Releases: pgbouncer/pgbouncer
PgBouncer 1.22.1
2024-03-04 - PgBouncer 1.22.1 - "It's summer in Bangalore"
- Fixes
- Fix issues caused by some clients using
COPY FROM STDIN
queries. Such queries could introduce memory leaks, performance regressions and prepared statement misbehavior. ([#1025]) (bug introduced in 1.21.0) - Add missing tests to release tarball ([#1026]) (missing tests were introduced in 1.19.0 & 1.21.0)
- Fix issues caused by some clients using
All changes: pgbouncer_1_22_0...pgbouncer_1_22_1
PgBouncer 1.22.0
2024-01-31 - PgBouncer 1.22.0 - "DEALLOCATE ALL"
-
Features
-
Changes
-
Fixes
New Contributors
- @mudit-loya made their first contribution in #965
- @GuanqunYang193 made their first contribution in #979
- @joseortiz3 made their first contribution in #994
- @tcraxs made their first contribution in #1004
All changes: pgbouncer_1_21_0...pgbouncer_1_22_0
PgBouncer 1.21.0 - "The one with prepared statements"
2023-10-16 - PgBouncer 1.21.0 - "The one with prepared statements"
-
Features
- Add support for protocol-level named prepared statements! This is probably one of the most requested features for PgBouncer. Using prepared statements together with PgBouncer can reduce the CPU load on your system a lot (both at the PgBouncer side and the PostgreSQL side). In synthetic benchmarks this feature was able to increase query throughput anywhere from 15% to 250%, depending on the workload. To benefit from this new feature you need to change the new
max_prepared_statements
setting to a non-zero value (the exact value depends on your workload, but 100 is probably reasonable). See the docs onmax_prepared_statements
for details on how the feature works, its limitations, and how to tune the value. After doing that you need to make sure your client library actually uses prepared statements. How to do that differs for each client, so you should look at the docs for the client you're using. This feature has been tested very well before releasing, but performance issues or bugs might very well exist due to the complexity of the feature. If you find those, please report them. (#845)
- Add support for protocol-level named prepared statements! This is probably one of the most requested features for PgBouncer. Using prepared statements together with PgBouncer can reduce the CPU load on your system a lot (both at the PgBouncer side and the PostgreSQL side). In synthetic benchmarks this feature was able to increase query throughput anywhere from 15% to 250%, depending on the workload. To benefit from this new feature you need to change the new
-
Changes
- Improve security of OpenSSL settings, the defaults used were VERY outdated. With this release the defaults are now the same as the OpenSSL defaults of the system that runs PgBouncer. (#948 & libusual/#41)
- PgBouncer now uses OpenSSL to calculate MD5 hashes when possible. This is necessary to use PgBouncer in a FIPS compliant way. (#949)
- Maintain
min_pool_size
for pools with a forced user even if no clients are connected to PgBouncer (#947) - The way a
peer_id
is encoded in the cancellation token by PgBouncer has changed, this means that peering between different PgBouncer versions will not work if not all of them are on the same side of the v1.21.0 version boundary. (#945)
-
Fixes
- Fix crash with error message: "FATAL in function client_proto(): bad client state: 6/7" (#928) (bug introduced in 1.18.0)
- Fix crash with error message: "FATAL in function server_proto(): server in bad state: 11" (#927) (bug introduced in 1.18.0)
- Reduce cancellation sending log level (#903)
- Fix slog log prefix for peers (#922)
- Fix typos in docs (#932)
- Fix errors pointed out by static analyzer (#943)
- Don't kill all waiting clients on temporary FATAL errors during login (#946)
- Use auto-database when database in
auth_dbname
is not explicitly configured (#921)
-
Cleanup
- Remove support for udns (#938)
New Contributors
- @Medvecrab made their first contribution in #943
- @ajit-at-edb made their first contribution in #949
- @fschmager made their first contribution in #947
- @knizhnik made their first contribution in #845
- @dashorst made their first contribution in #845
- @sboschman made their first contribution in #845
All changes: pgbouncer_1_20_1...pgbouncer_1_21_0
PgBouncer 1.20.1
PgBouncer 1.20.0
2023-07-20 - PgBouncer 1.20.0 - "A funny name goes here"
-
Deprecations
- Online restart option is now considered deprecated. The feature has received very little love in recent years. There are multiple known issues with it and newly added features often don't support it. The recommended method to do online restarts these days is using the
so_reuseport
andpeers
