|
1 | | -<!-- $PostgreSQL: pgsql/doc/src/sgml/release-8.4.sgml,v 1.3 2009/05/11 09:11:41 mha Exp $ --> |
| 1 | +<!-- $PostgreSQL: pgsql/doc/src/sgml/release-8.4.sgml,v 1.4 2009/05/12 23:43:50 tgl Exp $ --> |
2 | 2 | <!-- See header comment in release.sgml about typical markup --> |
3 | 3 |
|
4 | 4 | <sect1 id="release-8-4"> |
5 | 5 | <title>Release 8.4</title> |
6 | 6 |
|
7 | 7 | <note> |
8 | 8 | <title>Release date</title> |
9 | | - <simpara>2009-??-??, ITEMS CURRENT AS OF 2009-04-08</simpara> |
| 9 | + <simpara>2009-??-??, ITEMS CURRENT AS OF 2009-05-11</simpara> |
10 | 10 | </note> |
11 | 11 |
|
12 | 12 | <sect2> |
|
184 | 184 | </para> |
185 | 185 | </listitem> |
186 | 186 |
|
| 187 | + <listitem> |
| 188 | + <para> |
| 189 | + Change default setting for <literal>max_prepared_transactions</> to |
| 190 | + zero (previously it was 5) (Tom) |
| 191 | + </para> |
| 192 | + </listitem> |
| 193 | + |
187 | 194 | <listitem> |
188 | 195 | <para> |
189 | 196 | Make <literal>debug_print_parse</>, <literal>debug_print_rewritten</>, |
|
704 | 711 | <title>Authentication and security</title> |
705 | 712 | <itemizedlist> |
706 | 713 |
|
707 | | - <listitem> |
708 | | - <para> |
709 | | - Report appropriate error message for combination of <literal>MD5</> |
710 | | - authentication and <varname>db_user_namespace</> enabled (Bruce) |
711 | | - </para> |
712 | | - </listitem> |
713 | | - |
714 | 714 | <listitem> |
715 | 715 | <para> |
716 | 716 | Remove support for the (insecure) <literal>crypt</> authentication method |
|
751 | 751 | commercial CAs. |
752 | 752 | </para> |
753 | 753 | </listitem> |
| 754 | + |
| 755 | + <listitem> |
| 756 | + <para> |
| 757 | + Report appropriate error message for combination of <literal>MD5</> |
| 758 | + authentication and <varname>db_user_namespace</> enabled (Bruce) |
| 759 | + </para> |
| 760 | + </listitem> |
754 | 761 | </itemizedlist> |
755 | 762 |
|
756 | 763 | </sect4> |
|
761 | 768 |
|
762 | 769 | <listitem> |
763 | 770 | <para> |
764 | | -Parse <filename>pg_hba.conf</> fully when it is loaded, |
765 | | -so that errors are reported immediately (Magnus) |
| 771 | +Change all authentication options to use <literal>name=value</> |
| 772 | +syntax (Magnus) |
766 | 773 | </para> |
767 | 774 |
|
768 | 775 | <para> |
769 | | - Previously, most errors in the file wouldn't be detected until clients |
770 | | - tried to connect, so an erroneous file could render the system |
771 | | - unusable. With the new behavior, if an error is detected during |
772 | | - reload then the bad file is rejected and the postmaster continues |
773 | | - to use its old copy. |
774 | | - </para> |
775 | | - </listitem> |
776 | | - |
777 | | - <listitem> |
778 | | - <para> |
779 | | - Show all parsing errors in <filename>pg_hba.conf</> instead of |
780 | | - aborting after the first one (Selena Deckelmann) |
| 776 | + This makes incompatible changes to the <literal>ldap</>, |
| 777 | + <literal>pam</> and <literal>ident</> authentication methods. All |
| 778 | + <filename>pg_hba.conf</> entries with these methods need to be |
| 779 | + rewritten using the new format. |
781 | 780 | </para> |
782 | 781 | </listitem> |
783 | 782 |
|
|
788 | 787 | </para> |
789 | 788 | </listitem> |
790 | 789 |
|
791 | | - <listitem> |
792 | | - <para> |
793 | | - Change all authentication options to use <literal>name=value</> |
