Heikki Linnakangas writes:
> On 30/04/2024 02:32, Tom Lane wrote:
>> A moderately large fraction of the buildfarm doesn't seem to
>> recognize SSL_AD_NO_APPLICATION_PROTOCOL.
> *sigh*. I checked that it exists on OpenSSL 1.1.1, but according to
> buildfarm it's not present on OpenSSL 1.0.2 or
Fix compilation on OpenSSL 1.0.2 and LibreSSL
SSL_AD_NO_APPLICATION_PROTOCOL was introduced in OpenSSL 1.1.0.
While we're at it, add a link to the related OpenSSL github issue to
the comment.
Per buildfarm and Tom Lane.
Discussion:
On 30/04/2024 02:32, Tom Lane wrote:
Heikki Linnakangas writes:
Reject SSL connection if ALPN is used but there's no common protocol
A moderately large fraction of the buildfarm doesn't seem to
recognize SSL_AD_NO_APPLICATION_PROTOCOL.
*sigh*. I checked that it exists on OpenSSL 1.1.1, but
David Rowley writes:
> On Tue, 30 Apr 2024 at 14:14, Tom Lane wrote:
>> Yeah, the affected buildfarm members seem still not happy.
> Isn't your latest fix adding COLLATE "C" to the wrong test?
Oh! No, it was definitely adjusting a test that needed it,
just not the only one :-(. Thanks for
Force COLLATE "C" to stabilize ordering, redux.
David Rowley correctly pointed out that I'd collat-ified only
one of the two troublesome queries. Definitely not my day.
Discussion:
https://postgr.es/m/caaphdvo8pmk5wwfaqwgzuq-xh+957w61io_oscp0ouzqcco...@mail.gmail.com
Branch
--
master
On Tue, 30 Apr 2024 at 14:14, Tom Lane wrote:
> Yeah, the affected buildfarm members seem still not happy.
Isn't your latest fix adding COLLATE "C" to the wrong test?
Crake is failing with [1]:
---
/home/andrew/bf/root/HEAD/pgsql/src/test/modules/test_pg_dump/expected/test_pg_dump.out
I wrote:
> I committed that suggestion, but I'm not sure it's enough to fix it,
> because if I do
> LANG=cs_CZ.utf8 make check
> then I still get variant output order. I tried about six different
> spellings of the query without improving matters, so I'm totally
> baffled. Have we managed
David Rowley writes:
> Still failing for me and [1].
> Maybe:
> SELECT pg_describe_object(classid,objid,objsubid) COLLATE "C" AS obj,
> Gets me the results in the expected order.
I committed that suggestion, but I'm not sure it's enough to fix it,
because if I do
LANG=cs_CZ.utf8 make
Force COLLATE "C" to stabilize ordering in new test_pg_dump queries.
Should have thought of the need for this.
(Local testing suggests that we may still not be out of the
woods, but certainly this much is needed.)
Per buildfarm and David Rowley.
Discussion:
David Rowley writes:
> Maybe:
> SELECT pg_describe_object(classid,objid,objsubid) COLLATE "C" AS obj,
Argh, I knew better than to not specify COLLATE "C".
This commit's feeling a little snakebit.
regards, tom lane
On Tue, 30 Apr 2024 at 12:23, Tom Lane wrote:
>
> Fix test case from b0c5b215d.
Still failing for me and [1].
Maybe:
SELECT pg_describe_object(classid,objid,objsubid) COLLATE "C" AS obj,
Gets me the results in the expected order.
David
[1]
Fix test case from b0c5b215d.
I'd not checked that this iteration of the test actually worked
with a bootstrap superuser not named 'postgres'. It didn't,
because the coercion rules for CASE caused us to try to cast
the 'postgres' literal to regrole. Mea culpa.
Per buildfarm (via Alexander
Alexander Korotkov writes:
> I just noticed that test_pg_dump checks don't pass for me. And for
> most of the buildfarm members too.
> You must be already aware of this, just in case.
D'oh. Should have actually checked that test with a non-'postgres'
superuser. Will fix in a few.
On Tue, Apr 30, 2024 at 2:26 AM Tom Lane wrote:
> Fix failure to track role dependencies of pg_init_privs entries.
I just noticed that test_pg_dump checks don't pass for me. And for
most of the buildfarm members too.
