Commitedbb359

authored

Merge branch 'postgres:master' into master

2 parentscb31df4 +44ce4e1 commitedbb359Copy full SHA for edbb359

File tree

8 files changed

+189

-29

lines changed

doc/src/sgml
- release-18.sgml
src
- backend
  - postmaster
    - autovacuum.c
  - utils/mmgr
    - alignedalloc.c
- interfaces
  - libpq
    - Makefile
    - fe-auth-oauth.c
  - libpq-oauth
    - oauth-curl.c
- test/modules/oauth_validator/t
  - 001_server.pl
  - oauth_server.py

8 files changed

+189

-29

lines changed

`‎doc/src/sgml/release-18.sgml`

Lines changed: 22 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -6,7 +6,7 @@`
`6`	`6`
`7`	`7`	`<formalpara>`
`8`	`8`	`<title>Release date:</title>`
`9`		`- <para>2025-??-??, CURRENT AS OF 2025-05-01</para>`
	`9`	`+ <para>2025-??-??, CURRENT AS OF 2025-05-23</para>`
`10`	`10`	`</formalpara>`
`11`	`11`
`12`	`12`	`<sect2 id="release-18-highlights">`
`@@ -469,8 +469,8 @@ Allow skip scans of btree indexes (Peter Geoghegan)`
`469`	`469`	`</para>`
`470`	`470`
`471`	`471`	`<para>`
`472`		`-This allowsmuti-column btree indexes to be used by queries that only`
`473`		`-reference the second or later indexed columns.`
	`472`	`+This allowsmulti-column btree indexes to be used by queries that only`
	`473`	`+equality-reference the second or later indexed columns.`
`474`	`474`	`</para>`
`475`	`475`	`</listitem>`
`476`	`476`
`@@ -1212,12 +1212,15 @@ This is useful for operating system configuration.`
`1212`	`1212`	`<!--`
`1213`	`1213`	`Author: Peter Eisentraut <peter@eisentraut.org>`
`1214`	`1214`	`2025-03-19 [4f7f7b037] extension_control_path`
	`1215`	`+Author: Peter Eisentraut <peter@eisentraut.org>`
	`1216`	`+2025-05-02 [81eaaa2c4] Make "directory" setting work with extension_control_pat`
`1215`	`1217`	`-->`
`1216`	`1218`
`1217`	`1219`	`<listitem>`
`1218`	`1220`	`<para>`
`1219`	`1221`	`Add server variable extension_control_path to specify the location of extension control files (Peter Eisentraut, Matheus Alcantara)`
`1220`	`1222`	`<ulink url="&commit_baseurl;4f7f7b037">§</ulink>`
	`1223`	`+<ulink url="&commit_baseurl;81eaaa2c4">§</ulink>`
`1221`	`1224`	`</para>`
`1222`	`1225`	`</listitem>`
`1223`	`1226`
`@@ -2582,12 +2585,15 @@ Add pg_dump options --with-schema, --with-data, and --with-statistics (Jeff Davi`
`2582`	`2585`	`<!--`
`2583`	`2586`	`Author: Nathan Bossart <nathan@postgresql.org>`
`2584`	`2587`	`2025-03-25 [9c49f0e8c] pg_dump: Add - -sequence-data.`
	`2588`	`+Author: Nathan Bossart <nathan@postgresql.org>`
	`2589`	`+2025-05-07 [acea3fc49] pg_dumpall: Add - -sequence-data.`
`2585`	`2590`	`-->`
`2586`	`2591`
`2587`	`2592`	`<listitem>`
`2588`	`2593`	`<para>`
`2589`		`-Add pg_dump option --sequence-data to dump sequence data that would normally be excluded (Nathan Bossart)`
	`2594`	`+Add pg_dumpand pg_dumpalloption --sequence-data to dump sequence data that would normally be excluded (Nathan Bossart)`
`2590`	`2595`	`<ulink url="&commit_baseurl;9c49f0e8c">§</ulink>`
	`2596`	`+<ulink url="&commit_baseurl;acea3fc49">§</ulink>`
`2591`	`2597`	`</para>`
`2592`	`2598`	`</listitem>`
`2593`	`2599`
`@@ -2833,6 +2839,18 @@ Injection points can now be created, but not run, via INJECTION_POINT_LOAD(), an`
`2833`	`2839`	`</para>`
`2834`	`2840`	`</listitem>`
`2835`	`2841`
	`2842`	`+<!--`
	`2843`	`+Author: Michael Paquier <michael@paquier.xyz>`
	`2844`	`+2025-05-10 [371f2db8b] Add support for runtime arguments in injection points`
	`2845`	`+-->`
	`2846`	`+`
	`2847`	`+<listitem>`
	`2848`	`+<para>`
	`2849`	`+Support runtime arguments in injection points (Michael Paquier)`
	`2850`	`+<ulink url="&commit_baseurl;371f2db8b">§</ulink>`
	`2851`	`+</para>`
	`2852`	`+</listitem>`
	`2853`	`+`
`2836`	`2854`	`<!--`
`2837`	`2855`	`Author: Heikki Linnakangas <heikki.linnakangas@iki.fi>`
`2838`	`2856`	`2024-07-26 [20e0e7da9] Add test for early backend startup errors`

