Re: [HACKERS] More schema queries

[Dave Page]

 -Original Message-
 From: Tom Lane [mailto:[EMAIL PROTECTED]] 
 Sent: 18 May 2002 00:01
 To: Dave Page
 Cc: [EMAIL PROTECTED]
 Subject: Re: More schema queries 
 
 There was already some discussion about making a variant version of
 current_schemas() that would tell you the Whole Truth, 
 including the implicitly searched schemas.  Seems like we'd 
 better do that; otherwise we'll find people hardwiring 
 knowledge of these implicit search rules into their apps, 
 which is probably a bad idea.
 
 Anyone have a preference about what to call it?  I could see 
 making a version of current_schemas() that takes a boolean 
 parameter, or we could choose another function name for the 
 implicit-schemas-too version.

Use of a parameter seems fine to me. Save having Yet Another Function
:-) and trying to figure out a sensible name for it!

  Curious.  I have not noticed much of any change in postmaster
  startup time on Unix.  Can you run a profile or something to 
  see where the time is going?
 
  Probably, but I'd need hand-holding as I don't have a clue 
 how to do 
  that.
 
 I'm not sure how to do it on Cygwin, either.  On Unix you'd 
 build a profilable backend executable using
   cd pgsql/src/backend
   gmake clean
   gmake PROFILE=-pg all
 install same, run it, and then use gprof on the gmon.out file 
 dumped at postmaster termination.  Dunno if it has to be done 
 differently on Cygwin.

Well, I have gcc  gprof so I assume it'll be pretty much the same. I'll
have a play tonight.

Thanks Tom,

Dave.

---(end of broadcast)---
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Re: [HACKERS] Poster(s) needed

[Lincoln Yeoh]

How about the postgresql logo - is there a source vector/postscript of it 
so that he can blow it up without res loss and print it? The logo designer 
may still have the source files.

Cheerio,
Link.

At 02:56 AM 5/18/02 -0300, Marc G. Fournier wrote:

Not that I'm aware of anyone making ...

On Fri, 17 May 2002, Michael Meskes wrote:
  month, I'd like to get some PostgreSQL posters for the booth. But I have
  no idea where to find some.
 
  Do we have that kind of stuff? Or where could I get it? Preferable of 
 course as file so I can print it myself.



---(end of broadcast)---
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly

Re: [HACKERS] WIN32 native ... lets start?!?

[Joerg Hessdoerfer]

On Friday 17 May 2002 22:16, you wrote:
 Marc G. Fournier [EMAIL PROTECTED] writes:
  Might be an idea to create a pgsql-hackers-win32 list also?  Or just
  pgsql-win32?

 Actually, I think that'd be a bad idea.  The very last thing we need is
 for these discussions to get fragmented.  The issues affect the whole
 backend AFAICS.

   regards, tom lane

Yes, indeed. I would also like to discuss matters on this list, as one get's 
a 'heads up' from people in the know much easier.

BTW, I'm in the process of doing the 'really only what is necessary for pg' 
ipc-stuff, and was wondering if anybody already did some configuration of the 
source tree towards MinGW?? How should we go about that? I would rather like 
not using cygwin's sh for that ;-), and we have no 'ln' !!

Greetings,
Joerg
-- 
Leading SW developer  - S.E.A GmbH
Mail: [EMAIL PROTECTED]
WWW:  http://www.sea-gmbh.com

---(end of broadcast)---
TIP 2: you can get off all lists at once with the unregister command
(send unregister YourEmailAddressHere to [EMAIL PROTECTED])

Re: [HACKERS] Updated CREATE FUNCTION syntax

[Joel Burton]

Tom Lane [EMAIL PROTECTED] said:

 Seems like the only way to do that in the backend would be to find a way
 of slipping the function text past the lexer/parser entirely.  While I
 can imagine ways of doing that, I think it'd be a *whole* lot cleaner
 to fix things on the client side.
 
 How do you feel about a psql hack that provides a function definition
 mode?  More generally it could be a mode to enter random text and have
 it be converted to an SQL literal string.  Perhaps
 
   psql= create function foo (int) returns int as
   psql- \beginliteral
   psql-LIT begin
   psql-LIT x := $1;
   psql-LIT ...
   psql-LIT end;
   psql-LIT \endliteral
   psql- language plpgsql;
 
 Essentially, \beginliteral and \endliteral each convert to a quote
 mark, and everywhere in between quotes and backslashes get doubled.
 We might want to specify that the leading and trailing newlines get
 dropped, too, though for function-definition applications that would
 not matter.

Tom --

Given that 98% of my function defining is done is psql, this would be fine for me and 
solve my frustrations. It wouldn't help people that build functions in scripting 
languages or non-psql environments, however, but I don't know how common this is.

What do others think?

Thanks!
-- 

Joel BURTON | [EMAIL PROTECTED] | joelburton.com | aim: wjoelburton
Knowledge Management  Technology Consultant 



---(end of broadcast)---
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/users-lounge/docs/faq.html

Re: [HACKERS] Updated CREATE FUNCTION syntax

[Tom Lane]

Joel Burton [EMAIL PROTECTED] writes:
 Given that 98% of my function defining is done is psql, this would be
 fine for me and solve my frustrations. It wouldn't help people that
 build functions in scripting languages or non-psql environments,
 however, but I don't know how common this is.

