102 (
errmsg(
"SSL configuration could not be loaded in child process")));
144 char remote_host[NI_MAXHOST];
145 char remote_port[NI_MAXSERV];
181 port->remote_host =
"";
182 port->remote_port =
"";
202 remote_host[0] =
'\0';
203 remote_port[0] =
'\0';
205 remote_host,
sizeof(remote_host),
206 remote_port,
sizeof(remote_port),
207 (
log_hostname ? 0 : NI_NUMERICHOST) | NI_NUMERICSERV)) != 0)
224 (
errmsg(
"connection received: host=%s port=%s",
229 (
errmsg(
"connection received: host=%s",
234#ifdef USE_INJECTION_POINTS
244 elog(
FATAL,
"protocol version 2 error triggered");
261 strspn(remote_host,
"0123456789.") < strlen(remote_host) &&
262 strspn(remote_host,
"0123456789ABCDEFabcdef:") < strlen(remote_host))
307 errmsg(
"the database system is starting up")));
313 errmsg(
"the database system is not yet accepting connections"),
314 errdetail(
"Consistent recovery state has not been yet reached.")));
318 errmsg(
"the database system is not accepting connections"),
319 errdetail(
"Hot standby mode is disabled.")));
324 errmsg(
"the database system is shutting down")));
329 errmsg(
"the database system is in recovery mode")));
333 (
errcode(ERRCODE_TOO_MANY_CONNECTIONS),
334 errmsg(
"sorry, too many clients already")));
345 sigprocmask(SIG_SETMASK, &
BlockSig, NULL);
373 if (
port->database_name[0] !=
'\0')
376 if (
port->remote_port[0] !=
'\0')
401 if (firstbyte == EOF)
410 if (firstbyte != 0x16)
440 if (!
port->alpn_used)
443 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
444 errmsg(
"received direct SSL connection request without ALPN protocol negotiation extension")));
450 (
errmsg(
"direct SSL connection accepted")));
460 (
errmsg(
"direct SSL connection rejected")));
516 if (!ssl_done && !gss_done)
518 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
519 errmsg(
"incomplete startup packet")));
530 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
531 errmsg(
"invalid length of startup packet")));
546 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
547 errmsg(
"incomplete startup packet")));
567 int32 cancelAuthCode;
572 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
573 errmsg(
"invalid length of startup packet")));
609 (
errmsg(
"SSLRequest accepted")));
612 (
errmsg(
"SSLRequest rejected")));
621 errmsg(
"failed to send SSL negotiation response: %m")));
638 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
639 errmsg(
"received unencrypted data after SSL request"),
640 errdetail(
"This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
655 if (
port->laddr.addr.ss_family != AF_UNIX)
663 (
errmsg(
"GSSENCRequest accepted")));
666 (
errmsg(
"GSSENCRequest rejected")));
675 errmsg(
"failed to send GSSAPI negotiation response: %m")));
692 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
693 errmsg(
"received unencrypted data after GSSAPI encryption request"),
694 errdetail(
"This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
720 (
errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
721 errmsg(
"unsupported frontend protocol %u.%u: server supports %u.0 to %u.%u",
736 List *unrecognized_protocol_options =
NIL;
747 char *nameptr =
buf + offset;
751 if (*nameptr ==
'\0')
753 valoffset = offset + strlen(nameptr) + 1;
754 if (valoffset >=
len)
756 valptr =
buf + valoffset;
758 if (strcmp(nameptr,
"database") == 0)
760 else if (strcmp(nameptr,
"user") == 0)
762 else if (strcmp(nameptr,
"options") == 0)
764 else if (strcmp(nameptr,
"replication") == 0)
773 if (strcmp(valptr,
"database") == 0)
780 (
errcode(ERRCODE_INVALID_PARAMETER_VALUE),
781 errmsg(
"invalid value for parameter \"%s\": \"%s\"",
784 errhint(
"Valid values are: \"false\", 0, \"true\", 1, \"database\".")));
786 else if (strncmp(nameptr,
"_pq_.", 5) == 0)
793 unrecognized_protocol_options =
810 if (strcmp(nameptr,
"application_name") == 0)
815 offset = valoffset + strlen(valptr) + 1;
822 if (offset !=
len - 1)
824 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
825 errmsg(
"invalid startup packet layout: expected terminator as last byte")));
834 unrecognized_protocol_options !=
NIL)
839 if (
port->user_name == NULL ||
port->user_name[0] ==
'\0')
841 (
errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
842 errmsg(
"no PostgreSQL user name specified in startup packet")));
845 if (
port->database_name == NULL ||
port->database_name[0] ==
'\0')
871 port->database_name[0] =
'\0';
906 foreach(lc, unrecognized_protocol_options)
994 for (
size_t i = 0;
i <
lengthof(compat_options);
i++)
1003 GUC_check_errdetail(
"Cannot specify log_connections option \"%s\" in a list with other options.",
1013 foreach(l, elemlist)
1082 *((
int *) *extra) = flags;
bool check_log_connections(char **newval, void **extra, GucSource source)
bool Trace_connection_negotiation
ConnectionTiming conn_timing
static void SendNegotiateProtocolVersion(List *unrecognized_protocol_options)
static void process_startup_packet_die(SIGNAL_ARGS)
static void StartupPacketTimeoutHandler(void)
static void BackendInitialize(ClientSocket *client_sock, CAC_state cac)
static int ProcessSSLStartup(Port *port)
char * log_connections_string
void assign_log_connections(const char *newval, void *extra)
void BackendMain(const void *startup_data, size_t startup_data_len)
static int ProcessStartupPacket(Port *port, bool ssl_done, bool gss_done)
static bool validate_log_connections_options(List *elemlist, uint32 *flags)
@ LOG_CONNECTION_AUTHORIZATION
@ LOG_CONNECTION_SETUP_DURATIONS
@ LOG_CONNECTION_AUTHENTICATION
ssize_t secure_open_gssapi(Port *port)
int secure_initialize(bool isServerStart)
ssize_t secure_write(Port *port, const void *ptr, size_t len)
int secure_open_server(Port *port)
bool parse_bool(const char *value, bool *result)
#define TIMESTAMP_MINUS_INFINITY
int errcode_for_socket_access(void)
int errmsg_internal(const char *fmt,...)
int errdetail(const char *fmt,...)
int errhint(const char *fmt,...)
int errcode(int sqlerrcode)
int errmsg(const char *fmt,...)
#define ereport(elevel,...)
void ReserveExternalFD(void)
#define ERRCODE_CANNOT_CONNECT_NOW
struct ClientSocket * MyClientSocket
ProtocolVersion FrontendProtocol
void * guc_malloc(int elevel, size_t size)
#define GUC_check_errdetail
Assert(PointerIsAligned(start, uint64))
#define INJECTION_POINT(name)
#define IS_INJECTION_POINT_ATTACHED(name)
int pg_getnameinfo_all(const struct sockaddr_storage *addr, int salen, char *node, int nodelen, char *service, int servicelen, int flags)
void check_on_shmem_exit_lists_are_empty(void)
List * lappend(List *list, void *datum)
void list_free(List *list)
char * MemoryContextStrdup(MemoryContext context, const char *string)
char * pstrdup(const char *in)
void pfree(void *pointer)
MemoryContext TopMemoryContext
const char * GetBackendTypeDesc(BackendType backendType)
BackendType MyBackendType
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
static int list_length(const List *l)
static rewind_source * source
int pg_strcasecmp(const char *s1, const char *s2)
CommandDest whereToSendOutput
void PostgresMain(const char *dbname, const char *username)
bool ClientAuthInProgress
int AuthenticationTimeout
PGDLLIMPORT bool LoadedSSL
Port * pq_init(ClientSocket *client_sock)
ssize_t pq_buffer_remaining_data(void)
int pq_getbytes(void *b, size_t len)
void pq_startmsgread(void)
#define PG_PROTOCOL_MAJOR(v)
#define PG_PROTOCOL_EARLIEST
#define CANCEL_REQUEST_CODE
#define MAX_STARTUP_PACKET_LENGTH
#define PG_PROTOCOL_LATEST
#define NEGOTIATE_GSS_CODE
#define NEGOTIATE_SSL_CODE
#define PG_PROTOCOL(m, n)
#define PG_PROTOCOL_MINOR(v)
void SendCancelRequest(int backendPID, int32 cancelAuthCode)
#define PqMsg_NegotiateProtocolVersion
void init_ps_display(const char *fixed_part)
static void set_ps_display(const char *activity)
void pg_usleep(long microsec)
const char * gai_strerror(int ecode)
char * pg_clean_ascii(const char *str, int alloc_flags)
void appendStringInfo(StringInfo str, const char *fmt,...)
void appendStringInfoString(StringInfo str, const char *s)
void initStringInfo(StringInfo str)
CAC_state canAcceptConnections
TimestampTz ready_for_use
void enable_timeout_after(TimeoutId id, int delay_ms)
void InitializeTimeouts(void)
void disable_timeout(TimeoutId id, bool keep_indicator)
TimeoutId RegisterTimeout(TimeoutId id, timeout_handler_proc handler)
bool SplitIdentifierString(char *rawstring, char separator, List **namelist)