feature. That way you can have multiple different PgBouncer processes running on the same port. Then by restarting those processes one-by-one, you can make sure there's always a PgBouncer process listening on the desired port. (#894)
- Online restart option is now considered deprecated. The feature has received very little love in recent years. There are multiple known issues with it and newly added features often don't support it. The recommended method to do online restarts these days is using the
-
Features
- Introduce the
track_extra_parameters
which allows tracking of more parameters in transaction pooling mode. Previously, PgBouncer only trackedapplication_name
,DateStyle
,TimeZone
andstandard_conforming_strings
. Now PgBouncer also tracksIntervalStyle
by default. And by changingtrack_extra_parameters
you can track even more settings, but only ones that PostgreSQL reports back to the client. If you're using Citus 12.0+, then Citus will make sure that PostgreSQL also reportssearch_path
back to the client. So if you use Citus you can addsearch_path
to thetrack_extra_parameters
setting. (#867) - Forward SQLSTATE in authentication phase. This allows the detection of database not existing, which is done by Npgsql (a .NET data provider for PostgreSQL). (#814)
- Change default
server_tls_sslmode
toprefer
. (#866) - Add support for the
options
startup parameter. This allows usage of thePGOPTIONS
environment variable thatpsql
andlibpq
know
about. Using this variable you can set any PostgreSQL parameter at startup. This only works for PostgreSQL parameters that PgBouncer tracks throughtrack_extra_parameters
. (#878)
- Introduce the
-
Fixes
- Don't crash when the
pgbouncer
admin database is used as auth_dbname. It's still not supported, but this now gives a clear error instead of crashing. (#817) - Fix name of
peer_cache
inSHOW MEM
. It was incorrectly showing up asdb_cache
before. (#864) - Fix src/dst confusion in log. PgBouncer was logging a source IP when it meant to log the destination IP. (#880)
- Only log admin connections over unix sockets when
log_connections
is set to1
. (#883)
- Don't crash when the
- New Contributors
- @wwoytenko made their first contribution in #817
- @emelsimsek made their first contribution in #867
- @benjaminjb made their first contribution in #880
- @jarojasm95 made their first contribution in #884
PgBouncer 1.19.1
2023-05-31 - PgBouncer 1.19.1 - "Sunny Spring"
This is a minor release that fixes a few recently introduced bugs:
- Fixes
PgBouncer 1.19.0
2023-05-04 - PgBouncer 1.19.0 - "The old-fashioned, human-generated kind"
-
Features
- Add
auth_dbname
option, which specifies against which database to run theauth_query
. (#764) - Add the
SHOW STATE
command, which shows if PgBouncer is active, paused or suspended. (#528) - Add support for peering between PgBouncer processes. This allows configuring PgBouncer such that cancellation requests continue to work when multiple different PgBouncer processes are behind a single load balancer. (#666)
- Add a dedicated
cancel_wait_timeout
setting, which determines after how long to give up on forwarding a cancel request. Default is 10 seconds. (#833) - New testing framework (#792)
- Add
-
Fixes
- Fix possible memory leak on TLS handshake failure. (#796)
- Give more accurate error messages for unsupported command-line options on Windows. (#620)
- Fix calling
disconnect_server
on a server inBEING_CANCELED
state. (#815) (introduced in 1.18.0) - Don't exit with a non-zero status when a
SIGTERM
is received. (#834) - Fail hard during startup when a socket could not be created in
unix_socket_dir
. (#830) - Fail hard during startup when none of the addresses in
listen_addr
could be listened on. (#838) - Give more warning messages with more information when
sbuf_connect
fails. This is especially useful when failing to create Unix sockets. (#837)
-
Cleanups
- Various CI updates for better performance
- Removed AppVeyor
PgBouncer 1.18.0
2022-12-12 - PgBouncer 1.18.0 - "No real mystery"
-
Features
-
Fixes
- Fail
sbuf_send_pending
operation if destination socket is closed (#652) - Fix a few possible crashes (#700, #730)
- Fix for overflow bug in comma-separated host list feature, causing connection to get re-routed to Unix socket (#747)
- Don't evict connections to achieve
min_pool_size
(#648) - Fix
SHOW HELP
with PostgreSQL 15 (#769) - Fix race condition in query cancelation handling. It was possible that a query cancellation for one client canceled a query for another one. This could happen when a cancel request was received by PgBouncer when the query it was meant to cancel already completed by itself. (#717)
- Fail
-
Cleanups
- Various CI updates
PgBouncer 1.17.0
2022-03-23 - PgBouncer 1.17.0 - "A line has been drawn"
-
Features
- A database definition can specify a comma-separated host list. The hosts will be connected to in a round-robin manner.