True, but I'm thinking that other development environments could provide
equivalent features.  (I seem to recall that pgAdmin already does, for
example.)

ISTM the reason we've not addressed this for so long is that no one
could think of a reasonable way to solve it on the backend side.
Maybe we just have to shift our focus.

Another point worth considering is that because psql has its own
smarts about locating query boundaries, it'd be very difficult to
build a function-definition mode without making psql changes, anyway.

regards, tom lane

---(end of broadcast)---
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]

[HACKERS] Sequence privileges

[Peter Eisentraut]

The documentation of the sequence privileges on the GRANT reference page
doesn't match the code.

Documented:

currval:UPDATE
nextval:UPDATE
setval: UPDATE

Actual:

currval:SELECT
nextval:UPDATE
setval: UPDATE

But shouldn't it more ideally be

currval:SELECT
nextval:SELECT + UPDATE
setval: UPDATE

because nextval allows you to infer the content of the sequence?  (Cf.
UPDATE tab1 SET a = b requires SELECT + UPDATE on tab1.)

-- 
Peter Eisentraut   [EMAIL PROTECTED]


---(end of broadcast)---
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/users-lounge/docs/faq.html

Re: [HACKERS] Poster(s) needed

[Tom Lane]

Lincoln Yeoh [EMAIL PROTECTED] writes:
 How about the postgresql logo - is there a source vector/postscript of it 
 so that he can blow it up without res loss and print it?

I have EPS versions of both the elephant-in-crystal and cartoon-elephant
logos.  I'm pretty sure both are up on the website someplace, 'cause I
didn't make either one.

BTW, Marc will correct me if I'm wrong, but I think officially the
crystal one is the PG project logo while the cartoon is more associated
with PostgreSQL Inc.  I tend to ignore this distinction though, since
the crystal logo renders beautifully on screen but is nearly unusable
for black-and-white printouts.  So I like to use whichever fits the
need at hand.

regards, tom lane

---(end of broadcast)---
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/users-lounge/docs/faq.html

Re: [HACKERS] Trouble with pg_encoding_to_char

[Barry Lind]

It means you are running a jdbc driver from 7.2 (perhaps 7.1, but I 
think 7.2) against a 6.5 database.  While we try to make the jdbc driver 
backwardly compatable, we don't go back that far.  You really should 
consider upgrading your database to something remotely current.

thanks,
--Barry

[EMAIL PROTECTED] wrote:
 Hi,
 
 I've been developing a program with the postgres jdbc 2 driver, jdk-1.3.0 and
 postgres 6.5.
 
 When I start my program up it bombs like so:
 
 Something unusual has occured to cause the driver to fail. Please report
 this exception: Exception: java.sql.SQLException: ERROR:  No such
 function 'pg_encoding_to_char' with the specified attributes
 
 Stack Trace:
 
 java.sql.SQLException: ERROR:  No such function 'pg_encoding_to_char'
 with the specified attributes
 
 at
 org.postgresql.core.QueryExecutor.execute(QueryExecutor.java:94)
 at org.postgresql.Connection.ExecSQL(Connection.java:398)
 at org.postgresql.Connection.ExecSQL(Connection.java:381)
 at org.postgresql.Connection.openConnection(Connection.java:314)
 at org.postgresql.Driver.connect(Driver.java:149)
 
 Does anyone know what any of this means...?
 
 Regards,
 Youenn
 
 
 Université de Bretagne sud   http://www.univ-ubs.fr/
 
 
 ---(end of broadcast)---
 TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
 



---(end of broadcast)---
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly

Re: [HACKERS] Sequence privileges

[Tom Lane]

Peter Eisentraut [EMAIL PROTECTED] writes:
 But shouldn't it more ideally be

 currval:  SELECT
 nextval:  SELECT + UPDATE
 setval:   UPDATE

 because nextval allows you to infer the content of the sequence?  (Cf.
 UPDATE tab1 SET a = b requires SELECT + UPDATE on tab1.)

One objection is that testing for both privs will require two aclcheck
calls (since aclcheck(SELECT|UPDATE) will check for the OR not the AND
of the privileges).  Not sure it's worth the overhead.

Given that nextval() is really the only interesting operation on
sequences (you cannot do a real UPDATE), I don't see a problem with
interpreting UPDATE as the right to do nextval() for sequences.

Since currval only returns to you the result of your own prior nextval,
there is no real point in giving it a different privilege bit.
Accordingly I think it *should* be testing UPDATE --- the docs are right
and the code is wrong.  (If it weren't for your recent addition of
setuid functions, I'd question why currval bothers to make a privilege
test at all.)

SELECT still means what it says: the ability to do a select from
the sequence, which lets you see the sequence parameters.  So what
we really have is:

SELECT: read sequence as a table
UPDATE: all sequence-specific operations.

You could maybe make an argument that setval() should have a different
privilege than nextval(), but otherwise this seems sufficient to me.

