oauth: Disallow synchronous DNS in libcurl

There is concern that a blocking DNS lookup in libpq could stall a backend process (say, via FDW). Since there's currently no strong evidence that synchronous DNS is a popular option, disallow it entirely rather than warning at configure time. We can revisit if anyone complains. Per query from Andres Freund. Author: Jacob Champion <jacob.champion@enterprisedb.com> Discussion: https://postgr.es/m/p4bd7mn6dxr2zdak74abocyltpfdxif4pxqzixqpxpetjwt34h%40qc6jgfmoddvq
2025-07-30 11:03:19 +03:00 · 2025-03-19 16:56:19 +13:00
parent 434dbf6907
commit d7e40845f9
3 changed files with 16 additions and 26 deletions
--- a/meson.build
+++ b/meson.build
@ -909,9 +909,7 @@ if not libcurlopt.disabled()
      cdata.set('HAVE_THREADSAFE_CURL_GLOBAL_INIT', 1)
    endif

-    # Warn if a thread-friendly DNS resolver isn't built.
-    libcurl_async_dns = false
-
+    # Fail if a thread-friendly DNS resolver isn't built.
    if not meson.is_cross_build()
      r = cc.run('''
        #include <curl/curl.h>
@ -931,16 +929,12 @@ if not libcurlopt.disabled()
      )

      assert(r.compiled())
-      if r.returncode() == 0
-        libcurl_async_dns = true
-      endif
-    endif
-
-    if not libcurl_async_dns
-      warning('''
+      if r.returncode() != 0
+        error('''
 *** The installed version of libcurl does not support asynchronous DNS
-*** lookups. Connection timeouts will not be honored during DNS resolution,
-*** which may lead to hangs in client programs.''')
+*** lookups. Rebuild libcurl with the AsynchDNS feature enabled in order
+*** to use it with libpq.''')
+      endif
    endif
  endif