PostgreSQL Source Code  git master
Macros | Functions
be-gssapi-common.c File Reference
#include "postgres.h"
#include "libpq/be-gssapi-common.h"
Include dependency graph for be-gssapi-common.c:

Go to the source code of this file.

Macros

#define GSS_MEMORY_CACHE   "MEMORY:"
 

Functions

static void pg_GSS_error_int (char *s, size_t len, OM_uint32 stat, int type)
 
void pg_GSS_error (const char *errmsg, OM_uint32 maj_stat, OM_uint32 min_stat)
 
void pg_store_delegated_credential (gss_cred_id_t cred)
 

Macro Definition Documentation

◆ GSS_MEMORY_CACHE

#define GSS_MEMORY_CACHE   "MEMORY:"

Definition at line 102 of file be-gssapi-common.c.

Function Documentation

◆ pg_GSS_error()

void pg_GSS_error ( const char *  errmsg,
OM_uint32  maj_stat,
OM_uint32  min_stat 
)

Definition at line 75 of file be-gssapi-common.c.

77 {
78  char msg_major[128],
79  msg_minor[128];
80 
81  /* Fetch major status message */
82  pg_GSS_error_int(msg_major, sizeof(msg_major), maj_stat, GSS_C_GSS_CODE);
83 
84  /* Fetch mechanism minor status message */
85  pg_GSS_error_int(msg_minor, sizeof(msg_minor), min_stat, GSS_C_MECH_CODE);
86 
87  /*
88  * errmsg_internal, since translation of the first part must be done
89  * before calling this function anyway.
90  */
91  ereport(COMMERROR,
92  (errmsg_internal("%s", errmsg),
93  errdetail_internal("%s: %s", msg_major, msg_minor)));
94 }
pg_GSS_error_int
static void pg_GSS_error_int(char *s, size_t len, OM_uint32 stat, int type)
Definition: be-gssapi-common.c:25
errmsg_internal
int errmsg_internal(const char *fmt,...)
Definition: elog.c:1156
errdetail_internal
int errdetail_internal(const char *fmt,...)
Definition: elog.c:1229
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:1069
COMMERROR
#define COMMERROR
Definition: elog.h:33
ereport
#define ereport(elevel,...)
Definition: elog.h:149

References COMMERROR, ereport, errdetail_internal(), errmsg(), errmsg_internal(), and pg_GSS_error_int().

Referenced by be_gssapi_read(), be_gssapi_write(), pg_GSS_read(), pg_GSS_write(), pg_store_delegated_credential(), pqsecure_open_gss(), and secure_open_gssapi().

◆ pg_GSS_error_int()

static void pg_GSS_error_int ( char *  s,
size_t  len,
OM_uint32  stat,
int  type 
)
static

Definition at line 25 of file be-gssapi-common.c.

26 {
27  gss_buffer_desc gmsg;
28  size_t i = 0;
29  OM_uint32 lmin_s,
30  msg_ctx = 0;
31 
32  do
33  {
34  if (gss_display_status(&lmin_s, stat, type, GSS_C_NO_OID,
35  &msg_ctx, &gmsg) != GSS_S_COMPLETE)
36  break;
37  if (i > 0)
38  {
39  if (i < len)
40  s[i] = ' ';
41  i++;
42  }
43  if (i < len)
44  memcpy(s + i, gmsg.value, Min(len - i, gmsg.length));
45  i += gmsg.length;
46  gss_release_buffer(&lmin_s, &gmsg);
47  }
48  while (msg_ctx);
49 
50  /* add nul termination */
51  if (i < len)
52  s[i] = '\0';
53  else
54  {
55  elog(COMMERROR, "incomplete GSS error report");
56  s[len - 1] = '\0';
57  }
58 }
Min
#define Min(x, y)
Definition: c.h:993
i
int i
Definition: isn.c:73
len
const void size_t len
Definition: pg_crc32c_sse42.c:24
type
const char * type
Definition: wait_event_funcs.c:27

References COMMERROR, elog(), i, len, Min, and type.

Referenced by pg_GSS_error().

◆ pg_store_delegated_credential()

void pg_store_delegated_credential ( gss_cred_id_t  cred)

Definition at line 104 of file be-gssapi-common.c.

105 {
106  OM_uint32 major,
107  minor;
108  gss_OID_set mech;
109  gss_cred_usage_t usage;
110  gss_key_value_element_desc cc;
111  gss_key_value_set_desc ccset;
112 
113  cc.key = "ccache";
114  cc.value = GSS_MEMORY_CACHE;
115  ccset.count = 1;
116  ccset.elements = &cc;
117 
118  /* Make the delegated credential only available to current process */
119  major = gss_store_cred_into(&minor,
120  cred,
121  GSS_C_INITIATE, /* credential only used for
122  * starting libpq connection */
123  GSS_C_NULL_OID, /* store all */
124  true, /* overwrite */
125  true, /* make default */
126  &ccset,
127  &mech,
128  &usage);
129 
130  if (major != GSS_S_COMPLETE)
131  {
132  pg_GSS_error("gss_store_cred", major, minor);
133  }
134 
135  /* Credential stored, so we can release our credential handle. */
136  major = gss_release_cred(&minor, &cred);
137  if (major != GSS_S_COMPLETE)
138  {
139  pg_GSS_error("gss_release_cred", major, minor);
140  }
141 
142  /*
143  * Set KRB5CCNAME for this backend, so that later calls to
144  * gss_acquire_cred will find the delegated credentials we stored.
145  */
146  setenv("KRB5CCNAME", GSS_MEMORY_CACHE, 1);
147 }
GSS_MEMORY_CACHE
#define GSS_MEMORY_CACHE
Definition: be-gssapi-common.c:102
pg_GSS_error
void pg_GSS_error(const char *errmsg, OM_uint32 maj_stat, OM_uint32 min_stat)
Definition: be-gssapi-common.c:75
usage
static void usage(const char *progname)
Definition: vacuumlo.c:414
setenv
#define setenv(x, y, z)
Definition: win32_port.h:537

References GSS_MEMORY_CACHE, pg_GSS_error(), setenv, and usage().

Referenced by secure_open_gssapi().