`‎src/backend/postmaster/autovacuum.c`

Lines changed: 40 additions & 10 deletions

Original file line number	Diff line number	Diff line change
`@@ -2073,6 +2073,12 @@ do_autovacuum(void)`
`2073`	`2073`	`}`
`2074`	`2074`	`}`
`2075`	`2075`	`}`
	`2076`	`+`
	`2077`	`+/* Release stuff to avoid per-relation leakage */`
	`2078`	`+if (relopts)`
	`2079`	`+pfree(relopts);`
	`2080`	`+if (tabentry)`
	`2081`	`+pfree(tabentry);`
`2076`	`2082`	`}`
`2077`	`2083`
`2078`	`2084`	`table_endscan(relScan);`
`@@ -2089,7 +2095,8 @@ do_autovacuum(void)`
`2089`	`2095`	`Form_pg_classclassForm= (Form_pg_class)GETSTRUCT(tuple);`
`2090`	`2096`	`PgStat_StatTabEntry*tabentry;`
`2091`	`2097`	`Oidrelid;`
`2092`		`-AutoVacOpts*relopts=NULL;`
	`2098`	`+AutoVacOpts*relopts;`
	`2099`	`+boolfree_relopts= false;`
`2093`	`2100`	`booldovacuum;`
`2094`	`2101`	`booldoanalyze;`
`2095`	`2102`	`boolwraparound;`
`@@ -2107,7 +2114,9 @@ do_autovacuum(void)`
`2107`	`2114`	`* main rel`
`2108`	`2115`	`*/`
`2109`	`2116`	`relopts=extract_autovac_opts(tuple,pg_class_desc);`
`2110`		`-if (relopts==NULL)`
	`2117`	`+if (relopts)`
	`2118`	`+free_relopts= true;`
	`2119`	`+else`
`2111`	`2120`	`{`
`2112`	`2121`	`av_relation*hentry;`
`2113`	`2122`	`boolfound;`
`@@ -2128,6 +2137,12 @@ do_autovacuum(void)`
`2128`	`2137`	`/* ignore analyze for toast tables */`
`2129`	`2138`	`if (dovacuum)`
`2130`	`2139`	`table_oids=lappend_oid(table_oids,relid);`
	`2140`	`+`
	`2141`	`+/* Release stuff to avoid leakage */`
	`2142`	`+if (free_relopts)`
	`2143`	`+pfree(relopts);`
	`2144`	`+if (tabentry)`
	`2145`	`+pfree(tabentry);`
`2131`	`2146`	`}`
`2132`	`2147`
`2133`	`2148`	`table_endscan(relScan);`
`@@ -2499,6 +2514,8 @@ do_autovacuum(void)`
`2499`	`2514`	`pg_atomic_test_set_flag(&MyWorkerInfo->wi_dobalance);`
`2500`	`2515`	`}`
`2501`	`2516`
	`2517`	`+list_free(table_oids);`
	`2518`	`+`
`2502`	`2519`	`/*`
`2503`	`2520`	`* Perform additional work items, as requested by backends.`
`2504`	`2521`	`*/`
`@@ -2680,8 +2697,8 @@ perform_work_item(AutoVacuumWorkItem *workitem)`
`2680`	`2697`	`/*`
`2681`	`2698`	`* extract_autovac_opts`
`2682`	`2699`	`*`
`2683`		`- * Given a relation's pg_class tuple, returnthe AutoVacOpts portion of`
`2684`		`- * reloptions, if set; otherwise, return NULL.`
	`2700`	`+ * Given a relation's pg_class tuple, returna palloc'd copy of the`
	`2701`	`+ *AutoVacOpts portion ofreloptions, if set; otherwise, return NULL.`
`2685`	`2702`	`*`
`2686`	`2703`	`* Note: callers do not have a relation lock on the table at this point,`
`2687`	`2704`	`* so the table could have been dropped, and its catalog rows gone, after`
`@@ -2730,6 +2747,7 @@ table_recheck_autovac(Oid relid, HTAB *table_toast_map,`
`2730`	`2747`	`autovac_table*tab=NULL;`
`2731`	`2748`	`boolwraparound;`