There is now room in ACL to invent a couple of sequence-specific
privilege bits if it bothers you to use UPDATE for the can-invoke-
sequence-functions privilege, but I'm not sure it's worth creating
a compatibility issue just to do that.

regards, tom lane

---(end of broadcast)---
TIP 2: you can get off all lists at once with the unregister command
(send unregister YourEmailAddressHere to [EMAIL PROTECTED])

[HACKERS] UTF-8 safe ascii() function

[Jean-Michel POURE]

Dear all,

I would like to transform UTF-8 strings into Java-Unicode. Example :
- Latin1 : 'é'
- UTF-8 : 'é' 
- Java Unicode = '\u00233'

Basically, a Unicode compatible ascii() function would be fine.
ascii('é') should return 233.

1) Has anyone written an ascii UTF-8 safe wrapper to ascii() function? If yes, 
would you be so kind to publish this function on the list.

2) Are there plans to add an ascii() UTF-8 safe function to PostrgeSQL?

Best regards,
Jean-Michel POURE

---(end of broadcast)---
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]

[HACKERS] SASL, compression?

[Bear Giles]

I've been looking at the authentication and networking code and
would like to float a trial balloon.

1) add SASL.  This is a new standards-track protocol that is often
   described as PAM for network authentication.  PostgreSQL could
   remove *all* protocol-specific authentication code and use
   standard plug-in libraries instead.

   (It's worth noting that SSL/TLS operates at a lower level than
   SASL.  This has some interesting consequences, see below.)

   After the black-box authentication finishes, the postmaster will
   have up to pieces of information: the peer's client cert (SSL)
   and a string containing the Kerberos principal, user name verified
   with password/one-time-password/CRAM, etc.

   PostgreSQL authentication would be reduced to specifying which
   authentication methods are acceptable for each database, then
   mapping that authenticated user string and/or cert to a pguser.

2) add ZLIB compression.

The last point needs a bit of explanation.  With SASL, the buffers
may be modified due to the authentication protocol selected, so the
low-level routines in pqcomm.c and fe-connect.c must be modified.
But since this is happening anyway, it would be easy to wrap
sasl_encode with ZLIB compression and sasl_decode with ZLIB decompression,
with pq_flush() (and client's equivalent) doing a sync flush of
the compression buffer.

You obviously don't need compression on the Unix socket or a fast
network connection, but if you're on a T1 or slower the reduced
transmission time should more than offset the time spent in 
compression/decompression.

Drawbacks

The biggest drawback, at least initially, is that the initial
exchange will need to be totally rewritten.  One possibility
could use something like this:

  S: 220 example.com PostgreSQL 8.1
  C: HELO client.com
  S: 250-example.com
  S: 250-AUTH ANONYMOUS KERBEROS4 list of authentication methods
  S: 250-STARTTLS server accepts SSL/TLS
  S: 250-COMPRESSION  compress datastream
  S: 250 HELP
  C: STARTTLS pq.virtual.com  allows virtual domains
 SSL/TLS negotation occurs *here*
  S: 250-pq.virtual.com
  S: 250-AUTH ANONYMOUS PLAIN KERBEROS4   note extra method
  S: 250-COMPRESSION
  S: 250-some extract functions only available with TLS/SSL sessions
  S: 250 HELP
  C: AUTH PLAIN user password use simple username/password
  S: 220 OK
  C: COMPRESSION ON
  S: 220 OK
  C: OPEN database
  S: 220 OK

and then the system drops back to the existing data exchange
format.  Or it could look like something entirely different - the
most important thing is that the server needs to provide a list
of authentication methods, the client chooses one, and it either
succeeds or the client can retry.  However a protocol something
like this has the strong advantage of being well-tested in the 
existing protocols.

Bear

---(end of broadcast)---
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Re: [HACKERS] [INTERFACES] libpgtcl - backend version information patch

[Nigel J. Andrews]

 [My apolgies if this turns up in the lists twice (now three times) but my
 mailer claims it's been in the queue for them too long. Not sure why it
 thinks that since it's only a few minutes since I sent it.]
 
 
  On Fri, 17 May 2002, Peter Eisentraut wrote:
   Nigel J. Andrews writes:
   
I've attached a patch for libpgtcl which adds access to backend version
numbers.
   
This is via a new command:
   
pg_version db channel major varname ?minor varname? ?patch varname?
   
   This doesn't truly reflect the way PostgreSQL version numbers are handled.
   Say for 7.2.1, the major is really 7.2 and the minor is 1.  With the
   interface you proposed, the information major == 7 doesn't really convey
   any useful information.
  
Ah, oops. I'll change it. I withdraw the patch submission I made yesterday
(now two days back).
  
I envisage this patch applied to 7.3 tip and to 7.2 for the 7.2.2
release mentioned a couple of days ago. The only problem with doing this
for 7.2 that I can see is where people doing the 'package -exact require
Pgtcl 1.x' thing, and how many of those are there? Even PgAccess doesn't
use that.
   
   Normally we only put bug fixes in minor releases.  PgAccess may get an
   exception, but bumping the version number of a library is stretching it a
   little.  If you're intending to use the function for PgAccess, why not
   make it internal to PgAccess?  That way you can tune the major/minor thing
   exactly how you need it.
  
It did occur to me this morning that having it applied for 7.2.2 was perhaps
silly as it was introducing a new feature and not a bug fix.
  
This feature could be added to PgAccess but I felt it was general enough to be
placed in the interface library. I think someone else suggested such a place a
couple of weeks ago also. If there is a concensus that this should be done in
the application layer I'll happily drop this patch completely.
  
