Re: [DOCS] Will PQregisterThreadLock() be documented?

2005-10-24 Thread Bruce Momjian 
Tom Lane wrote:
> Volkan YAZICI <[EMAIL PROTECTED]> writes:
> > Revision 1.269: Wed Mar 24 03:44:59 2004 UTC by momjian
> > Branches: MAIN
> > ] Add thread locking to SSL and Kerberos connections.
> > ]
> > ] I have removed the docs mentioning that SSL and Kerberos are not
> > ] thread-safe.
> > ]
> > ] Manfred Spraul
> 
> I note that PQinitSSL is likewise documentation-free.
> 
> Also, neither one of these two routines is listed in exports.txt,
> meaning that Windows users are physically unable to call them
> even if they knew they existed :-(

I have applied the following patch to document PQinitSSL() and
PQregisterThreadLock().

I also remove the crypt() mention in the libpq threading section and
added a single sentence in the client-auth manual page under crypt(). 
Crypt authentication is so old now that a separate paragraph about it
seemed unwise.

I also added a comment about our use of locking around pqGetpwuid().

-- 
  Bruce Momjian|  http://candle.pha.pa.us
  [email protected]   |  (610) 359-1001
  +  If your life is a hard drive, |  13 Roberts Road
  +  Christ can be your backup.|  Newtown Square, Pennsylvania 19073
Index: doc/src/sgml/client-auth.sgml
===
RCS file: /cvsroot/pgsql/doc/src/sgml/client-auth.sgml,v
retrieving revision 1.83
diff -c -c -r1.83 client-auth.sgml
*** doc/src/sgml/client-auth.sgml   14 Aug 2005 23:35:37 -  1.83
--- doc/src/sgml/client-auth.sgml   24 Oct 2005 15:30:13 -
***
*** 337,342 
--- 337,343 
authentication.
Since the password is sent in clear text over the
network, this should not be used on untrusted networks.
+   It also does not usually work with threaded client applications.
See  for details.
   
  
Index: doc/src/sgml/libpq.sgml
===
RCS file: /cvsroot/pgsql/doc/src/sgml/libpq.sgml,v
retrieving revision 1.196
diff -c -c -r1.196 libpq.sgml
*** doc/src/sgml/libpq.sgml 20 Oct 2005 23:57:51 -  1.196
--- doc/src/sgml/libpq.sgml 24 Oct 2005 15:30:15 -
***
*** 4032,4037 
--- 4032,4046 
 fail if the server does not present a certificate; therefore, to
 use this feature the server must also have a root.crt file.

+ 
+   
+If you are using SSL inside your application (in addition to
+inside libpq), you can use 
PQinitSSL(int)
+to tell libpq that the SSL library
+has already been initialized by your application.
+   
+ 
+ 
  
  
  
***
*** 4081,4092 
  
  
  
! libpq applications that use the
! crypt authentication method rely on the
! crypt() operating system function, which is often
! not thread-safe.cryptthread
! safety It is better to use the md5 method,
! which is thread-safe on all platforms.
  
  
  
--- 4090,4101 
  
  
  
! If you are using Kerberos inside your application (in addition to inside 
! libpq), you will need to do locking around 
! Kerberos calls because Kerberos functions are not thread-safe.  See 
! function PQregisterThreadLock in the 
! libpq source code for a way to do cooperative 
! locking between libpq and your application.
  
  
  
Index: src/interfaces/libpq/fe-auth.c
===
RCS file: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v
retrieving revision 1.106
diff -c -c -r1.106 fe-auth.c
*** src/interfaces/libpq/fe-auth.c  17 Oct 2005 16:24:20 -  1.106
--- src/interfaces/libpq/fe-auth.c  24 Oct 2005 15:30:16 -
***
*** 500,505 
--- 500,515 
struct passwd *pw = NULL;
  #endif
  
+   /*
+*  pglock_thread() really only needs to be called around
+*  pg_krb5_authname(), but some users are using configure
+*  --enable-thread-safety-force, so we might as well do
+*  the locking within our library to protect pqGetpwuid().
+*  In fact, application developers can use getpwuid()
+*  in their application if they use the locking call we
+*  provide, or install their own locking function using
+*  PQregisterThreadLock().
+*/
pglock_thread();
  
  #ifdef KRB5
Index: src/interfaces/libpq/fe-secure.c
===
RCS file: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v
retrieving revision 1.72
diff -c -c -r1.72 fe-secure.c
*** src/interfaces/libpq/fe-secure.c15 Oct 2005 02:49:48 -  1.72
--- src/interfaces/libpq/fe-secure.c24 Oct 2005 15:30:17 -
***
*** 220,227 
  