`2732`	`2749`	`AutoVacOpts*avopts;`
	`2750`	`+boolfree_avopts= false;`
`2733`	`2751`
`2734`	`2752`	`/* fetch the relation's relcache entry */`
`2735`	`2753`	`classTup=SearchSysCacheCopy1(RELOID,ObjectIdGetDatum(relid));`
`@@ -2742,8 +2760,10 @@ table_recheck_autovac(Oid relid, HTAB *table_toast_map,`
`2742`	`2760`	`* main table reloptions if the toast table itself doesn't have.`
`2743`	`2761`	`*/`
`2744`	`2762`	`avopts=extract_autovac_opts(classTup,pg_class_desc);`
`2745`		`-if (classForm->relkind==RELKIND_TOASTVALUE&&`
`2746`		`-avopts==NULL&&table_toast_map!=NULL)`
	`2763`	`+if (avopts)`
	`2764`	`+free_avopts= true;`
	`2765`	`+elseif (classForm->relkind==RELKIND_TOASTVALUE&&`
	`2766`	`+table_toast_map!=NULL)`
`2747`	`2767`	`{`
`2748`	`2768`	`av_relation*hentry;`
`2749`	`2769`	`boolfound;`
`@@ -2852,6 +2872,8 @@ table_recheck_autovac(Oid relid, HTAB *table_toast_map,`
`2852`	`2872`	`avopts->vacuum_cost_delay >=0));`
`2853`	`2873`	`}`
`2854`	`2874`
	`2875`	`+if (free_avopts)`
	`2876`	`+pfree(avopts);`
`2855`	`2877`	`heap_freetuple(classTup);`
`2856`	`2878`	`returntab;`
`2857`	`2879`	`}`
`@@ -2883,6 +2905,10 @@ recheck_relation_needs_vacanalyze(Oid relid,`
`2883`	`2905`	`effective_multixact_freeze_max_age,`
`2884`	`2906`	`dovacuum,doanalyze,wraparound);`
`2885`	`2907`
	`2908`	`+/* Release tabentry to avoid leakage */`
	`2909`	`+if (tabentry)`
	`2910`	`+pfree(tabentry);`
	`2911`	`+`
`2886`	`2912`	`/* ignore ANALYZE for toast tables */`
`2887`	`2913`	`if (classForm->relkind==RELKIND_TOASTVALUE)`
`2888`	`2914`	`*doanalyze= false;`
`@@ -3140,18 +3166,22 @@ autovacuum_do_vac_analyze(autovac_table *tab, BufferAccessStrategy bstrategy)`
`3140`	`3166`	`VacuumRelation*rel;`
`3141`	`3167`	`List*rel_list;`
`3142`	`3168`	`MemoryContextvac_context;`
	`3169`	`+MemoryContextold_context;`
`3143`	`3170`
`3144`	`3171`	`/* Let pgstat know what we're doing */`
`3145`	`3172`	`autovac_report_activity(tab);`
`3146`	`3173`
	`3174`	`+/* Create a context that vacuum() can use as cross-transaction storage */`
	`3175`	`+vac_context=AllocSetContextCreate(CurrentMemoryContext,`
	`3176`	`+"Vacuum",`
	`3177`	`+ALLOCSET_DEFAULT_SIZES);`
	`3178`	`+`
`3147`	`3179`	`/* Set up one VacuumRelation target, identified by OID, for vacuum() */`
	`3180`	`+old_context=MemoryContextSwitchTo(vac_context);`
`3148`	`3181`	`rangevar=makeRangeVar(tab->at_nspname,tab->at_relname,-1);`
`3149`	`3182`	`rel=makeVacuumRelation(rangevar,tab->at_relid,NIL);`
`3150`	`3183`	`rel_list=list_make1(rel);`
`3151`		`-`
`3152`		`-vac_context=AllocSetContextCreate(CurrentMemoryContext,`
`3153`		`-"Vacuum",`
`3154`		`-ALLOCSET_DEFAULT_SIZES);`
	`3184`	`+MemoryContextSwitchTo(old_context);`
`3155`	`3185`
`3156`	`3186`	`vacuum(rel_list,&tab->at_params,bstrategy,vac_context, true);`
`3157`	`3187`

