PostgreSQL Source Code: src/backend/libpq/be-secure.c Source File (original) (raw)

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

20

21#include <signal.h>

22#include <fcntl.h>

23#include <ctype.h>

29

35

45

46#ifdef USE_SSL

47bool ssl_loaded_verify_locations = false;

48#endif

49

50

53

54

56

57

59

62

63

64

65

66

67

68

69

70

71

72

73

74int

76{

77#ifdef USE_SSL

79#else

80 return 0;

81#endif

82}

83

84

85

86

87void

89{

90#ifdef USE_SSL

92#endif

93}

94

95

96

97

98bool

100{

101#ifdef USE_SSL

102 return ssl_loaded_verify_locations;

103#else

104 return false;

105#endif

106}

107

108

109

110

111int

113{

114#ifdef USE_SSL

115 int r = 0;

116 ssize_t len;

117

118

120 if (len > 0)

121 {

123

126 return STATUS_ERROR;

129 port->raw_buf_remaining = len;

130 port->raw_buf_consumed = 0;

131 }

133

135

137

138 if (port->raw_buf_remaining > 0)

139 {

140

141

142

143

144 elog(LOG, "buffered unencrypted data remains after negotiating SSL connection");

146 }

147 if (port->raw_buf != NULL)

148 {

150 port->raw_buf = NULL;

151 }

152

154 (errmsg_internal("SSL connection from DN:\"%s\" CN:\"%s\"",

155 port->peer_dn ? port->peer_dn : "(anonymous)",

156 port->peer_cn ? port->peer_cn : "(anonymous)")));

157 return r;

158#else

159 return 0;

160#endif

161}

162

163

164

165

166void

168{

169#ifdef USE_SSL

170 if (port->ssl_in_use)

172#endif

173}

174

175

176

177

178ssize_t

180{

181 ssize_t n;

182 int waitfor;

183

184

186

187retry:

188#ifdef USE_SSL

189 waitfor = 0;

190 if (port->ssl_in_use)

191 {

193 }

194 else

195#endif

196#ifdef ENABLE_GSS

197 if (port->gss && port->gss->enc)

198 {

201 }

202 else

203#endif

204 {

207 }

208

209

210 if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))

211 {

213

215

217

219 WAIT_EVENT_CLIENT_READ);

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

240 (errcode(ERRCODE_ADMIN_SHUTDOWN),

241 errmsg("terminating connection due to unexpected postmaster exit")));

242

243

245 {

248

249

250

251

252

253

254 }

255 goto retry;

256 }

257

258

259

260

261

263

264 return n;

265}

266

267ssize_t

269{

270 ssize_t n;

271

272

273 if (port->raw_buf_remaining > 0)

274 {

275

276 if (len > port->raw_buf_remaining)

277 len = port->raw_buf_remaining;

279 memcpy(ptr, port->raw_buf + port->raw_buf_consumed, len);

280 port->raw_buf_consumed += len;

281 port->raw_buf_remaining -= len;

282 return len;

283 }

284

285

286

287

288

289#ifdef WIN32

291#endif

293#ifdef WIN32

295#endif

296

297 return n;

298}

299

300

301

302

303

304ssize_t

306{

307 ssize_t n;

308 int waitfor;

309

310

312

313retry:

314 waitfor = 0;

315#ifdef USE_SSL

316 if (port->ssl_in_use)

317 {

319 }

320 else

321#endif

322#ifdef ENABLE_GSS

323 if (port->gss && port->gss->enc)

324 {

327 }

328 else

329#endif

330 {

333 }

334

335 if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))

336 {

338

340

342

344 WAIT_EVENT_CLIENT_WRITE);

345

346

349 (errcode(ERRCODE_ADMIN_SHUTDOWN),

350 errmsg("terminating connection due to unexpected postmaster exit")));

351

352

354 {

357

358

359

360

361

362

363 }

364 goto retry;

365 }

366

367

368

369

370

372

373 return n;

374}

375

376ssize_t

378{

379 ssize_t n;

380

381#ifdef WIN32

383#endif

385#ifdef WIN32

387#endif

388

389 return n;

390}

ssize_t be_gssapi_write(Port *port, const void *ptr, size_t len)

ssize_t be_gssapi_read(Port *port, void *ptr, size_t len)

ssize_t be_tls_write(Port *port, const void *ptr, size_t len, int *waitfor)

void be_tls_destroy(void)

int be_tls_init(bool isServerStart)

int be_tls_open_server(Port *port)

void be_tls_close(Port *port)

ssize_t be_tls_read(Port *port, void *ptr, size_t len, int *waitfor)

void secure_destroy(void)

char * ssl_dh_params_file

int ssl_min_protocol_version

ssize_t secure_raw_read(Port *port, void *ptr, size_t len)

int secure_initialize(bool isServerStart)

bool SSLPreferServerCiphers

ssize_t secure_write(Port *port, const void *ptr, size_t len)

int ssl_max_protocol_version

char * ssl_passphrase_command

int secure_open_server(Port *port)

bool ssl_passphrase_command_supports_reload

bool secure_loaded_verify_locations(void)

void secure_close(Port *port)

ssize_t secure_read(Port *port, void *ptr, size_t len)

ssize_t secure_raw_write(Port *port, const void *ptr, size_t len)

int errmsg_internal(const char *fmt,...)

int errcode(int sqlerrcode)

int errmsg(const char *fmt,...)

#define ereport(elevel,...)

Assert(PointerIsAligned(start, uint64))

#define INJECTION_POINT(name, arg)

void ResetLatch(Latch *latch)

#define FeBeWaitSetSocketPos

void pfree(void *pointer)

void ProcessClientReadInterrupt(bool blocked)

void ProcessClientWriteInterrupt(bool blocked)

ssize_t pq_buffer_remaining_data(void)

int pq_getbytes(void *b, size_t len)

WaitEventSet * FeBeWaitSet

void pq_startmsgread(void)

void ModifyWaitEvent(WaitEventSet *set, int pos, uint32 events, Latch *latch)

int WaitEventSetWait(WaitEventSet *set, long timeout, WaitEvent *occurred_events, int nevents, uint32 wait_event_info)

#define WL_SOCKET_READABLE

#define WL_POSTMASTER_DEATH

#define WL_SOCKET_WRITEABLE

#define recv(s, buf, len, flags)

#define send(s, buf, len, flags)