  
  /*
!  * Exported (but as yet undocumented) function to allow application to
!  * tell us it's already initialized OpenSSL.
   */
  void
  PQinitSSL(int do_init)
--- 220,227 
  
  
  /*
!  *Exported fun

Re: [DOCS] [PATCHES] Caveat for Domains

2005-10-24 Thread Bruce Momjian 
David Fetter wrote:
> On Thu, Sep 22, 2005 at 07:57:35PM -0400, Bruce Momjian wrote:
> 
> > Patch applied.  Thanks.
> 
> Could you please put fixing domains for functions on the TODO list?

Added to TODO:


* Allow user-defined functions retuning a domain value to enforce domain
  constraints

---


> 
> Cheers,
> D
> 
> > 
> > ---
> > 
> > 
> > David Fetter wrote:
> > > Folks,
> > > 
> > > I think this needs to be made explicit in the documentation.  Better,
> > > of course, would be some kind of change to the PL infrastructure that
> > > Just Handles It, but until then
> > > 
> > > Cheers,
> > > D
> > > -- 
> > > David Fetter [EMAIL PROTECTED] http://fetter.org/
> > > phone: +1 510 893 6100   mobile: +1 415 235 3778
> > > 
> > > Remember to vote!
> > 
> > [ Attachment, skipping... ]
> > 
> > > 
> > > ---(end of broadcast)---
> > > TIP 6: explain analyze is your friend
> > 
> > -- 
> >   Bruce Momjian|  http://candle.pha.pa.us
> >   [email protected]   |  (610) 359-1001
> >   +  If your life is a hard drive, |  13 Roberts Road
> >   +  Christ can be your backup.|  Newtown Square, Pennsylvania 19073
> > 
> > ---(end of broadcast)---
> > TIP 6: explain analyze is your friend
> 
> -- 
> David Fetter [EMAIL PROTECTED] http://fetter.org/
> phone: +1 510 893 6100   mobile: +1 415 235 3778
> 
> Remember to vote!
> 
> ---(end of broadcast)---
> TIP 6: explain analyze is your friend
> 

-- 
  Bruce Momjian|  http://candle.pha.pa.us
  [email protected]   |  (610) 359-1001
  +  If your life is a hard drive, |  13 Roberts Road
  +  Christ can be your backup.|  Newtown Square, Pennsylvania 19073

---(end of broadcast)---
TIP 3: Have you checked our extensive FAQ?

   http://www.postgresql.org/docs/faq

Re: [DOCS] Multicolumn index doc out of date?

2005-10-24 Thread Teodor Sigaev 



Tom Lane wrote:

[ getting back to this documentation issue finally ]

Teodor Sigaev <[EMAIL PROTECTED]> writes:

I disagree with last affirmation: inner pages of index contains fair union of 
keys and enough helpful to select. Mailware ( http://www.pgsql.ru/db/mw ) 
sucsessfully use combined GiST index (date, tsvector) for searching.



GiST's split algorithm is good for unique leading keys, not so bad for small 
number of non-unique values and bad for all equals leading key. But "bad" means 
that itsn't optimal as picksplit for other keys may be. If there is several keys 
which can be moved on left or right page without changing union of first key for 
each page then GiST try put its on page (left or right) with smallest penalty 
calculated by other keys. This algorithm is very similar to defining page to put 
tuple with normal processing (without page split).



With unique leading key GiST's split is fully similar to BTree - it looks only 
at leading key, but gistchoose isn't. Gistchoose (gistutil.c:622) chooses child 
with smallest penalty and it looks to other keys if several leading keys has the 
same penalty. In a GiST tree different keys may have the same penalty value with 
new key.



OK, how about this text then?

   A multicolumn GiST index can only be used when there is a query condition
   on its leading column.  Conditions on additional columns restrict the
   entries returned by the index, but the condition on the first column is the
   most important one for determining how much of the index needs to be
   scanned.  A GiST index will be relatively ineffective if its first column
   has only a few distinct values, even if there are many distinct values in
   additional columns.


Ok, I think.

--
Teodor Sigaev   E-mail: [EMAIL PROTECTED]
   WWW: http://www.sigaev.ru/

---(end of broadcast)---
TIP 1: if posting/reading through Usenet, please send an appropriate
  subscribe-nomail command to [EMAIL PROTECTED] so that your
  message can get through to the mailing list cleanly