Set up a separate user, previous PGUSER/PGGROUP integration didn't
make sense.
2016-02-26 - PgBouncer 1.7.2 - "Finally Airborne"
- Fix crash on stale pidfile removal. Problem introduced in 1.7.1.
- Disable cleanup - it breaks takeover and is not useful for
production loads. Problem introduced in 1.7.1.
- After takeover, wait until pidfile is gone before booting. Slow
shutdown due to memory cleanup exposed existing race. (#113)
- Make build reproducible by dropping DBGVER handling. (#112)
- Antimake: Sort file list from $(wildcard), newer gmake does not
sort it anymore. (#111)
- Show libssl version in log.
- deb: Turn on full hardening.
2016-02-18 - PgBouncer 1.7.1 - "Forward To Five Friends Or Else"
- WARNING: Since version 1.7, server_reset_query is not executed
when database is in transaction-pooling mode. Seems this was not
highlighted enough in 1.7 announcement. If your apps depend on
that happening, use server_reset_query_always to restore previous
behaviour.
- TLS: Rename sslmode "disabled" to "disable" as that is what
PostgreSQL uses.
- TLS: client_tls_sslmode=verify-ca/-full now reject connections
without client certificate. (#104)
- TLS: client_tls_sslmode=allow/require do validate client
certificate if sent. Previously they left cert validation
unconfigured so connections with client cert failed. (#105)
- Fix memleak when freeing database.
- Fix potential memleak in tls_handshake().
- Fix EOF handling in tls_handshake().
- Fix too small memset in asn1_time_parse compat.
- Fix non-TLS (--without-openssl) build. (#101)
- Fix various issues with Windows build. (#100)
- TLS: Use SSL_MODE_RELEASE_BUFFERS to decrease memory usage of
inactive connections.
- Clean allocated memory on exit. Helps to run memory-leak
checkers.
- Improve server_reset_query documentation. (#110)
- Add TLS options to sample config.
2015-12-18 - PgBouncer 1.7 - "Colors Vary After Resurrection"
- Support TLS connections. OpenSSL/LibreSSL is used as backend
implementation.
- Support authentication via TLS client certificate.
- Support "peer" authentication on Unix sockets.
- Support Host Based Access control file, like pg_hba.conf in
Postgres. This allows to configure TLS for network connections
and "peer" authentication for local connections.
- Set query_wait_timeout to 120s by default. Current default (0)
causes infinite queueing, which is not useful. That means if
client has pending query and has not been assigned to server
connection, the client connection will be dropped.
- Disable server_reset_query_always by default. Now reset query is
used only in pools that are in session mode.
- Increase pkt_buf to 4096 bytes. Improves performance with TLS.
The behaviour is probably load-specific, but it should be safe
to do as since v1.2 the packet buffers are split from connections
and used lazily from pool.
- Support pipelining count expected ReadyForQuery packets. This
avoids releasing server too early. Fixes#52.
- Improved sbuf_loopcnt logic - socket is guarateed to be
reprocessed even if there are no event from socket. Required for
TLS as it has it's own buffering.
- Adapt system tests to work with modern BSD and MacOS. (Eric
Radman)
- Remove crypt auth. It's obsolete and not supported by PostgreSQL
since 8.4.
- Fix plain "--with-cares" configure option - without argument it
was broken.
Problems found with existing distfiles:
distfiles/D6.data.ros.gz
distfiles/cstore0.2.tar.gz
distfiles/data4.tar.gz
distfiles/sphinx-2.2.7-release.tar.gz
No changes made to the cstore or mariadb55-client distinfo files.
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Update home page & master site, clean up.
PgBouncer 1.6.1.
- Security fix for CVE-2015-6817.
- Per-pool pooling mode vs. reset query.
Details:
http://pgbouncer.github.io/2015/09/pgbouncer-1-6-1/
PgBouncer 1.6.0
Main new features:
- Load user password hash from postgres database.
- Pooling mode can be configured both per-database and per-user.
- Per-database and per-user connection limits: max_db_connections and
max_user_connections.
- Add DISABLE/ENABLE commands to prevent new connections.
- New preferred DNS backend: c-ares.
- Config files have %include FILENAME directive to allow configuration
to be split into several files.
Details:
http://pgbouncer.github.io/2015/08/pgbouncer-1-6/
PgBouncer 1.5.5
- Fix remote crash - invalid packet order causes lookup of NULL pointer.
Not exploitable, just DoS.
Add SMF support. Fix default dirs.
2012-11-28 - PgBouncer 1.5.4 - "No Leaks, Potty-Training Successful"
= Fixes =
* DNS: Fix memory leak in getaddrinfo_a() backend.
* DNS: Fix memory leak in udns backend.
* DNS: Fix stats calculation.
* DNS: Improve error message handling for getaddrinfo_a().
* Fix win32 compile.
* Fix compiler dependency support check in configure.
