86 (
errmsg(
"SSL configuration could not be loaded in child process")));
128 char remote_host[NI_MAXHOST];
129 char remote_port[NI_MAXSERV];
165 port->remote_host =
"";
166 port->remote_port =
"";
186 remote_host[0] =
'\0';
187 remote_port[0] =
'\0';
189 remote_host,
sizeof(remote_host),
190 remote_port,
sizeof(remote_port),
191 (
log_hostname ? 0 : NI_NUMERICHOST) | NI_NUMERICSERV)) != 0)
208 (
errmsg(
"connection received: host=%s port=%s",
213 (
errmsg(
"connection received: host=%s",
218 #ifdef USE_INJECTION_POINTS
228 elog(
FATAL,
"protocol version 2 error triggered");
245 strspn(remote_host,
"0123456789.") < strlen(remote_host) &&
246 strspn(remote_host,
"0123456789ABCDEFabcdef:") < strlen(remote_host))
291 errmsg(
"the database system is starting up")));
297 errmsg(
"the database system is not yet accepting connections"),
298 errdetail(
"Consistent recovery state has not been yet reached.")));
302 errmsg(
"the database system is not accepting connections"),
303 errdetail(
"Hot standby mode is disabled.")));
308 errmsg(
"the database system is shutting down")));
313 errmsg(
"the database system is in recovery mode")));
317 (
errcode(ERRCODE_TOO_MANY_CONNECTIONS),
318 errmsg(
"sorry, too many clients already")));
329 sigprocmask(SIG_SETMASK, &
BlockSig, NULL);
357 if (
port->database_name[0] !=
'\0')
360 if (
port->remote_port[0] !=
'\0')
385 if (firstbyte == EOF)
394 if (firstbyte != 0x16)
424 if (!
port->alpn_used)
427 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
428 errmsg(
"received direct SSL connection request without ALPN protocol negotiation extension")));
434 (
errmsg(
"direct SSL connection accepted")));
444 (
errmsg(
"direct SSL connection rejected")));
500 if (!ssl_done && !gss_done)
502 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
503 errmsg(
"incomplete startup packet")));
514 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
515 errmsg(
"invalid length of startup packet")));
530 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
531 errmsg(
"incomplete startup packet")));
546 int32 cancelAuthCode;
551 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
552 errmsg(
"invalid length of startup packet")));
587 (
errmsg(
"SSLRequest accepted")));
590 (
errmsg(
"SSLRequest rejected")));
599 errmsg(
"failed to send SSL negotiation response: %m")));
616 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
617 errmsg(
"received unencrypted data after SSL request"),
618 errdetail(
"This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
633 if (
port->laddr.addr.ss_family != AF_UNIX)
641 (
errmsg(
"GSSENCRequest accepted")));
644 (
errmsg(
"GSSENCRequest rejected")));
653 errmsg(
"failed to send GSSAPI negotiation response: %m")));
670 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
671 errmsg(
"received unencrypted data after GSSAPI encryption request"),
672 errdetail(
"This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
694 (
errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
695 errmsg(
"unsupported frontend protocol %u.%u: server supports %u.0 to %u.%u",
710 List *unrecognized_protocol_options =
NIL;
721 char *nameptr =
buf + offset;
725 if (*nameptr ==
'\0')
727 valoffset = offset + strlen(nameptr) + 1;
728 if (valoffset >=
len)
730 valptr =
buf + valoffset;
732 if (strcmp(nameptr,
"database") == 0)
734 else if (strcmp(nameptr,
"user") == 0)
736 else if (strcmp(nameptr,
"options") == 0)
738 else if (strcmp(nameptr,
"replication") == 0)
747 if (strcmp(valptr,
"database") == 0)
754 (
errcode(ERRCODE_INVALID_PARAMETER_VALUE),
755 errmsg(
"invalid value for parameter \"%s\": \"%s\"",
758 errhint(
"Valid values are: \"false\", 0, \"true\", 1, \"database\".")));
760 else if (strncmp(nameptr,