794 | | - syntax (Magnus) |
795 | | - </para> |
796 | | - |
797 | | - <para> |
798 | | - This makes incompatible changes to the <literal>ldap</>, |
799 | | - <literal>pam</> and <literal>ident</> authentication methods. All |
800 | | - <filename>pg_hba.conf</> entries with these methods need to be |
801 | | - rewritten using the new format. |
802 | | - </para> |
803 | | - </listitem> |
804 | | - |
805 | 790 | <listitem> |
806 | 791 | <para> |
807 | 792 | Allow a usermap parameter for all external authentication methods |
|
864 | 849 | </para> |
865 | 850 | </listitem> |
866 | 851 |
|
| 852 | + <listitem> |
| 853 | + <para> |
| 854 | + Parse <filename>pg_hba.conf</> fully when it is loaded, |
| 855 | + so that errors are reported immediately (Magnus) |
| 856 | + </para> |
| 857 | + |
| 858 | + <para> |
| 859 | + Previously, most errors in the file wouldn't be detected until clients |
| 860 | + tried to connect, so an erroneous file could render the system |
| 861 | + unusable. With the new behavior, if an error is detected during |
| 862 | + reload then the bad file is rejected and the postmaster continues |
| 863 | + to use its old copy. |
| 864 | + </para> |
| 865 | + </listitem> |
| 866 | + |
| 867 | + <listitem> |
| 868 | + <para> |
| 869 | + Show all parsing errors in <filename>pg_hba.conf</> instead of |
| 870 | + aborting after the first one (Selena Deckelmann) |
| 871 | + </para> |
| 872 | + </listitem> |
| 873 | + |
867 | 874 | <listitem> |
868 | 875 | <para> |
869 | 876 | Support <literal>ident</> authentication over Unix-domain sockets |
|
1139 | 1146 | </para> |
1140 | 1147 | </listitem> |
1141 | 1148 |
|
| 1149 | + <listitem> |
| 1150 | + <para> |
| 1151 | + Reject <literal>\000</> in string literals and <command>COPY</> data |
| 1152 | + (Tom) |
| 1153 | + </para> |
| 1154 | + |
| 1155 | + <para> |
| 1156 | + Previously, this was accepted but had the effect of terminating |
| 1157 | + the string contents. |
| 1158 | + </para> |
| 1159 | + </listitem> |
| 1160 | + |
1142 | 1161 | <listitem> |
1143 | 1162 | <para> |
1144 | 1163 | Improve the parser's ability to report error locations (Tom) |
|
1463 | 1482 | <para> |
1464 | 1483 | Improve checks that the database encoding, collation |
1465 | 1484 | (<varname>LC_COLLATE</>), and character classes |
1466 | | - (<varname>LC_CTYPE</>) match (Heikki) |
| 1485 | + (<varname>LC_CTYPE</>) match (Heikki, Tom) |
| 1486 | + </para> |
| 1487 | + |
| 1488 | + <para> |
| 1489 | + Note in particular that a new database's encoding and locale |
| 1490 | + settings can be changed only when copying from <literal>template0</>. |
| 1491 | + This prevents possibly copying data that doesn't match the settings. |
1467 | 1492 | </para> |
1468 | 1493 | </listitem> |
1469 | 1494 |
|
|
2247 | 2272 | </para> |
2248 | 2273 | </listitem> |
2249 | 2274 |
|
| 2275 | + <listitem> |
| 2276 | + <para> |
| 2277 | + Make <command>EXIT</> without a label always exit the innermost |
| 2278 | + loop (Tom) |
| 2279 | + </para> |
| 2280 | + |
| 2281 | + <para> |
| 2282 | + Formerly, if there were a <literal>BEGIN</> block more closely nested |
| 2283 | + than any loop, it would exit that block instead. The new behavior |
| 2284 | + matches Oracle(TM) and is also what was previously stated by our own |
| 2285 | + documentation. |
| 2286 | + </para> |
| 2287 | + </listitem> |