`‎src/backend/utils/mmgr/alignedalloc.c`

Lines changed: 22 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -45,6 +45,7 @@ AlignedAllocFree(void *pointer)`
`45`	`45`	`GetMemoryChunkContext(unaligned)->name,chunk);`
`46`	`46`	`#endif`
`47`	`47`
	`48`	`+/* Recursively pfree the unaligned chunk */`
`48`	`49`	`pfree(unaligned);`
`49`	`50`	`}`
`50`	`51`
`@@ -96,18 +97,32 @@ AlignedAllocRealloc(void *pointer, Size size, int flags)`
`96`	`97`	`Assert(old_size >=redirchunk->requested_size);`
`97`	`98`	`#endif`
`98`	`99`
	`100`	`+/*`
	`101`	`+ * To keep things simple, we always allocate a new aligned chunk and copy`
	`102`	`+ * data into it. Because of the above inaccuracy, this may end in copying`
	`103`	`+ * more data than was in the original allocation request size, but that`
	`104`	`+ * should be OK.`
	`105`	`+ */`
`99`	`106`	`ctx=GetMemoryChunkContext(unaligned);`
`100`	`107`	`newptr=MemoryContextAllocAligned(ctx,size,alignto,flags);`
`101`	`108`
`102`		`-/*`
`103`		`- * We may memcpy beyond the end of the original allocation request size,`
`104`		`- * so we must mark the entire allocation as defined.`
`105`		`- */`
`106`		`-if (likely(newptr!=NULL))`
	`109`	`+/* Cope cleanly with OOM */`
	`110`	`+if (unlikely(newptr==NULL))`
`107`	`111`	`{`
`108`		`-VALGRIND_MAKE_MEM_DEFINED(pointer,old_size);`
`109`		`-memcpy(newptr,pointer,Min(size,old_size));`
	`112`	`+VALGRIND_MAKE_MEM_NOACCESS(redirchunk,sizeof(MemoryChunk));`
	`113`	`+returnMemoryContextAllocationFailure(ctx,size,flags);`
`110`	`114`	`}`
	`115`	`+`
	`116`	`+/*`
	`117`	`+ * We may memcpy more than the original allocation request size, which`
	`118`	`+ * would result in trying to copy trailing bytes that the original`
	`119`	`+ * MemoryContextAllocAligned call marked NOACCESS. So we must mark the`
	`120`	`+ * entire old_size as defined. That's slightly annoying, but probably not`
	`121`	`+ * worth improving.`
	`122`	`+ */`
	`123`	`+VALGRIND_MAKE_MEM_DEFINED(pointer,old_size);`
	`124`	`+memcpy(newptr,pointer,Min(size,old_size));`
	`125`	`+`
`111`	`126`	`pfree(unaligned);`
`112`	`127`
`113`	`128`	`returnnewptr;`