- When connecting to a non-existing database, the error ("no such database") is now reported after authentication. This prevents unauthenticated clients from probing what databases exist. (This is similar to the change in version 1.15.0 to report missing users after authentication.)
- Don't send server disconnect errors to the client before login. This could reveal not-quite-public information, such as configuration details, to a client that is not logged in yet.
- Increase maximum password length again. Apparently, the last increase wasn't enough for long enough.
- Remove automatic
auth_file
reload. Theauth_file
is now reread only on configuration file reload, no longer automatically as soon as it is changed. - The Windows build now includes a version-information resource file.
- The Windows builds created on CI are now statically linked, so they can be used directly without requiring any dependencies.
-
Fixes
- OpenSSL 3 support has been fixed. Previous releases would crash.
- Don't apply fast-fail at connect time. This is part of the above-mentioned change to not report server errors before authentication. It also fixes a particular situation with SCRAM pass-through authentication, where we need to allow the client-side authentication exchange in order to be able to fix the server-side connection by re-authenticating. The fast-fail mechanism still applies right after authentication, so the effective observed behavior will be the same in most situations.
- Change
auth_type
in samplepgbouncer.ini
tomd5
to match the built-in default. Some deploy this file as the default configuration file, so check if this changed configuration still makes sense for you. - Fix crash at exit in assert-enabled builds.
- Improve
tcp_defer_accept
documentation and behavior. The documentation was incorrect and misleading about the default. In some cases the wrong value was showing in "show config". Also, if it's set but not supported, give an error instead of ignoring, similar to how other platform-specific socket options are handled. - Fix build with c-ares on Windows. c-ares >=1.18.0 is now required on Windows.
-
Cleanups
- Most deprecation warnings from Autoconf >=2.70 have been cleaned up. Older Autoconf versions are still supported.
- Cirrus CI use has been expanded to more platforms.
- Travis CI support has been removed.
- Update locations to search for default root CA file, to cover more platforms, such as Fedora/RHEL/CentOS.
- Python scripts now all use
python3
by default. Python 2 compatibility is no longer maintained. - The test suite scripts use
command -v
instead ofwhich
, which is deprecated. - Several error messages have been reworded to make it clearer which command or configuration setting they relate to.
- The test suite scripts no longer require GNU sed.
make check
now works on Windows (but not the SSL test suite yet).- Document that the admin console only supports the simple query protocol, and give better error messages about this.
PgBouncer 1.16.1
2021-11-11 - PgBouncer 1.16.1 - "Test of depth against quiet efficiency"
This is a minor release with a security fix.
-
Make PgBouncer acting as a server reject extraneous data after an SSL or GSS encryption handshake.
A man-in-the-middle with the ability to inject data into the TCP connection could stuff some cleartext data into the start of a supposedly encryption-protected database session. This could be abused to send faked SQL commands to the server, although that would only work if PgBouncer did not demand any authentication data. (However, a PgBouncer setup relying on SSL certificate authentication might well not do so.)