| 2288 | + |
| 2289 | + <listitem> |
| 2290 | + <para> |
| 2291 | + Make processing of string literals and nested block comments |
| 2292 | + match the main SQL parser's processing (Tom) |
| 2293 | + </para> |
| 2294 | + </listitem> |
| 2295 | + |
2250 | 2296 | <listitem> |
2251 | 2297 | <para> |
2252 | 2298 | Avoid memory leakage when the same function is called at varying |
|
2467 | 2513 | </para> |
2468 | 2514 | </listitem> |
2469 | 2515 |
|
| 2516 | + <listitem> |
| 2517 | + <para> |
| 2518 | + Add a function type column to <command>\df</>'s output, and add |
| 2519 | + options to list only selected types of functions (David Fetter) |
| 2520 | + </para> |
| 2521 | + </listitem> |
| 2522 | + |
2470 | 2523 | <listitem> |
2471 | 2524 | <para> |
2472 | 2525 | Make <command>\df</> not hide functions that take or return |
|
2638 | 2691 |
|
2639 | 2692 | <listitem> |
2640 | 2693 | <para> |
2641 | | - Make Kerberos use the same method to determine the username of the |
2642 | | - client as all other authentication methods (Magnus) |
| 2694 | + Make Kerberosconnectionsuse the same method to determine the |
| 2695 | +username of theclient as all other authentication methods (Magnus) |
2643 | 2696 | </para> |
2644 | 2697 |
|
2645 | 2698 | <para> |
|
2666 | 2719 | and the name of the server when making <acronym>SSL</> |
2667 | 2720 | connections. If a root certificate is not available to use for |
2668 | 2721 | verification, <acronym>SSL</> connections will fail. The |
2669 | | - <literal>sslmode</> parameter is used to enable the certificate |
2670 | | - verification and set the level. |
2671 | | - </para> |
2672 | | - |
2673 | | - <para> |
| 2722 | + <literal>sslmode</> parameter is used to enable certificate |
| 2723 | + verification and set the level of checking. |
2674 | 2724 | The default is still not to do any verification, allowing connections |
2675 | | - to SSLenabled servers without requiring a root certificate on the |
| 2725 | + to SSL-enabled servers without requiring a root certificate on the |
2676 | 2726 | client. |
2677 | 2727 | </para> |
2678 | 2728 | </listitem> |
|
3013 | 3063 | </para> |
3014 | 3064 | </listitem> |
3015 | 3065 |
|
| 3066 | + <listitem> |
| 3067 | + <para> |
| 3068 | + Recover better if dynamically-loaded code executes <function>exit()</> |
| 3069 | + (Tom) |
| 3070 | + </para> |
| 3071 | + </listitem> |
| 3072 | + |
3016 | 3073 | <listitem> |
3017 | 3074 | <para> |
3018 | 3075 | Add a hook to let plug-ins monitor the executor (Itagaki |
|
3159 | 3216 | </para> |
3160 | 3217 | </listitem> |
3161 | 3218 |
|
| 3219 | + <listitem> |
| 3220 | + <para> |
| 3221 | + Make <filename>contrib/pgbench</> use table names |
| 3222 | + <structname>pgbench_accounts</>, <structname>pgbench_branches</>, |
| 3223 | + <structname>pgbench_history</>, and <structname>pgbench_tellers</>, |
| 3224 | + rather than just <structname>accounts</>, <structname>branches</>, |
| 3225 | + <structname>history</>, and <structname>tellers</> (Tom) |
| 3226 | + </para> |
| 3227 | + |
| 3228 | + <para> |
| 3229 | + This is to reduce the risk of accidentally destroying real data |
| 3230 | + by running <application>pgbench</>. |
| 3231 | + </para> |
| 3232 | + </listitem> |
| 3233 | + |
3162 | 3234 | <listitem> |
3163 | 3235 | <para> |
3164 | 3236 | Fix <filename>contrib/pgstattuple</> to handle tables and |
|