I wrote:
> Not only DNS, but all the various auth libraries would have to be
> contended with. Lots of work there compared to the likely rewards.
Wait a minute. The entire authentication cycle happens inside
InitPostgres, using the backend's normal signal handlers. So
maybe we are overthinking the problem. What if we simply postpone
ProcessStartupPacket into that same place, and run it under the same
rules as we do for authentication? We would waste more cycles than
we do now for the case where the client closes the connection without
sending a startup packet, but not enormously so, I think --- and
optimizing that case doesn't seem like a high-priority goal anyway.
And cases like DNS lookup taking forever don't seem like any more of
an issue than auth lookup taking forever.
regards, tom lane