   

-- 
Nigel J. Andrews
Director

---
Logictree Systems Limited
Computer Consultants


---(end of broadcast)---
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

[HACKERS] pq_eof() broken with SSL

[Bear Giles]

I came across another bug in the SSL code.  backend/libpq/pqcomm.c:pq_eof()
calls recv() to read a single byte of data to check for EOF.  The
character is then stuffed into the read buffer.

This will not work with SSL.  Besides the data being encrypted, you
could end up reading a byte from an SSL control message instead of a
data message, or messing up counts.  Fortunately this procedure only
seems to be called in some password code - if you use 'trust' or 'ident'
then the SSL should work fine.

The quick fix is to add another USE_SSL block, a better fix is to
explicitly create a new abstraction layer.

Bear

---(end of broadcast)---
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]

[HACKERS] *new* libpgtcl - backend version information patch

[Nigel J. Andrews]

This is similar to the same patch as I submitted Thursday, and hopefully
withdrew in time after a response was made. I have repeated the description
with appropiate changes for ease of reference.

I've attached a patch for libpgtcl which adds access to backend version
numbers.

This is via a new command:

pg_version db channel major varname ?minor varname?

Using readonly variables rather than a command was my first choice but I
decided that it was inappropiate for the library to start assigning global
variable(s) when that's really the applications job and the command interface
is consistent with the rest of the interface.

Obviously, backend version numbers are specific to a particular connection. So
I've created a new data structure, to keep the information as a distinct unit,
and added an instance of the new structure to the Pg_ConnectionId type. The
version information is retrieved from the given connection on first use of
pg_version and cached in the new data structure for subsequent accesses.

In addition to filling the named variables in the callers scope with version
numbers/strings the command returns the complete string as returned by
version(). It's not possible to turn this return off at the moment but I don't
see it as a problem since normal methods of stopping unwanted values returned
from procedures can be applied in the application if required.

Perhaps the most significant change is that I've increased the package's
version number from 1.3 to 1.4. This will adversly effect anyone using an
application that requires a specific version of the package where their
postgres installation is updated but their application has not been. I can't
imagine there are many applications out there using the package management
features of TCL though.

This isn't a bug fix and is therefore for 7.3 not 7.2.2


-- 
Nigel J. Andrews
Director

---
Logictree Systems Limited
Computer Consultants




---(end of broadcast)---
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Re: [HACKERS] Updated CREATE FUNCTION syntax

[Joel Burton]

Tom Lane [EMAIL PROTECTED] said:

 Joel Burton [EMAIL PROTECTED] writes:
  Given that 98% of my function defining is done is psql, this would be
  fine for me and solve my frustrations. It wouldn't help people that
  build functions in scripting languages or non-psql environments,
  however, but I don't know how common this is.
 
 True, but I'm thinking that other development environments could provide
 equivalent features.  (I seem to recall that pgAdmin already does, for
 example.)
 
 ISTM the reason we've not addressed this for so long is that no one
 could think of a reasonable way to solve it on the backend side.
 Maybe we just have to shift our focus.

Out of curiosity, Tom, why the preference for a solution like this rather than 
allowing for a much-less-common-than-' delimiter for the create function syntax? (Such 
as the [[ and ]] I suggested a few posts ago?) This would seem like something that 
wouldn't seem too difficult to do, and would work in all environments.

That would have the advantage of being consistent as users switched from writing 
functions in psql to writing function-writing functions, to writing functions in other 
environments, etc.

Thanks,

- J.

-- 

Joel BURTON | [EMAIL PROTECTED] | joelburton.com | aim: wjoelburton
Knowledge Management  Technology Consultant 



---(end of broadcast)---
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]

[HACKERS] Set-returning function syntax

[Joel Burton]

For those who want to play on the bleeding edge of CVS, can someone provide the syntax 
for the recently-checked-in set-returning functions? I've got it figured out when I'm 
returning a many rows of single column, but not for many rows of several columns.

If someone can do this, and no one has put together docs on this feature, I'll 
volunteer to write this up.

Thanks!

- J.

-- 

Joel BURTON | [EMAIL PROTECTED] | joelburton.com | aim: wjoelburton
Knowledge Management  Technology Consultant 



---(end of broadcast)---
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly

Re: [HACKERS] SASL, compression?

[Neil Conway]

On Sat, 18 May 2002 11:39:51 -0600 (MDT)
Bear Giles [EMAIL PROTECTED] wrote:
 1) add SASL.  This is a new standards-track protocol that is often
described as PAM for network authentication.  PostgreSQL could
remove *all* protocol-specific authentication code and use
standard plug-in libraries instead.

I'm not that clueful about SASL -- would this mean that we could get
rid of the PostgreSQL code that does SSL connections, plus MD5, crypt,
ident, etc. based authentication, and instead just use the SASL stuff?
Or would SSL/TLS support need to co-exist with SASL?

 2) add ZLIB compression.

This was discussed before, and the conclusion was that compression
is of fairly limited utility, and can be accomplished by using
ssh -- so it's not worth the bloat. But there were some dissenting
opinions at the time, so this might merit further discussion...

 The biggest drawback, at least initially, is that the initial
 exchange will need to be totally rewritten.

I'd like to see a FE/BE protocol change in 7.4, so this might be a
possibility at that point.

