rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-09-08 03:29:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
d73d14c271
postgresql/src/backend/libpq
History
Tom Lane d73d14c271 Fix incorrect order of lock file removal and failure to close() sockets. 
Commit c9b0cbe98b accidentally broke the
order of operations during postmaster shutdown: it resulted in removing
the per-socket lockfiles after, not before, postmaster.pid.  This creates
a race-condition hazard for a new postmaster that's started immediately
after observing that postmaster.pid has disappeared; if it sees the
socket lockfile still present, it will quite properly refuse to start.
This error appears to be the explanation for at least some of the
intermittent buildfarm failures we've seen in the pg_upgrade test.

Another problem, which has been there all along, is that the postmaster
has never bothered to close() its listen sockets, but has just allowed them
to close at process death.  This creates a different race condition for an
incoming postmaster: it might be unable to bind to the desired listen
address because the old postmaster is still incumbent.  This might explain
some odd failures we've seen in the past, too.  (Note: this is not related
to the fact that individual backends don't close their client communication
sockets.  That behavior is intentional and is not changed by this patch.)

Fix by adding an on_proc_exit function that closes the postmaster's ports
explicitly, and (in 9.3 and up) reshuffling the responsibility for where
to unlink the Unix socket files.  Lock file unlinking can stay where it
is, but teach it to unlink the lock files in reverse order of creation.
2015-08-02 14:55:03 -04:00
..
auth.c pgindent run for 9.5 2015-05-23 21:35:49 -04:00
be-fsstubs.c Update copyright for 2015 2015-01-06 11:43:47 -05:00
be-secure-openssl.c Remove ssl renegotiation support. 2015-07-28 22:06:31 +02:00
be-secure.c Remove ssl renegotiation support. 2015-07-28 22:06:31 +02:00
crypt.c Don't allow immediate interrupts during authentication anymore. 2015-02-03 22:54:48 +01:00
hba.c Don't leave pg_hba and pg_ident data lying around in running backends. 2015-07-01 18:55:39 -04:00
ip.c Remove code to match IPv4 pg_hba.conf entries to IPv4-in-IPv6 addresses. 2015-02-17 12:49:18 -05:00
Makefile Support frontend-backend protocol communication using a shm_mq. 2014-10-31 12:02:40 -04:00
md5.c Update copyright for 2015 2015-01-06 11:43:47 -05:00
pg_hba.conf.sample Remove support for native krb5 authentication 2014-01-19 17:05:01 +01:00
pg_ident.conf.sample Reformat the comments in pg_hba.conf and pg_ident.conf 2010-01-26 06:58:39 +00:00
pqcomm.c Fix incorrect order of lock file removal and failure to close() sockets. 2015-08-02 14:55:03 -04:00
pqformat.c Update copyright for 2015 2015-01-06 11:43:47 -05:00
pqmq.c pgindent run for 9.5 2015-05-23 21:35:49 -04:00
pqsignal.c Update copyright for 2015 2015-01-06 11:43:47 -05:00
README.SSL Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00

README.SSL 

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup





>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------