87 (
errmsg(
"SSL configuration could not be loaded in child process")));
129 char remote_host[NI_MAXHOST];
130 char remote_port[NI_MAXSERV];
166 port->remote_host =
"";
167 port->remote_port =
"";
187 remote_host[0] =
'\0';
188 remote_port[0] =
'\0';
190 remote_host,
sizeof(remote_host),
191 remote_port,
sizeof(remote_port),
192 (
log_hostname ? 0 : NI_NUMERICHOST) | NI_NUMERICSERV)) != 0)
209 (
errmsg(
"connection received: host=%s port=%s",
214 (
errmsg(
"connection received: host=%s",
219 #ifdef USE_INJECTION_POINTS
229 elog(
FATAL,
"protocol version 2 error triggered");
246 strspn(remote_host,
"0123456789.") < strlen(remote_host) &&
247 strspn(remote_host,
"0123456789ABCDEFabcdef:") < strlen(remote_host))
292 errmsg(
"the database system is starting up")));
298 errmsg(
"the database system is not yet accepting connections"),
299 errdetail(
"Consistent recovery state has not been yet reached.")));
303 errmsg(
"the database system is not accepting connections"),
304 errdetail(
"Hot standby mode is disabled.")));
309 errmsg(
"the database system is shutting down")));
314 errmsg(
"the database system is in recovery mode")));
318 (
errcode(ERRCODE_TOO_MANY_CONNECTIONS),
319 errmsg(
"sorry, too many clients already")));
330 sigprocmask(SIG_SETMASK, &
BlockSig, NULL);
358 if (
port->database_name[0] !=
'\0')
361 if (
port->remote_port[0] !=
'\0')
386 if (firstbyte == EOF)
395 if (firstbyte != 0x16)
425 if (!
port->alpn_used)
428 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
429 errmsg(
"received direct SSL connection request without ALPN protocol negotiation extension")));
435 (
errmsg(
"direct SSL connection accepted")));
445 (
errmsg(
"direct SSL connection rejected")));
501 if (!ssl_done && !gss_done)
503 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
504 errmsg(
"incomplete startup packet")));
515 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
516 errmsg(
"invalid length of startup packet")));
531 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
532 errmsg(
"incomplete startup packet")));
552 int32 cancelAuthCode;
557 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
558 errmsg(
"invalid length of startup packet")));
594 (
errmsg(
"SSLRequest accepted")));
597 (
errmsg(
"SSLRequest rejected")));
606 errmsg(
"failed to send SSL negotiation response: %m")));
623 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
624 errmsg(
"received unencrypted data after SSL request"),
625 errdetail(
"This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
640 if (
port->laddr.addr.ss_family != AF_UNIX)
648 (
errmsg(
"GSSENCRequest accepted")));
651 (
errmsg(
"GSSENCRequest rejected")));
660 errmsg(
"failed to send GSSAPI negotiation response: %m")));
677 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
678 errmsg(
"received unencrypted data after GSSAPI encryption request"),
679 errdetail(
"This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
705 (
errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
706 errmsg(
"unsupported frontend protocol %u.%u: server supports %u.0 to %u.%u",
721 List *unrecognized_protocol_options =
NIL;
732 char *nameptr =
buf + offset;
736 if (*nameptr ==
'\0')
738 valoffset = offset + strlen(nameptr) + 1;
739 if (valoffset >=
len)
741 valptr =
buf + valoffset;
743 if (strcmp(nameptr,
"database") == 0)
745 else if (strcmp(nameptr,
"user") == 0)
747 else if (strcmp(nameptr,
"options") == 0)
749 else if (strcmp(nameptr,
"replication") == 0)
758 if (strcmp(valptr,
"database") == 0)
765 (
errcode(ERRCODE_INVALID_PARAMETER_VALUE),
766 errmsg(
"invalid value for parameter \"%s\": \"%s\"",
769 errhint(
"Valid values are: \"false\", 0, \"true\", 1, \"database\".")));
771 else if (strncmp(nameptr,
