1
0
mirror of https://github.com/postgres/postgres.git synced 2025-07-27 12:41:57 +03:00

Add an overall timeout on the client authentication cycle, so that

a hung client or lost connection can't indefinitely block a postmaster
child (not to mention the possibility of deliberate DoS attacks).
Timeout is controlled by new authentication_timeout GUC variable,
which I set to 60 seconds by default ... does that seem reasonable?
This commit is contained in:
Tom Lane
2001-09-21 17:06:12 +00:00
parent e3f5bc3492
commit 35b7601b04
8 changed files with 136 additions and 63 deletions

View File

@ -1,5 +1,5 @@
<!--
$Header: /cvsroot/pgsql/doc/src/sgml/runtime.sgml,v 1.82 2001/09/21 03:32:35 tgl Exp $
$Header: /cvsroot/pgsql/doc/src/sgml/runtime.sgml,v 1.83 2001/09/21 17:06:12 tgl Exp $
-->
<Chapter Id="runtime">
@ -1018,6 +1018,20 @@ env PGOPTIONS='-c geqo=off' psql
</listitem>
</varlistentry>
<varlistentry>
<term><varname>AUTHENTICATION_TIMEOUT</varname> (<type>integer</type>)</term>
<listitem>
<para>
Maximum time to complete client authentication, in seconds.
If a would-be client has not completed the authentication protocol
in this much time, the server unceremoniously breaks the connection.
This prevents hung clients from occupying a connection indefinitely.
This option can only be set at server start or in the
<filename>postgresql.conf</filename> file.
</para>
</listitem>
</varlistentry>
<varlistentry>
<indexterm>
<primary>deadlock</primary>