"_pq_.", 5) == 0)
767 unrecognized_protocol_options =
784 if (strcmp(nameptr,
"application_name") == 0)
789 offset = valoffset + strlen(valptr) + 1;
796 if (offset !=
len - 1)
798 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
799 errmsg(
"invalid startup packet layout: expected terminator as last byte")));
808 unrecognized_protocol_options !=
NIL)
813 if (
port->user_name == NULL ||
port->user_name[0] ==
'\0')
815 (
errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
816 errmsg(
"no PostgreSQL user name specified in startup packet")));
819 if (
port->database_name == NULL ||
port->database_name[0] ==
'\0')
836 port->database_name[0] =
'\0';
868 foreach(lc, unrecognized_protocol_options)
bool Trace_connection_negotiation
static void SendNegotiateProtocolVersion(List *unrecognized_protocol_options)
void BackendMain(char *startup_data, size_t startup_data_len)
static void process_startup_packet_die(SIGNAL_ARGS)
static void StartupPacketTimeoutHandler(void)
static void BackendInitialize(ClientSocket *client_sock, CAC_state cac)
static int ProcessSSLStartup(Port *port)
static int ProcessStartupPacket(Port *port, bool ssl_done, bool gss_done)
ssize_t secure_open_gssapi(Port *port)
int secure_initialize(bool isServerStart)
ssize_t secure_write(Port *port, void *ptr, size_t len)
int secure_open_server(Port *port)
bool parse_bool(const char *value, bool *result)
#define Assert(condition)
int errcode_for_socket_access(void)
int errmsg_internal(const char *fmt,...)
int errdetail(const char *fmt,...)
int errhint(const char *fmt,...)
int errcode(int sqlerrcode)
int errmsg(const char *fmt,...)
#define ereport(elevel,...)
void ReserveExternalFD(void)
#define ERRCODE_CANNOT_CONNECT_NOW
struct ClientSocket * MyClientSocket
ProtocolVersion FrontendProtocol
#define INJECTION_POINT(name)
#define IS_INJECTION_POINT_ATTACHED(name)
int pg_getnameinfo_all(const struct sockaddr_storage *addr, int salen, char *node, int nodelen, char *service, int servicelen, int flags)
void check_on_shmem_exit_lists_are_empty(void)
List * lappend(List *list, void *datum)
char * pstrdup(const char *in)
void pfree(void *pointer)
MemoryContext TopMemoryContext
char * MemoryContextStrdup(MemoryContext context, const char *string)
const char * GetBackendTypeDesc(BackendType backendType)
BackendType MyBackendType
static int list_length(const List *l)
pqsigfunc pqsignal(int signo, pqsigfunc func)
CommandDest whereToSendOutput
void PostgresMain(const char *dbname, const char *username)
bool ClientAuthInProgress
void processCancelRequest(int backendPID, int32 cancelAuthCode)
int AuthenticationTimeout
PGDLLIMPORT bool LoadedSSL
int pq_getbytes(char *s, size_t len)
Port * pq_init(ClientSocket *client_sock)
ssize_t pq_buffer_remaining_data(void)
void pq_startmsgread(void)
#define PG_PROTOCOL_MAJOR(v)
#define PG_PROTOCOL_EARLIEST
#define CANCEL_REQUEST_CODE
#define MAX_STARTUP_PACKET_LENGTH
#define PG_PROTOCOL_LATEST
#define NEGOTIATE_GSS_CODE
#define NEGOTIATE_SSL_CODE
#define PG_PROTOCOL(m, n)
#define PG_PROTOCOL_MINOR(v)
#define PqMsg_NegotiateProtocolVersion
void init_ps_display(const char *fixed_part)
static void set_ps_display(const char *activity)
MemoryContextSwitchTo(old_ctx)
void pg_usleep(long microsec)
const char * gai_strerror(int ecode)
char * pg_clean_ascii(const char *str, int alloc_flags)
void appendStringInfo(StringInfo str, const char *fmt,...)
void appendStringInfoString(StringInfo str, const char *s)
void initStringInfo(StringInfo str)
CAC_state canAcceptConnections
void enable_timeout_after(TimeoutId id, int delay_ms)
void InitializeTimeouts(void)
void disable_timeout(TimeoutId id, bool keep_indicator)
TimeoutId RegisterTimeout(TimeoutId id, timeout_handler_proc handler)