Add an overall timeout on the client authentication cycle, so that

a hung client or lost connection can't indefinitely block a postmaster
child (not to mention the possibility of deliberate DoS attacks).
Timeout is controlled by new authentication_timeout GUC variable,
which I set to 60 seconds by default ... does that seem reasonable?

src/backend/libpq/pqsignal.c

@@ -9,7 +9,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/pqsignal.c,v 1.23 2001/09/08 01:10:20 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/pqsignal.c,v 1.24 2001/09/21 17:06:12 tgl Exp $
  *
  * NOTES
  *		This shouldn't be in libpq, but the monitor and some other
@@ -53,7 +53,7 @@
  * signals that should never be turned off.
  *
  * AuthBlockSig is the set of signals to block during authentication;
- * it's essentially BlockSig minus SIGTERM and SIGQUIT.
+ * it's essentially BlockSig minus SIGTERM, SIGQUIT, SIGALRM.
  *
  * UnBlockSig is the set of signals to block when we don't want to block
  * signals (is this ever nonzero??)
@@ -109,6 +109,9 @@ pqinitmask(void)
 #ifdef SIGQUIT
 	sigdelset(&AuthBlockSig, SIGQUIT);
 #endif
+#ifdef SIGALRM
+	sigdelset(&AuthBlockSig, SIGALRM);
+#endif
 #else
 	UnBlockSig = 0;
 	BlockSig = sigmask(SIGHUP) | sigmask(SIGQUIT) |
@@ -116,7 +119,7 @@ pqinitmask(void)
 		sigmask(SIGINT) | sigmask(SIGUSR1) |
 		sigmask(SIGUSR2) | sigmask(SIGCHLD) |
 		sigmask(SIGWINCH) | sigmask(SIGFPE);
-	AuthBlockSig = sigmask(SIGHUP) | sigmask(SIGALRM) |
+	AuthBlockSig = sigmask(SIGHUP) |
 		sigmask(SIGINT) | sigmask(SIGUSR1) |
 		sigmask(SIGUSR2) | sigmask(SIGCHLD) |
 		sigmask(SIGWINCH) | sigmask(SIGFPE);