upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-04-28 09:38:27 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/backend/libpq
History
Tom Lane 7753ca49d3 In the postmaster, rely on the signal infrastructure to block signals. 
POSIX sigaction(2) can be told to block a set of signals while a
signal handler executes.  Make use of that instead of manually
blocking and unblocking signals in the postmaster's signal handlers.
This should save a few cycles, but more importantly it prevents
recursive invocation of signal handlers when many signals arrive in
close succession.  (Assuming that the platform's signal infrastructure
is designed to avoid consuming stack space in that case, but this is
demonstrably true at least on Linux.)  The existing code has been seen
to recurse to the point of stack overflow, either in the postmaster
or in a forked-off child.

Back-patch of commit 9abb2bfc0.  At the time, we'd only seen excess
postmaster stack consumption in the buildfarm; but we now have a
user report of it, and that commit has aged enough to have a fair
amount of confidence that it doesn't break anything.

This still doesn't change anything about the way that it works on
Windows.  Perhaps someone else would like to fix that?

Per bug #16673 from David Geier.  Back-patch to 9.6.  Although
the problem exists in principle before that, we've only seen it
actually materialize in connection with heavy use of parallel
workers, so it doesn't seem necessary to do anything in 9.5;
and the relevant code is different there, too.

Discussion: https://postgr.es/m/16673-d278c604f8e34ec0@postgresql.org
Discussion: https://postgr.es/m/14878.1570820201@sss.pgh.pa.us
2020-10-15 12:50:57 -04:00
..
auth.c Avoid logging complaints about abandoned connections when using PAM. 2019-11-05 14:27:37 -05:00
be-fsstubs.c Fix saving and restoring umask 2017-09-23 10:03:36 -04:00
be-secure-openssl.c Disallow SSL session tickets. 2017-08-04 11:07:10 -04:00
be-secure.c Server-side fix for delayed NOTIFY and SIGTERM processing. 2018-10-19 21:39:22 -04:00
crypt.c Don't allow logging in with empty password. 2017-08-07 17:03:49 +03:00
hba.c Fix some null pointer dereferences in LDAP auth code 2017-11-10 14:29:13 -05:00
ip.c Clean up assorted misuses of snprintf()'s result value. 2018-08-15 16:29:32 -04:00
Makefile Support frontend-backend protocol communication using a shm_mq. 2014-10-31 12:02:40 -04:00
md5.c Update copyright for 2016 2016-01-02 13:33:40 -05:00
pg_hba.conf.sample Remove support for native krb5 authentication 2014-01-19 17:05:01 +01:00
pg_ident.conf.sample Reformat the comments in pg_hba.conf and pg_ident.conf 2010-01-26 06:58:39 +00:00
pqcomm.c Second try at fixing tcp_keepalives_idle option on Solaris. 2017-06-28 12:30:16 -04:00
pqformat.c Fix several mistakes around parallel workers and client_encoding. 2016-06-30 18:35:32 -04:00
pqmq.c Add a nonlocalized version of the severity field to client error messages. 2016-08-26 16:20:24 -04:00
pqsignal.c In the postmaster, rely on the signal infrastructure to block signals. 2020-10-15 12:50:57 -04:00
README.SSL Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00

README.SSL 

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup





>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------