PostgreSQL JDBC Driver 42.3.2 Released

Known issues

Regression since 42.3.2: “cursor <unnamed portal 1> does not exist” when using ResultSet.setFetchSize from CallableStatement, fixed in 42.3.6 (see PG #2377)

Security

CVE-2022-21724 pgjdbc instantiates plugin instances based on class names provided via authenticationPluginClassName, sslhostnameverifier, socketFactory, sslfactory, sslpasswordcallback connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This would allow a malicious class to be instantiated that could execute arbitrary code from the JVM. Fixed in commit

Changed

perf: read in_hot_standby GUC on connection PR #2334
test: materialized view privileges PR #2209 fixes Issue #2060
docs: add info about convenience maven project PR #2407
docs: Document timezone reversal from POSIX to ISO PR #2413
fix: we will ask the server if it supports GSS Encryption if gssEncryption is prefer or require PR #2396 remove the need to have a ticket in the cache before asking the server if gss encryptions are supported
docs: remove Java 6 and 7 references from contributing PR #2385
style: remove Java 8 / JDBC 4.2 checks PR #2383 Remove all remaining checks whether the source is lower than Java 8 or JDBC 4.2.
fix: throw SQLException for #getBoolean BIT(>1) PR #2386 Throw SQLException instead of ClassCastException when calling CallableStatement#getBoolean(int) on BIT(>1).
style: import java.time types in more classes PR #2382 Use imports for java.time types in all remaining classes.
style: import java.time types in TimestampUtils PR #2380 Use imports for java.time types in TimestampUtils.
refactor: Change internal constructors to pass only connection Properties Changes internal constructors for PgConnection and related classes to only accept the connection properties object and remove the user and password arguments. Any locations that required those fields can retrieve them from the properties map.
test: Fix DatabaseMetadataTest to perform mview tests only on 9.3+
perf: read in_hot_standby GUC on connection PR #2334
doc: improv doc around binary decoding of numeric data #2331
Add cert key type checking to chooseClientAlias PR #2417

Added

feat: Add authenticationPluginClassName option to provide passwords at runtime Adds authenticationPluginClassName connection property that allows end users to specify a class that will provide the connection passwords at runtime. Users implementing that interface must ensure that each invocation of the method provides a new char[] array as the contents will be filled with zeroes by the driver after use. Call sites within the driver have been updated to use the char[] directly wherever possible. This includes direct usage in the GSS authentication code paths that internally were already converting the String password into a char[] for internal usage. This allows configuring a connection with a password that must be generated on the fly or periodically changes. PR #2369 original issue Issue #2102
feat: add tcpNoDelay option PR #2341 fixes Issue #2324
feat: pg_service.conf and .pgpass support (jdbc:postgresql://?service=my-service) PR #2260 fixes Issue #2278

Fixed

Use local TimestampUtil in PgStatement and PgResultset for thread safety PR #2291 fixes Issue #921 synchronize modification of shared calendar
fix: PgObject isNull() was reporting the opposite fixes Issue #2411 PR #2414
fix: default file name is “.pg_service.conf” on Windows (not “pg_service.conf”) PR #2398 fixes Issue #2278
test: Fix RefCursorFetchTest on older platforms
fix: do not close refcursor after reading if fetchsize has been set fixes Issue #2227 PR #2371
fix: rework gss authentication to use the principal name to get the credentials fixes Issue #2235 PR #2352
fix: return getIndexInfo metadata columns in UPPER CASE PR #2368
fix: Connection leak in ConnectionFactoryImpl#tryConnect PR #2350 Issue #2351
fix: Fix For IS_AUTOGENERATED Flag PR #2348
fix: parsing service file tests for windows PR #2347
fix: The spec says that calling close() on a closed connection is a noop. PR #2345 fixes Issue #2300
fix: add microsecond precision to getTimestamp() called on sql TIME(6) Currently, “when fetching a value of type TIME(6) through resultSet.getTimestamp() only ms precision is retained, the microsecond fractional digits are lost.” This change will retain the microsecond precision when .getTimestamp() is called on TIME(6). PR #2181 Closes Issue #1537
test: materialized view privileges PR #2209 add and drop a materialized view Add to TestUtil and also to DatabaseMetaData setup and teardown fixes Issue #2060
fix: typo in connect.md PR #2338 OutOfMemoryException => OutOfMemoryError
fix: use local TimestampUtil in PgStatement and PgResultset for thread safety TimestampUtil is not thread safe. It raises exceptions when multiple threads use ResultSets of one connection. PR #2291 fixes Issue #921 If PgStatement and PgResultSet use their own TimestampUtil no synchronize is needed.
fix: typo in CONTRIBUTING.md PR #2332 seccion => section