Cheers,

Neil

-- 
Neil Conway [EMAIL PROTECTED]
PGP Key ID: DB3C29FC

---(end of broadcast)---
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]

Re: [HACKERS] SASL, compression?

[Tom Lane]

Bear Giles [EMAIL PROTECTED] writes:
 1) add SASL.  This is a new standards-track protocol that is often
described as PAM for network authentication.  PostgreSQL could
remove *all* protocol-specific authentication code and use
standard plug-in libraries instead.

To me, new standards-track protocol translates as pie in the sky.
When will there be tested, portable, BSD-license libraries that we
could *actually* use?  I'm afraid this really would end up meaning
writing and/or supporting our own SASL code ... and I think there
are more important things for the project to be doing.

IMHO we've got more than enough poorly-supported authentication options
already.  Unless you can make a credible case that using SASL would
allow us to rip out PAM, Kerberos, MD5, etc *now* (not in a few releases
when everyone's switched to SASL), I think this will end up just being
another one :-(.

(It doesn't help any that PAM support was sold to us just one release
cycle back on the same grounds that it'd be the last authentication
method we'd need to add.  I'm more than a tad wary now...)


 2) add ZLIB compression.

Why do people keep wanting to reinvent SSH tunneling?

regards, tom lane

---(end of broadcast)---
TIP 2: you can get off all lists at once with the unregister command
(send unregister YourEmailAddressHere to [EMAIL PROTECTED])

Re: [HACKERS] [INTERFACES] libpgtcl - backend version information patch

[Tom Lane]

Nigel J. Andrews [EMAIL PROTECTED] writes:
 This feature could be added to PgAccess but I felt it was general
 enough to be placed in the interface library. I think someone else
 suggested such a place a couple of weeks ago also. If there is a
 concensus that this should be done in the application layer I'll
 happily drop this patch completely.

I guess I don't quite see the point of doing this in libpgtcl,
as opposed to doing a select version() at the application level.
It would take only a line or two of Tcl code to do that and parse the
result of version(), so why write many lines of C to accomplish the
same thing?

regards, tom lane

---(end of broadcast)---
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly

Re: [HACKERS] SASL, compression?

[Bear Giles]

 I'm not that clueful about SASL -- would this mean that we could get
 rid of the PostgreSQL code that does SSL connections, plus MD5, crypt,
 ident, etc. based authentication, and instead just use the SASL stuff?

We would still need the ability to map user identities - pgusers for
those methods where the client can't specify an arbitrary user name
(e.g., Kerberos and GSSAPI), but strictly speaking that's an authorization
problem, not an authentication problem, and it can be handled entirely
within the backend.

 [W]ould SSL/TLS support need to co-exist with SASL?

Yes.  SASL effectively works at the application layer.  It's now common
practice for one of the application commands to be STARTTLS (perhaps by
another name) that both sides use as a signal to negotiate a TLS/SSL
session.

The benefit of this approach is that it's easily migrated to Unix
sockets, IPv6, etc.

  2) add ZLIB compression.
 
 This was discussed before, and the conclusion was that compression
 is of fairly limited utility, and can be accomplished by using
 ssh -- so it's not worth the bloat. But there were some dissenting
 opinions at the time, so this might merit further discussion...

I agree, it wasn't worth the effort with the existing code.  But
if we rewrite the lowest level routines then the amount of bloat can
be minimized. 

Bear

---(end of broadcast)---
TIP 2: you can get off all lists at once with the unregister command
(send unregister YourEmailAddressHere to [EMAIL PROTECTED])

Re: [HACKERS] SASL, compression?

[Bear Giles]

 Bear Giles [EMAIL PROTECTED] writes:
  1) add SASL.  This is a new standards-track protocol that is often
 described as PAM for network authentication.
 
 To me, new standards-track protocol translates as pie in the sky.
 When will there be tested, portable, BSD-license libraries that we
 could *actually* use?

http://asg.web.cmu.edu/sasl/sasl-implementations.html

 Unless you can make a credible case that using SASL would
 allow us to rip out PAM, Kerberos, MD5, etc *now* (not in a few releases
 when everyone's switched to SASL), I think this will end up just being
 another one :-(.

http://asg.web.cmu.edu/sasl/sasl-projects.html

If it's being used in Sendmail, Cyrus IMAP and OpenLDAP, with preliminary
work (sponsored by Carnegie Mellon University) in supporting it for CVS
and LPRng and possibly SSH I think it's safe to say it's beyond vaporware
at this point.

The only reason I was waving my hands a bit is that I'm not sure if
SASL 2.x is considered production-ready yet.  We could support SASL 1.x,
but if 2.x is coming out within 6-12 months then it may make more sense
to target 2.x instead of releasing 1.x today, then switching to 2.x in 
the next release.

If there's a concensus that we should proceed, I would also be the 
first to argue that we should contact CMU for assistance in the 
conversion.  Hopefully they have enough experience with their cyrus
package that we can really put this issue to bed.  (Meanwhile PostgreSQL
would get more free advertising as another major project using their
SASL library.)

 (It doesn't help any that PAM support was sold to us just one release
 cycle back on the same grounds that it'd be the last authentication
 method we'd need to add.  I'm more than a tad wary now...)