* Few documentation fixes.
2012-09-12 - PgBouncer 1.5.3 - "Quantum Toaster"
= Critical fix =
* Too long database names can lead to crash, which
is remotely triggerable if autodbs are enabled.
The original checks assumed all names come from config files,
thus using fatal() was fine, but when autodbs are enabled
- by '*' in [databases] section - the database name can come
from network thus making remote shutdown possible.
= Minor Features =
* max_packet_size - config parameter to tune maximum packet size
that is allowed through. Default is kept same: (2G-1), but now
it can be made smaller.
* In case of unparseable packet header, show it in hex in log and
error message.
= Fixes =
* AntiMake: it used $(relpath) and $(abspath) to manupulate pathnames,
but the result was build failure when source tree path contained
symlinks. The code is now changed to work on plain strings only.
* console: now SET can be used to set empty string values.
* config.txt: show that all timeouts can be set in floats.
This is well-hidden feature introduced in 1.4.
2012-05-29 - PgBouncer 1.5.2 - "Don't Chew, Just Swallow"
= Fixes =
* Due to mistake, reserve_pool_timeout was taken in microseconds,
not seconds, effectively activating reserve pool immediately
when pool got full. Now use it as seconds, as was intended.
(Noticed by Keyur Govande)
2012-04-17 - PgBouncer 1.5.1 - "Abort, Retry, Ignore?"
= Features =
* Parameters to tune permissions on unix socket:
unix_socket_mode=0777, unix_socket_group=''.
= Fixes =
* Allow empty string for server-side variable - this is
needed to get "application_name" properly working, as it's
the only parameter that does not have server-side default.
* If connect string changes, require refresh of server parameters.
Previously PgBouncer continued with old parameters,
which breaks in case of Postgres upgrade.
* If autodb connect string changes, drop old connections.
* cf_setint: Use strtol() instead atoi() to parse integer config
parameters. It allows hex, octal and better error detection.
* Use sigqueue() to detect union sigval existence - fixes
compilation on HPUX.
* Remove 'git' command from Makefile, it throws random errors
in case of plain-tarball build.
* Document stats_period parameter. This tunes the period for
stats output.
* Require Asciidoc >= 8.4, seems docs are not compatible with
earlier versions anymore.
* Stop trying to retry on EINTR from close().
2012-01-05 - PgBouncer 1.5 - "Bouncing Satisified Clients Since 2007"
If you use more than 8 IPs behind one DNS name, you now need to
use EDNS0 protocol to query. Only getaddrinfo_a()/getaddrinfo()
and UDNS backends support it, libevent 1.x/2.x does not.
To enable it for libc, add 'options edns0' to /etc/resolv.conf.
GNU Make 3.81+ is required for building.
= Features =
* Detect DNS reply changes and invalidate connections to IPs no longer
present in latest reply.
(Petr Jelinek)
* DNS zone serial based hostname invalidation. When option
dns_zone_check_period is set, all DNS zones will be queried
for SOA, and when serial has changed, all hostnames
will be queried. This is needed to get deterministic
connection invalidation, because invalidation on lookup
is useless when no lookups are performed.
Works only with new UDNS backend.
* New SHOW DNS_HOSTS, SHOW DNS_ZONES commands to examine DNS cache.
* New param: min_pool_size - avoids dropping all connections
when there is no load.
(Filip Rembialkowski)
* idle_in_transaction_timeout - kill transaction if idle too long.
Not set by default.
* New libudns backend for DNS lookups. More featureful than evdns.
Use --with-udns to activate. Does not work with IPv6 yet.
* KILL command, to immediately kill all connections for one database.
(Michael Tharp)
* Move to Antimake build system to have better looking Makefiles.
Now GNU Make 3.81+ is required for building.
= Fixes =
* DNS now works with IPv6 hostnames.
* Don't change connection state when NOTIFY arrives from server.
* Various documentation fixes.
(Dan McGee)
* Console: Support ident quoting with "". Originally we did not
have any commands that took database names, so no quoting was needed.
* Console: allow numbers at the stard of word regex. Trying
to use strict parser makes things too complex here.
* Don't expire auto DBs that are paused.
(Michael Tharp)
* Create auto databases as needed when doing PAUSE.
(Michael Tharp)
* Fix wrong log message issued by RESUME command.
(Peter Eisentraut)
* When user= without password= is in database connect string,
password will be taken from userlist.
* Parse '*' properly in takeover code.
* autogen.sh: work with older autoconf/automake.
* Fix run-as-service crash on win32 due to bad basename() from
mingw/msvc runtime. Now compat basename() is always used.
pgbouncer is a lightweight connection pooler for PostgreSQL that provides
the following features:
* Several levels of brutality when rotating connections.
* Low memory requirements.
* It is not tied to one backend server, the destination databases
can reside on different hosts.
* Supports online reconfiguration for most of the settings.
* Supports online restart/upgrade.