`‎src/interfaces/libpq-oauth/oauth-curl.c`

Lines changed: 26 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -82,6 +82,20 @@`
`82`	`82`	`*/`
`83`	`83`	`#defineMAX_OAUTH_RESPONSE_SIZE (256 * 1024)`
`84`	`84`
	`85`	`+/*`
	`86`	`+ * Similarly, a limit on the maximum JSON nesting level keeps a server from`
	`87`	`+ * running us out of stack space. A common nesting level in practice is 2 (for a`
	`88`	`+ * top-level object containing arrays of strings). As of May 2025, the maximum`
	`89`	`+ * depth for standard server metadata appears to be 6, if the document contains`
	`90`	`+ * a full JSON Web Key Set in its "jwks" parameter.`
	`91`	`+ *`
	`92`	`+ * Since it's easy to nest JSON, and the number of parameters and key types`
	`93`	`+ * keeps growing, take a healthy buffer of 16. (If this ever proves to be a`
	`94`	`+ * problem in practice, we may want to switch over to the incremental JSON`
	`95`	`+ * parser instead of playing with this parameter.)`
	`96`	`+ */`
	`97`	`+#defineMAX_OAUTH_NESTING_LEVEL 16`
	`98`	`+`
`85`	`99`	`/*`
`86`	`100`	`* Parsed JSON Representations`
`87`	`101`	`*`
`@@ -495,6 +509,12 @@ oauth_json_object_start(void *state)`
`495`	`509`	`}`
`496`	`510`
`497`	`511`	`++ctx->nested;`
	`512`	`+if (ctx->nested>MAX_OAUTH_NESTING_LEVEL)`
	`513`	`+{`
	`514`	`+oauth_parse_set_error(ctx,"JSON is too deeply nested");`
	`515`	`+returnJSON_SEM_ACTION_FAILED;`
	`516`	`+}`
	`517`	`+`
`498`	`518`	`returnJSON_SUCCESS;`
`499`	`519`	`}`
`500`	`520`
`@@ -599,6 +619,12 @@ oauth_json_array_start(void *state)`
`599`	`619`	`}`
`600`	`620`
`601`	`621`	`++ctx->nested;`
	`622`	`+if (ctx->nested>MAX_OAUTH_NESTING_LEVEL)`
	`623`	`+{`
	`624`	`+oauth_parse_set_error(ctx,"JSON is too deeply nested");`
	`625`	`+returnJSON_SEM_ACTION_FAILED;`
	`626`	`+}`
	`627`	`+`
`602`	`628`	`returnJSON_SUCCESS;`
`603`	`629`	`}`
`604`	`630`

`‎src/interfaces/libpq/Makefile`

Lines changed: 9 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -98,14 +98,21 @@ SHLIB_PREREQS = submake-libpgport`
`98`	`98`
`99`	`99`	`SHLIB_EXPORTS = exports.txt`
`100`	`100`
	`101`	`+# Appends to a comma-separated list.`
	`102`	`+comma := ,`
	`103`	`+defineadd_to_list`
	`104`	`+$(eval $1 :=$(if$($1),$($1)$(comma) $2,$2))`
	`105`	`+endef`
	`106`	`+`
`101`	`107`	`ifeq ($(with_ssl),openssl)`
`102`		`-PKG_CONFIG_REQUIRES_PRIVATE = libssl, libcrypto`
	`108`	`+$(call add_to_list,PKG_CONFIG_REQUIRES_PRIVATE,libssl)`
	`109`	`+$(call add_to_list,PKG_CONFIG_REQUIRES_PRIVATE,libcrypto)`
`103`	`110`	`endif`
`104`	`111`
`105`	`112`	`ifeq ($(with_libcurl),yes)`
`106`	`113`	`# libpq.so doesn't link against libcurl, but libpq.a needs libpq-oauth, and`
`107`	`114`	`# libpq-oauth needs libcurl. Put both into *.private.`
`108`		`-PKG_CONFIG_REQUIRES_PRIVATE +=libcurl`
	`115`	`+$(call add_to_list,PKG_CONFIG_REQUIRES_PRIVATE,libcurl)`
`109`	`116`	`%.pc: override SHLIB_LINK_INTERNAL += -lpq-oauth`
`110`	`117`	`endif`
`111`	`118`

