around much to see if there are any other SSL bits
that need some review, but I'm doing some OpenSSL work right now
and'll send patches for improvements along the way (if I find them).
At the very least, the changes in this patch will make security folks
happier for sure. The constant renegotiation of sessions was likely a
boon to systems that had bad entropy gathering means (read: Slowaris
/dev/rand|/dev/urand != ANDIrand). The new limit for renegotiations
is 512MB which should be much more reasonable.
Sean Chittenden
I'd placed the check for newly created matching pk rows for on update no
action earlier than it needed to be so that it'd check even when the key
values hadn't changed. This patch moves it to after checking for NULLs
in the old row and comparing the values since the select's probably more
expensive.
Stephan Szabo
protocol 3, then falls back to 2 if postmaster rejects the startup packet
with an old-format error message. A side benefit of the rewrite is that
SSL-encrypted connections can now be made without blocking. (I think,
anyway, but do not have a good way to test.)
catalog lookups when not in a transaction. This prevents bizarre
failures if someone tries to set a value for session_authorization in
postgresql.conf. Per report from Fernando Nasser.
extensions to support our historical behavior. An aggregate belongs
to the closest query level of any of the variables in its argument,
or the current query level if there are no variables (e.g., COUNT(*)).
The implementation involves adding an agglevelsup field to Aggref,
and treating outer aggregates like outer variables at planning time.
#define PG_ENCODING_BE_LAST PG_ISO_8859_8
#define PG_ENCODING_FE_LAST PG_WIN1256
but the last client encoding in the enum list is actually PG_GB18030 and
it seems that
#define PG_ENCODING_IS_CLIEN_ONLY(_enc) \
(((_enc) > PG_ENCODING_BE_LAST && (_enc) <= PG_ENCODING_FE_LAST)
can never be true.
I think the define should read
#define PG_ENCODING_FE_LAST PG_GB18030
On the other hand, perhaps no-one cares, because
PG_ENCODING_IS_CLIEN_ONLY is never used.
--
Oliver Elphick Oliver.Elphick@lfix.co.uk
when the plan is ReScanned, we don't have to rebuild the hash table
if there is no parameter change for its child node. This idea has
been used for a long time in Sort and Material nodes, but was not in
the hash code till now.
yy_fatal_error() call results in elog(ERROR) not exit(). This was
already fixed in the main lexer and plpgsql, but extend same technique
to all the other dot-l files. Also, on review of the possible calls
to yy_fatal_error(), it seems safe to use elog(ERROR) not elog(FATAL).
leave it for the kernel to do after the process dies. This allows clients
to wait for the backend to exit if they wish (after sending X message,
wait till EOF is detected on the socket).
progress, although all RTs pass using the V3 protocol on a 7.4 database and also pass using the V2 protocol on a 7.3 database.
SSL support is known not to work.
Modified Files:
jdbc/org/postgresql/PGConnection.java
jdbc/org/postgresql/errors.properties
jdbc/org/postgresql/core/BaseConnection.java
jdbc/org/postgresql/core/Encoding.java
jdbc/org/postgresql/core/Field.java
jdbc/org/postgresql/core/PGStream.java
jdbc/org/postgresql/core/QueryExecutor.java
jdbc/org/postgresql/core/StartupPacket.java
jdbc/org/postgresql/fastpath/Fastpath.java
jdbc/org/postgresql/fastpath/FastpathArg.java
jdbc/org/postgresql/jdbc1/AbstractJdbc1Connection.java
jdbc/org/postgresql/test/jdbc2/BlobTest.java
jdbc/org/postgresql/test/jdbc2/CallableStmtTest.java
jdbc/org/postgresql/test/jdbc2/MiscTest.java
jdbc/org/postgresql/test/jdbc3/Jdbc3TestSuite.java
introducing new 'FastList' list-construction subroutines to use in
hot spots. This avoids the O(N^2) behavior of repeated lappend's
by keeping a tail pointer, while not changing behavior by reversing
list order as the lcons() method would do.
of order; the 'server log' output is actually client output in these
scenarios and we ought to treat elevels the same way as in the client
case. This allows initdb to not send backend stderr to /dev/null anymore,
which makes it much more likely that people will notice problems during
initdb.
of an index can now be a computed expression instead of a simple variable.
Restrictions on expressions are the same as for predicates (only immutable
functions, no sub-selects). This fixes problems recently introduced with
inlining SQL functions, because the inlining transformation is applied to
both expression trees so the planner can still match them up. Along the
way, improve efficiency of handling index predicates (both predicates and
index expressions are now cached by the relcache) and fix 7.3 oversight
that didn't record dependencies of predicate expressions.