"_pq_.", 5) == 0)
778 unrecognized_protocol_options =
795 if (strcmp(nameptr,
"application_name") == 0)
800 offset = valoffset + strlen(valptr) + 1;
807 if (offset !=
len - 1)
809 (
errcode(ERRCODE_PROTOCOL_VIOLATION),
810 errmsg(
"invalid startup packet layout: expected terminator as last byte")));
819 unrecognized_protocol_options !=
NIL)
824 if (
port->user_name == NULL ||
port->user_name[0] ==
'\0')
826 (
errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
827 errmsg(
"no PostgreSQL user name specified in startup packet")));
830 if (
port->database_name == NULL ||
port->database_name[0] ==
'\0')
847 port->database_name[0] =
'\0';
882 foreach(lc, unrecognized_protocol_options)
bool Trace_connection_negotiation
static void SendNegotiateProtocolVersion(List *unrecognized_protocol_options)
void BackendMain(char *startup_data, size_t startup_data_len)
static void process_startup_packet_die(SIGNAL_ARGS)
static void StartupPacketTimeoutHandler(void)
static void BackendInitialize(ClientSocket *client_sock, CAC_state cac)
static int ProcessSSLStartup(Port *port)
static int ProcessStartupPacket(Port *port, bool ssl_done, bool gss_done)
ssize_t secure_open_gssapi(Port *port)
int secure_initialize(bool isServerStart)
ssize_t secure_write(Port *port, void *ptr, size_t len)
int secure_open_server(Port *port)
bool parse_bool(const char *value, bool *result)
#define Assert(condition)
int errcode_for_socket_access(void)
int errmsg_internal(const char *fmt,...)
int errdetail(const char *fmt,...)
int errhint(const char *fmt,...)
int errcode(int sqlerrcode)
int errmsg(const char *fmt,...)
#define ereport(elevel,...)
void ReserveExternalFD(void)
#define ERRCODE_CANNOT_CONNECT_NOW
struct ClientSocket * MyClientSocket
ProtocolVersion FrontendProtocol
#define INJECTION_POINT(name)
#define IS_INJECTION_POINT_ATTACHED(name)
int pg_getnameinfo_all(const struct sockaddr_storage *addr, int salen, char *node, int nodelen, char *service, int servicelen, int flags)
void check_on_shmem_exit_lists_are_empty(void)
List * lappend(List *list, void *datum)
char * pstrdup(const char *in)
void pfree(void *pointer)
MemoryContext TopMemoryContext
char * MemoryContextStrdup(MemoryContext context, const char *string)
const char * GetBackendTypeDesc(BackendType backendType)
BackendType MyBackendType
static int list_length(const List *l)
pqsigfunc pqsignal(int signo, pqsigfunc func)
CommandDest whereToSendOutput
void PostgresMain(const char *dbname, const char *username)
bool ClientAuthInProgress
int AuthenticationTimeout
PGDLLIMPORT bool LoadedSSL
int pq_getbytes(char *s, size_t len)
Port * pq_init(ClientSocket *client_sock)
ssize_t pq_buffer_remaining_data(void)
void pq_startmsgread(void)
#define PG_PROTOCOL_MAJOR(v)
#define PG_PROTOCOL_EARLIEST
#define CANCEL_REQUEST_CODE
#define MAX_STARTUP_PACKET_LENGTH
#define PG_PROTOCOL_LATEST
#define NEGOTIATE_GSS_CODE
#define NEGOTIATE_SSL_CODE
#define PG_PROTOCOL(m, n)
#define PG_PROTOCOL_MINOR(v)
void SendCancelRequest(int backendPID, int32 cancelAuthCode)
#define PqMsg_NegotiateProtocolVersion
void init_ps_display(const char *fixed_part)
static void set_ps_display(const char *activity)
MemoryContextSwitchTo(old_ctx)
void pg_usleep(long microsec)
const char * gai_strerror(int ecode)
char * pg_clean_ascii(const char *str, int alloc_flags)
void appendStringInfo(StringInfo str, const char *fmt,...)
void appendStringInfoString(StringInfo str, const char *s)
void initStringInfo(StringInfo str)
CAC_state canAcceptConnections
void enable_timeout_after(TimeoutId id, int delay_ms)
void InitializeTimeouts(void)
void disable_timeout(TimeoutId id, bool keep_indicator)
TimeoutId RegisterTimeout(TimeoutId id, timeout_handler_proc handler)