PostgreSQL Source Code  git master
be-gssapi-common.c
Go to the documentation of this file.
1 /*-------------------------------------------------------------------------
2  *
3  * be-gssapi-common.c
4  * Common code for GSSAPI authentication and encryption
5  *
6  * Portions Copyright (c) 1996-2021, PostgreSQL Global Development Group
7  * Portions Copyright (c) 1994, Regents of the University of California
8  *
9  * IDENTIFICATION
10  * src/backend/libpq/be-gssapi-common.c
11  *
12  *-------------------------------------------------------------------------
13  */
14 
15 #include "postgres.h"
16 
17 #include "libpq/be-gssapi-common.h"
18 
19 /*
20  * Fetch all errors of a specific type and append to "s" (buffer of size len).
21  * If we obtain more than one string, separate them with spaces.
22  * Call once for GSS_CODE and once for MECH_CODE.
23  */
24 static void
25 pg_GSS_error_int(char *s, size_t len, OM_uint32 stat, int type)
26 {
27  gss_buffer_desc gmsg;
28  size_t i = 0;
29  OM_uint32 lmin_s,
30  msg_ctx = 0;
31 
32  s[0] = '\0'; /* just in case gss_display_status fails */
33 
34  do
35  {
36  if (gss_display_status(&lmin_s, stat, type, GSS_C_NO_OID,
37  &msg_ctx, &gmsg) != GSS_S_COMPLETE)
38  break;
39  if (i > 0)
40  {
41  if (i < len)
42  s[i] = ' ';
43  i++;
44  }
45  if (i < len)
46  strlcpy(s + i, gmsg.value, len - i);
47  i += gmsg.length;
48  gss_release_buffer(&lmin_s, &gmsg);
49  }
50  while (msg_ctx);
51 
52  if (i >= len)
53  {
54  elog(COMMERROR, "incomplete GSS error report");
55  s[len - 1] = '\0'; /* ensure string is nul-terminated */
56  }
57 }
58 
59 /*
60  * Report the GSSAPI error described by maj_stat/min_stat.
61  *
62  * errmsg should be an already-translated primary error message.
63  * The GSSAPI info is appended as errdetail.
64  *
65  * The error is always reported with elevel COMMERROR; we daren't try to
66  * send it to the client, as that'd likely lead to infinite recursion
67  * when elog.c tries to write to the client.
68  *
69  * To avoid memory allocation, total error size is capped (at 128 bytes for
70  * each of major and minor). No known mechanisms will produce error messages
71  * beyond this cap.
72  */
73 void
74 pg_GSS_error(const char *errmsg,
75  OM_uint32 maj_stat, OM_uint32 min_stat)
76 {
77  char msg_major[128],
78  msg_minor[128];
79 
80  /* Fetch major status message */
81  pg_GSS_error_int(msg_major, sizeof(msg_major), maj_stat, GSS_C_GSS_CODE);
82 
83  /* Fetch mechanism minor status message */
84  pg_GSS_error_int(msg_minor, sizeof(msg_minor), min_stat, GSS_C_MECH_CODE);
85 
86  /*
87  * errmsg_internal, since translation of the first part must be done
88  * before calling this function anyway.
89  */
91  (errmsg_internal("%s", errmsg),
92  errdetail_internal("%s: %s", msg_major, msg_minor)));
93 }
int errdetail_internal(const char *fmt,...)
Definition: elog.c:1069
static void pg_GSS_error_int(char *s, size_t len, OM_uint32 stat, int type)
#define COMMERROR
Definition: elog.h:30
void pg_GSS_error(const char *errmsg, OM_uint32 maj_stat, OM_uint32 min_stat)
#define ereport(elevel,...)
Definition: elog.h:157
size_t strlcpy(char *dst, const char *src, size_t siz)
Definition: strlcpy.c:45
int errmsg_internal(const char *fmt,...)
Definition: elog.c:996
int errmsg(const char *fmt,...)
Definition: elog.c:909
#define elog(elevel,...)
Definition: elog.h:232
int i