I wrote: > Not only DNS, but all the various auth libraries would have to be > contended with. Lots of work there compared to the likely rewards.
Wait a minute. The entire authentication cycle happens inside InitPostgres, using the backend's normal signal handlers. So maybe we are overthinking the problem. What if we simply postpone ProcessStartupPacket into that same place, and run it under the same rules as we do for authentication? We would waste more cycles than we do now for the case where the client closes the connection without sending a startup packet, but not enormously so, I think --- and optimizing that case doesn't seem like a high-priority goal anyway. And cases like DNS lookup taking forever don't seem like any more of an issue than auth lookup taking forever. regards, tom lane