Umm... I don't know what to say.  This is a common misunderstanding of
PAM (and one reason I *really* hate those PAM Kerberos modules) but people
keep repeating it.  PAM was only designed for local use, but people keep
trying to use it for network authentication even though us security 
freaks keep pointing out that using some of those modules on a network
will leave your system wide open.  In contrast SASL was designed from the
start to work over an untrusted network.

This isn't to say that PAM support is totally useless - it may be a
clean way to handle the ongoing Kerberos principal - pguser issue, but
it's a nonstarter for authentication purposes unless you know you're
on the Unix socket.

  2) add ZLIB compression.
 
 Why do people keep wanting to reinvent SSH tunneling?

One good reason is that secure sites will prohibit them.  SSH tunnels
require that clients have shell accounts on the remote system, and
on a dedicated database server you may have no accounts other than the
sysadmins who administer the box.

I'm aware of the various tricks you can do - setting the shell to 
/bin/false, requiring RSA authentication and setting the no-tty flag
in the 'known_keys' file, etc., but at the end of the day there are 
still extra shell accounts on that system.

SSH tunnels are a good stopgap measure while you add true TLS/SSL
support, but they can't be considered a replacement for that support.

Bear

---(end of broadcast)---
TIP 2: you can get off all lists at once with the unregister command
(send unregister YourEmailAddressHere to [EMAIL PROTECTED])

Re: [HACKERS] [INTERFACES] libpgtcl - backend version information

[Nigel J. Andrews]

On Sat, 18 May 2002, Tom Lane wrote:

 Nigel J. Andrews [EMAIL PROTECTED] writes:
  This feature could be added to PgAccess but I felt it was general
  enough to be placed in the interface library. I think someone else
  suggested such a place a couple of weeks ago also. If there is a
  concensus that this should be done in the application layer I'll
  happily drop this patch completely.
 
 I guess I don't quite see the point of doing this in libpgtcl,
 as opposed to doing a select version() at the application level.
 It would take only a line or two of Tcl code to do that and parse the
 result of version(), so why write many lines of C to accomplish the
 same thing?

Yes, you're right. It is only a couple of lines to do the exec, error checking
and parsing.

Someone mentioned how it might be worth considering putting version testing
into the library. I thought it a reasonable idea, something that would be
reasonably be expected to reused across applications and as I'm not putting
forward anything for pgaccess until it's decided what the heck is going on with
it thought I'd do the libpgtcl version of it.

I see the pros as:

version information is accessable to all TCL applications without each having
to worry about getting it,
it comes ready to support multiple DB connections per application.

The cons:
well I don't see anything similar in the perl interface and it's not in libpq
so as the other interfaces are essentially wrappers for libpq it shouldn't be
in libpqtcl either,
there's more C code than TCL code would take (still, I could change it to use a
Tcl_eval if it's lines of code that count)


-- 
Nigel J. Andrews
Director

---
Logictree Systems Limited
Computer Consultants


---(end of broadcast)---
TIP 4: Don't 'kill -9' the postmaster

Re: [HACKERS] Set-returning function syntax

[Joe Conway]

Joel Burton wrote:
  For those who want to play on the bleeding edge of CVS, can someone
  provide the syntax for the recently-checked-in set-returning
  functions? I've got it figured out when I'm returning a many rows of
  single column, but not for many rows of several columns.

For multiple columns, you need a composite data type defined -- 
basically you need to create a table, even if it is an unused shell, 
which has the column names and data types of the returned tuple. See 
below for more.

 
  If someone can do this, and no one has put together docs on this
  feature, I'll volunteer to write this up.

I hadn't gotten to the docs yet, but if you wanted to write something up 
that would be great! :) I'll certainly help too.

Attached is the script I've been using to test as I go. It shows the 
usage of SRFs in a variety of situations (note that the C function tests 
require contrib/dblink installed). There's also a description in one of 
my earlier posts. Here is a recap, edited to the latest reality:

How it currently works:
---
1. The SRF may be either marked as returning a set or not. A function 
not marked as returning a set simply produces one row.

2. The SRF may either return a base data type (e.g. TEXT) or a composite 
data type (e.g. pg_class). If the function returns a base data type, the 
single result column is named for the function. If the function returns 
a composite type, the result columns get the same names as the 
individual attributes of the type.

3. The SRF may be aliased in the FROM clause, but it also be left 
unaliased. If a function is used in the FROM clause with no alias, the 
function name is used as the relation name.

Hope that's a start.

Thanks,

Joe


DROP TABLE foo2;
CREATE TABLE foo2(fooid int, f2 int);
INSERT INTO foo2 VALUES(1, 11);
INSERT INTO foo2 VALUES(2, 22);
INSERT INTO foo2 VALUES(1, 111);
DROP FUNCTION foot(int);
CREATE FUNCTION foot(int) returns setof foo2 as 'SELECT * FROM foo2 WHERE fooid = $1;' 
LANGUAGE SQL;

-- supposed to fail with ERROR
select * from foo2, foot(fooid) z where foo2.f2 = z.f2;

-- function in subselect
select * from foo2 where f2 in (select f2 from foot(foo2.fooid) z where z.fooid = 
foo2.fooid);

-- function in subselect
select * from foo2 where f2 in (select f2 from foot(1) z where z.fooid = foo2.fooid);

-- nested functions
select * from foot(sin(pi()/2)::int);