Commits by author

Andrei Paikin (1):

minor: fix checkstyle violations for empty lines in enum PR 2426

Brett Okken (1):

doc: improv doc around binary decoding of numeric data PR 2331

Dave Cramer (21):

move comment to appropriate place and add explanation PR 2336
bump version in readme and gradle.properties PR 2335
add entries for latest changes PR 2339
Ms goodman time gettimestamp micros PR 2181
add TCP No Delay option fixes Issue PR 2324 (#2341)
fix Issue PR 2300. The spec says that calling close() on a closed connection is a noop. (#2345)
fix: parsing service file tests for windows PR 2347
fix: return getIndexInfo metadata columns in UPPER CASE PR 2368
fix: rework gss authentication to use the principal name to get the credentials fixes Issue PR 2235 (#2352)
Removed unsafe package and native kerberos ticket check PR 2363
log4jmessage PR 2370
Put back GSSCallbackHandler. Avoid using forbidden api PR 2373
fix: do not close refcursor after reading if fetchsize has been set fixes ISSUE PR 2227 (#2371)
perf: add read(b, o, l) to BlobInputStream PR 2376
change the default directory returned on windows to APPDATA/postgresql since that is what we end up using anyway PR 2402
fix: we will ask the server if it supports GSS Encryption if gssEncryption is prefer or require PR 2396
docs: Document timezone reversal from POSIX to ISO PR 2413
fix: PgObject isNull() was reporting the opposite fixes Issue PR 2411 (#2414)
remove skipjre6 and skipjre7 PR 2415
Revert “perf: add read(b, o, l) to BlobInputStream PR 2376” (#2422)
Changelog42.3.2 PR 2418

JoelRabinovitch (1):

fixForIsAutoGenerated Fix For IS_AUTOGENERATED Flag PR 2348

Marek Läll (2):

Issue 2278 ; jdbc:postgresql://?service= ; pg_service.conf ; .pgpass PR 2282
fix: default file name is “.pg_service.conf” on Windows (not “pg_service.conf”) PR 2398

Mark Grobaker (1):

test: materialized view privileges PR 2209

Michał Wyrzykowski (1):

fix: Connection leak in ConnectionFactoryImpl#tryConnect PR 2350 (#2351)

Nick Burgan (1):

Add cert key type checking to chooseClientAlias PR 2417

Philippe Marschall (6):

style: fix typos in pgobject javadoc PR 2379
style: import java.time types in TimestampUtils PR 2380
style: import java.time types in more classes PR 2382
fix: throw SQLException for #getBoolean BIT(>1) PR 2386
style: remove Java 8 / JDBC 4.2 checks PR 2383
docs: remove Java 6 and 7 references from contributing PR 2385

Sehrope Sarkuni (9):

feat: Change AuthenticationPlugin interface to use char[] rather than String PR 2420
test: Disable no-arg callable statement tests in simple query mode PR 2419
test: Remove extra catch-fail in RefCursorFetchTest PR 2391
test: Fix RefCursorFetchTest on older platforms PR 2391
feat: Add authenticationPluginClassName option to provide passwords at runtime PR 2369
test: Add TestUtil.assumeHaveMinimumServerVersion(…) helper PR 2369
refactor: Change internal constructors to pass only connection Properties PR 2369
refactor: Use multi-catch for exceptions in ConnectionFactoryImpl PR 2369
test: Fix DatabaseMetadataTest to perform mview tests only on 9.3+ PR 2340