`‎src/interfaces/libpq/fe-auth-oauth.c`

Lines changed: 25 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -157,6 +157,14 @@ client_initial_response(PGconn *conn, bool discover)`
`157`	`157`	`#defineERROR_SCOPE_FIELD "scope"`
`158`	`158`	`#defineERROR_OPENID_CONFIGURATION_FIELD "openid-configuration"`
`159`	`159`
	`160`	`+/*`
	`161`	`+ * Limit the maximum number of nested objects/arrays. Because OAUTHBEARER`
	`162`	`+ * doesn't have any defined extensions for its JSON yet, we can be much more`
	`163`	`+ * conservative here than with libpq-oauth's MAX_OAUTH_NESTING_LEVEL; we expect`
	`164`	`+ * a nesting level of 1 in practice.`
	`165`	`+ */`
	`166`	`+#defineMAX_SASL_NESTING_LEVEL 8`
	`167`	`+`
`160`	`168`	`structjson_ctx`
`161`	`169`	`{`
`162`	`170`	`charerrmsg;/ any non-NULL value stops all processing */`
`@@ -196,6 +204,9 @@ oauth_json_object_start(void *state)`
`196`	`204`	`}`
`197`	`205`
`198`	`206`	`++ctx->nested;`
	`207`	`+if (ctx->nested>MAX_SASL_NESTING_LEVEL)`
	`208`	`+oauth_json_set_error(ctx,libpq_gettext("JSON is too deeply nested"));`
	`209`	`+`
`199`	`210`	`returnoauth_json_has_error(ctx) ?JSON_SEM_ACTION_FAILED :JSON_SUCCESS;`
`200`	`211`	`}`
`201`	`212`
`@@ -254,9 +265,22 @@ oauth_json_array_start(void *state)`
`254`	`265`	`ctx->target_field_name);`
`255`	`266`	`}`
`256`	`267`
	`268`	`+++ctx->nested;`
	`269`	`+if (ctx->nested>MAX_SASL_NESTING_LEVEL)`
	`270`	`+oauth_json_set_error(ctx,libpq_gettext("JSON is too deeply nested"));`
	`271`	`+`
`257`	`272`	`returnoauth_json_has_error(ctx) ?JSON_SEM_ACTION_FAILED :JSON_SUCCESS;`
`258`	`273`	`}`
`259`	`274`
	`275`	`+staticJsonParseErrorType`
	`276`	`+oauth_json_array_end(void*state)`
	`277`	`+{`
	`278`	`+structjson_ctx*ctx=state;`
	`279`	`+`
	`280`	`+--ctx->nested;`
	`281`	`+returnJSON_SUCCESS;`
	`282`	`+}`
	`283`	`+`
`260`	`284`	`staticJsonParseErrorType`
`261`	`285`	`oauth_json_scalar(voidstate,chartoken,JsonTokenTypetype)`
`262`	`286`	`{`
`@@ -519,6 +543,7 @@ handle_oauth_sasl_error(PGconn conn, const char msg, int msglen)`
`519`	`543`	`sem.object_end=oauth_json_object_end;`
`520`	`544`	`sem.object_field_start=oauth_json_object_field_start;`
`521`	`545`	`sem.array_start=oauth_json_array_start;`
	`546`	`+sem.array_end=oauth_json_array_end;`
`522`	`547`	`sem.scalar=oauth_json_scalar;`
`523`	`548`
`524`	`549`	`err=pg_parse_json(lex,&sem);`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitedbb359

File tree

8 files changed

8 files changed

`‎doc/src/sgml/release-18.sgml`

`‎src/backend/postmaster/autovacuum.c`

`‎src/backend/utils/mmgr/alignedalloc.c`

`‎src/interfaces/libpq-oauth/oauth-curl.c`

`‎src/interfaces/libpq/Makefile`

`‎src/interfaces/libpq/fe-auth-oauth.c`

0 commit comments