DROP TABLE foo;
CREATE TABLE foo (fooid int, foosubid int, fooname text, primary key(fooid,foosubid));
INSERT INTO foo VALUES(1,1,'Joe');
INSERT INTO foo VALUES(1,2,'Ed');
INSERT INTO foo VALUES(2,1,'Mary');

-- sql, proretset = f, prorettype = b
DROP FUNCTION getfoo(int);
CREATE FUNCTION getfoo(int) RETURNS int AS 'SELECT $1;' LANGUAGE SQL;
SELECT * FROM getfoo(1) AS t1;
DROP VIEW vw_getfoo;
CREATE VIEW vw_getfoo AS SELECT * FROM getfoo(1);
SELECT * FROM vw_getfoo;

-- sql, proretset = t, prorettype = b
DROP FUNCTION getfoo(int);
CREATE FUNCTION getfoo(int) RETURNS setof int AS 'SELECT fooid FROM foo WHERE fooid = 
$1;' LANGUAGE SQL;
SELECT * FROM getfoo(1) AS t1;
DROP VIEW vw_getfoo;
CREATE VIEW vw_getfoo AS SELECT * FROM getfoo(1);
SELECT * FROM vw_getfoo;

-- sql, proretset = t, prorettype = b
DROP FUNCTION getfoo(int);
CREATE FUNCTION getfoo(int) RETURNS setof text AS 'SELECT fooname FROM foo WHERE fooid 
= $1;' LANGUAGE SQL;
SELECT * FROM getfoo(1) AS t1;
DROP VIEW vw_getfoo;
CREATE VIEW vw_getfoo AS SELECT * FROM getfoo(1);
SELECT * FROM vw_getfoo;

-- sql, proretset = f, prorettype = c
DROP FUNCTION getfoo(int);
CREATE FUNCTION getfoo(int) RETURNS foo AS 'SELECT * FROM foo WHERE fooid = $1;' 
LANGUAGE SQL;
SELECT * FROM getfoo(1) AS t1;
DROP VIEW vw_getfoo;
CREATE VIEW vw_getfoo AS SELECT * FROM getfoo(1);
SELECT * FROM vw_getfoo;

-- sql, proretset = t, prorettype = c
DROP FUNCTION getfoo(int);
CREATE FUNCTION getfoo(int) RETURNS setof foo AS 'SELECT * FROM foo WHERE fooid = $1;' 
LANGUAGE SQL;
SELECT * FROM getfoo(1) AS t1;
DROP VIEW vw_getfoo;
CREATE VIEW vw_getfoo AS SELECT * FROM getfoo(1);
SELECT * FROM vw_getfoo;

-- C, proretset = f, prorettype = b
SELECT * FROM dblink_replace('123456789987654321', '99', 'HelloWorld');
DROP VIEW vw_dblink_replace;
CREATE VIEW vw_dblink_replace AS SELECT * FROM dblink_replace('123456789987654321', 
'99', 'HelloWorld');
SELECT * FROM vw_dblink_replace;

-- C, proretset = t, prorettype = b
SELECT dblink_get_pkey FROM dblink_get_pkey('foo');
DROP VIEW vw_dblink_get_pkey;
CREATE VIEW vw_dblink_get_pkey AS SELECT dblink_get_pkey FROM dblink_get_pkey('foo');
SELECT * FROM vw_dblink_get_pkey;










-- plpgsql
--DROP FUNCTION getfoo(int);
--CREATE OR REPLACE FUNCTION testplpgsql() RETURNS setof int AS 'DECLARE fooint int; 
BEGIN SELECT fooid into fooint FROM foo; RETURN fooint; END;' LANGUAGE 'plpgsql';





---(end of broadcast)---
TIP 4: Don't 'kill -9' the postmaster

Re: [HACKERS] Sequence privileges

[Joe Conway]

Tom Lane wrote:
 
 SELECT still means what it says: the ability to do a select from
 the sequence, which lets you see the sequence parameters.  So what
 we really have is:
 
   SELECT: read sequence as a table
   UPDATE: all sequence-specific operations.
 

Since the sequence-specific operations are really just function calls, 
maybe it should be:
SELECT:  read sequence as a table
EXECUTE: all sequence-specific operations.

Joe


---(end of broadcast)---
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]

Re: [HACKERS] Sequence privileges

[Tom Lane]

Joe Conway [EMAIL PROTECTED] writes:
 Tom Lane wrote:
 what we really have is:
 
 SELECT: read sequence as a table
 UPDATE: all sequence-specific operations.

 Since the sequence-specific operations are really just function calls, 
 maybe it should be:
   SELECT:  read sequence as a table
   EXECUTE: all sequence-specific operations.

But is it worth creating a compatibility problem for?  Existing pg_dump
scripts are likely to GRANT UPDATE.  They certainly won't say GRANT
EXECUTE since that doesn't even exist in current releases.

I agree that EXECUTE (or some sequence-specific permission name we might
think of instead) would be logically cleaner, but I don't think it's
worth the trouble of coming up with a compatibility workaround.  UPDATE
doesn't seem unreasonably far off the mark.

regards, tom lane

---(end of broadcast)---
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly

Re: [HACKERS] Set-returning function syntax

[Tom Lane]

Tatsuo Ishii [EMAIL PROTECTED] writes:
 Does your SRF function allow to return a setof composite data type
 using C function? If so, how can I write such that C function?