You must be already aware of this, just in case.
--
Regards,
Alexander
Allow meson builds to run test_pg_dump test in installcheck mode.
This had been disabled because the test "doesn't delete its user".
It doesn't seem like a great idea for the meson tests to act
differently from the makefile tests, though, and the makefiles
had no such exception (which is how come
Heikki Linnakangas writes:
> Reject SSL connection if ALPN is used but there's no common protocol
A moderately large fraction of the buildfarm doesn't seem to
recognize SSL_AD_NO_APPLICATION_PROTOCOL.
regards, tom lane
Fix failure to track role dependencies of pg_init_privs entries.
If an ACL recorded in pg_init_privs mentions a non-pinned role,
that reference must also be noted in pg_shdepend so that we know
that the role can't go away without removing the ACL reference.
Otherwise, DROP ROLE could succeed and
Avoid repeating loads of frozen ID values.
Repeating loads of inplace-updated fields tends to cause bugs like the
one from the previous commit. While there's no bug to fix in these code
sites, adopt the load-once style. This improves the chance of future
copy/paste finding the safe style.
Close race condition between datfrozen and relfrozen updates.
vac_update_datfrozenxid() did multiple loads of relfrozenxid and
relminmxid from buffer memory, and it assumed each would get the same
value. Not so if a concurrent vac_update_relstats() did an inplace
update. Commit
Close race condition between datfrozen and relfrozen updates.
vac_update_datfrozenxid() did multiple loads of relfrozenxid and
relminmxid from buffer memory, and it assumed each would get the same
value. Not so if a concurrent vac_update_relstats() did an inplace
update. Commit
Close race condition between datfrozen and relfrozen updates.
vac_update_datfrozenxid() did multiple loads of relfrozenxid and
relminmxid from buffer memory, and it assumed each would get the same
value. Not so if a concurrent vac_update_relstats() did an inplace
update. Commit
Close race condition between datfrozen and relfrozen updates.
vac_update_datfrozenxid() did multiple loads of relfrozenxid and
relminmxid from buffer memory, and it assumed each would get the same
value. Not so if a concurrent vac_update_relstats() did an inplace
update. Commit
Close race condition between datfrozen and relfrozen updates.
vac_update_datfrozenxid() did multiple loads of relfrozenxid and
relminmxid from buffer memory, and it assumed each would get the same
value. Not so if a concurrent vac_update_relstats() did an inplace
update. Commit
Close race condition between datfrozen and relfrozen updates.
vac_update_datfrozenxid() did multiple loads of relfrozenxid and
relminmxid from buffer memory, and it assumed each would get the same
value. Not so if a concurrent vac_update_relstats() did an inplace
update. Commit
libpq: Fix error messages when server rejects SSL or GSS
These messages were lost in commit 05fd30c0e7. Put them back.
This makes one change in the error message behavior compared to v16,
in the case that the server responds to GSSRequest with an error
instead of rejecting it with 'N'.
libpq: Enforce ALPN in direct SSL connections
ALPN is mandatory with direct SSL connections. That is documented, and
the server checks it, but libpq was missing the check.
Reported-by: Jacob Champion
Reviewed-by: Michael Paquier
Discussion:
Reject SSL connection if ALPN is used but there's no common protocol
If the client supports ALPN but tries to use some other protocol, like
HTTPS, reject the connection in the server. That is surely a confusion
of some sort. Furthermore, the ALPN RFC 7301 says:
> In the event that the server
Make two-phase tests of ECPG and main suite more concurrent-proof
The ECPG and main 2PC tests have been using rather-generic names for the
prepared transactions they generate. This commit switches the 2PC
transactions to use more complex GIDs, reducing the risk of naming
conflicts.
The main 2PC
libpq: If ALPN is not used, make PQsslAttribute(conn, "alpn") == ""
The documentation says that PQsslAttribute(conn, "alpn") returns an
empty string if ALPN is not used, but the code actually returned
NULL. Fix the code to match the documentation.
Reported-by: Michael Paquier
Discussion:
Revert "Add GUC backtrace_on_internal_error"
This reverts commit a740b213d4b4d3360ad0cac696e47e5ec0eb8864.
Subsequent discussion showed that there was interest in a more general
facility to configure when server log events would produce backtraces,
and this existing limited way couldn't be
30 matches
Mail list logo