The setof part is documented in src/backend/utils/fmgr/README.
There's no good documentation for returning tuples at the moment,
but basically you return a pointer to a TupleTableSlot.  (Re-use
the same slot on each call to avoid memory leakage.)  There's an
example in src/backend/executor/functions.c --- look at the uses
of funcSlot.

One reason this isn't documented is that it's really ugly.  It might
be a good idea to change it before we start having lots of user-written
code that depends on it ...

regards, tom lane

---(end of broadcast)---
TIP 2: you can get off all lists at once with the unregister command
(send unregister YourEmailAddressHere to [EMAIL PROTECTED])

Re: [HACKERS] Set-returning function syntax

[Joe Conway]

Tatsuo Ishii wrote:
 Does your SRF function allow to return a setof composite data type
 using C function? If so, how can I write such that C function? I
 couldn't find any example or explanation so far. You referred dblink,
 but in my understanding it does not have any function that returns a
 setof composite data type.


I haven't written a C function yet that returns a composite type. You 
are correct that dblink does not have an example which returns composite 
type, because that wasn't even possible when I wrote the dblink code ;-)

At least initially, a C function returning a composite type will have to 
do alot of dirty work -- i.e. something like:
- manually form a tuple based on the return type relation attributes
- save the tuple in a tuple table slot
- return a pointer to the slot as a datum

I don't know what other complications may be lurking, but I will try to 
get a working example sometime this coming week and post it to HACKERS.

Joe




---(end of broadcast)---
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Re: [HACKERS] Set-returning function syntax

[Joe Conway]

Tatsuo Ishii wrote:
 Does your SRF function allow to return a setof composite data type
 using C function? If so, how can I write such that C function? I

Just to follow-up, here's a quick look at what works and what doesn't, 
at least using my test script.

SELECT * FROM myfunc();
Language 
RetSet 
RetType 
Status
--- --- --- -
C 
t   b   OK
C 
t   c   Not tested
C 
f   b   OK
C 
f   c   Not tested
SQL 
t   b   OK
SQL 
t   c   OK
SQL 
f   b   OK
SQL 
f   c   OK
PL/pgSQL 
t 
b 
No retset support
PL/pgSQL 
t 
c 
No retset support
PL/pgSQL 
f 
b 
OK
PL/pgSQL 
f 
c 
OK
-
RetSet: t = function declared to return setof something
RetType: b = base type; c = composite type

Same cases work when a view is defined as SELECT * FROM myfunc().

Joe


---(end of broadcast)---
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/users-lounge/docs/faq.html

Re: [HACKERS] Set-returning function syntax

[Tatsuo Ishii]

 The setof part is documented in src/backend/utils/fmgr/README.
 There's no good documentation for returning tuples at the moment,
 but basically you return a pointer to a TupleTableSlot.  (Re-use
 the same slot on each call to avoid memory leakage.)  There's an
 example in src/backend/executor/functions.c --- look at the uses
 of funcSlot.

That was almost same as I guessed:-)

 One reason this isn't documented is that it's really ugly.  It might
 be a good idea to change it before we start having lots of user-written
 code that depends on it ...

Sounds like a good idea.
--
Tatsuo Ishii

---(end of broadcast)---
TIP 4: Don't 'kill -9' the postmaster

Re: [HACKERS] Unbounded (Possibly) Database Size Increase - Toasting

[Mark kirkwood]

On Sat, 2002-05-11 at 11:24, Tom Lane wrote:
 Hannu Krosing [EMAIL PROTECTED] writes:
  Was it not the case that lazy vacuum had problems freeing tuples that
  have toasted fields ?
 
 News to me if so.
 
   regards, tom lane

It looks like this may in fact be the case.

I performed a number of tests using the previous setup, but shortening the row length 
and
using pg_attribute.attstorage to untoast the text field for some of the tests.

The difference is striking. 

The behaviour of the untoasted case is pretty much as expected :
the database grows a bit and then stabilizes at some size.

However I could not get any size stabilization in the toasted case.


Here are (some) of my test results :

Fsm Siz |Threads|Toast  |Init(M)|End (M)|Stable |Stable Time(h) |Run Time(h)
 2  | 2 |Y  | 166   | 380   | N | - |17
 6  | 2 |Y  | 166   | 430   | N | - |20
 1  | 2 |N  | 162   | 235   | Y | 0.5   |1
 2  | 2 |N  | 166   | 235   | Y | 0.5   |13
 6  | 2 |N  | 166   | 235   | Y | 0.5   |13

legend :

Fsm Siz = max_fsm_pages
Threads = no. update threads
Toast   = whether body field was toasted
Init= initial database size
End = final database size
Stable  = whether database growth had stopped
Stable Time = when stable size was achieved
Run Time= length of test run (excluding initial database population)

Average vacuum time = 300s
Typical (1 thread) entire table update time = 2000s
Row length  = 7.5K

The scripts I used are here :

http://homepages.slingshot.co.nz/~markir/tar/test/spin.tar.gz


At this point I am wondering about sending this in as a bug report - what do you think 
?

regards, 

Mark


---(end of broadcast)---
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/users-lounge/docs/faq.html