PostgreSQL Source Code  git master
be-secure.c File Reference
#include "postgres.h"
#include <signal.h>
#include <fcntl.h>
#include <ctype.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include "libpq/libpq.h"
#include "miscadmin.h"
#include "pgstat.h"
#include "tcop/tcopprot.h"
#include "utils/memutils.h"
#include "storage/ipc.h"
#include "storage/proc.h"
Include dependency graph for be-secure.c:

Go to the source code of this file.

Functions

int secure_initialize (bool isServerStart)
 
void secure_destroy (void)
 
bool secure_loaded_verify_locations (void)
 
int secure_open_server (Port *port)
 
void secure_close (Port *port)
 
ssize_t secure_read (Port *port, void *ptr, size_t len)
 
ssize_t secure_raw_read (Port *port, void *ptr, size_t len)
 
ssize_t secure_write (Port *port, void *ptr, size_t len)
 
ssize_t secure_raw_write (Port *port, const void *ptr, size_t len)
 

Variables

char * ssl_library
 
char * ssl_cert_file
 
char * ssl_key_file
 
char * ssl_ca_file
 
char * ssl_crl_file
 
char * ssl_dh_params_file
 
char * ssl_passphrase_command
 
bool ssl_passphrase_command_supports_reload
 
char * SSLCipherSuites = NULL
 
char * SSLECDHCurve
 
bool SSLPreferServerCiphers
 
int ssl_min_protocol_version
 
int ssl_max_protocol_version
 

Function Documentation

◆ secure_close()

void secure_close ( Port port)

Definition at line 134 of file be-secure.c.

References be_tls_close(), and Port::ssl_in_use.

Referenced by ConnFree(), and socket_close().

135 {
136 #ifdef USE_SSL
137  if (port->ssl_in_use)
138  be_tls_close(port);
139 #endif
140 }
bool ssl_in_use
Definition: libpq-be.h:190
void be_tls_close(Port *port)

◆ secure_destroy()

void secure_destroy ( void  )

Definition at line 91 of file be-secure.c.

References be_tls_destroy().

Referenced by SIGHUP_handler().

92 {
93 #ifdef USE_SSL
95 #endif
96 }
void be_tls_destroy(void)

◆ secure_initialize()

int secure_initialize ( bool  isServerStart)

Definition at line 78 of file be-secure.c.

References be_tls_init().

Referenced by BackendRun(), PostmasterMain(), and SIGHUP_handler().

79 {
80 #ifdef USE_SSL
81  return be_tls_init(isServerStart);
82 #else
83  return 0;
84 #endif
85 }
int be_tls_init(bool isServerStart)

◆ secure_loaded_verify_locations()

bool secure_loaded_verify_locations ( void  )

Definition at line 102 of file be-secure.c.

Referenced by ClientAuthentication().

103 {
104 #ifdef USE_SSL
105  return ssl_loaded_verify_locations;
106 #else
107  return false;
108 #endif
109 }

◆ secure_open_server()

int secure_open_server ( Port port)

Definition at line 115 of file be-secure.c.

References be_tls_open_server(), DEBUG2, ereport, errmsg(), and Port::peer_cn.

Referenced by ProcessStartupPacket().

116 {
117  int r = 0;
118 
119 #ifdef USE_SSL
120  r = be_tls_open_server(port);
121 
122  ereport(DEBUG2,
123  (errmsg("SSL connection from \"%s\"",
124  port->peer_cn ? port->peer_cn : "(anonymous)")));
125 #endif
126 
127  return r;
128 }
char * peer_cn
Definition: libpq-be.h:191
#define DEBUG2
Definition: elog.h:24
#define ereport(elevel, rest)
Definition: elog.h:141
int be_tls_open_server(Port *port)
int errmsg(const char *fmt,...)
Definition: elog.c:784

◆ secure_raw_read()

ssize_t secure_raw_read ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 235 of file be-secure.c.

References pgwin32_noblock, recv, and Port::sock.

Referenced by be_gssapi_read(), my_sock_read(), read_or_wait(), and secure_read().

236 {
237  ssize_t n;
238 
239  /*
240  * Try to read from the socket without blocking. If it succeeds we're
241  * done, otherwise we'll wait for the socket using the latch mechanism.
242  */
243 #ifdef WIN32
244  pgwin32_noblock = true;
245 #endif
246  n = recv(port->sock, ptr, len, 0);
247 #ifdef WIN32
248  pgwin32_noblock = false;
249 #endif
250 
251  return n;
252 }
int pgwin32_noblock
Definition: socket.c:28
#define recv(s, buf, len, flags)
Definition: win32_port.h:437
pgsocket sock
Definition: libpq-be.h:122

◆ secure_raw_write()

ssize_t secure_raw_write ( Port port,
const void *  ptr,
size_t  len 
)

Definition at line 331 of file be-secure.c.

References pgwin32_noblock, send, and Port::sock.

Referenced by be_gssapi_write(), my_sock_write(), secure_open_gssapi(), and secure_write().

332 {
333  ssize_t n;
334 
335 #ifdef WIN32
336  pgwin32_noblock = true;
337 #endif
338  n = send(port->sock, ptr, len, 0);
339 #ifdef WIN32
340  pgwin32_noblock = false;
341 #endif
342 
343  return n;
344 }
int pgwin32_noblock
Definition: socket.c:28
pgsocket sock
Definition: libpq-be.h:122
#define send(s, buf, len, flags)
Definition: win32_port.h:438

◆ secure_read()

ssize_t secure_read ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 146 of file be-secure.c.

References Assert, be_gssapi_read(), be_tls_read(), EAGAIN, ereport, errcode(), errmsg(), WaitEvent::events, EWOULDBLOCK, FATAL, FeBeWaitSet, Port::gss, ModifyWaitEvent(), MyLatch, ProcessClientReadInterrupt(), ResetLatch(), secure_raw_read(), Port::ssl_in_use, WAIT_EVENT_CLIENT_READ, WaitEventSetWait(), WL_LATCH_SET, WL_POSTMASTER_DEATH, and WL_SOCKET_READABLE.

Referenced by pq_getbyte_if_available(), and pq_recvbuf().

147 {
148  ssize_t n;
149  int waitfor;
150 
151  /* Deal with any already-pending interrupt condition. */
153 
154 retry:
155 #ifdef USE_SSL
156  waitfor = 0;
157  if (port->ssl_in_use)
158  {
159  n = be_tls_read(port, ptr, len, &waitfor);
160  }
161  else
162 #endif
163 #ifdef ENABLE_GSS
164  if (port->gss->enc)
165  {
166  n = be_gssapi_read(port, ptr, len);
167  waitfor = WL_SOCKET_READABLE;
168  }
169  else
170 #endif
171  {
172  n = secure_raw_read(port, ptr, len);
173  waitfor = WL_SOCKET_READABLE;
174  }
175 
176  /* In blocking mode, wait until the socket is ready */
177  if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))
178  {
179  WaitEvent event;
180 
181  Assert(waitfor);
182 
183  ModifyWaitEvent(FeBeWaitSet, 0, waitfor, NULL);
184 
185  WaitEventSetWait(FeBeWaitSet, -1 /* no timeout */ , &event, 1,
187 
188  /*
189  * If the postmaster has died, it's not safe to continue running,
190  * because it is the postmaster's job to kill us if some other backend
191  * exits uncleanly. Moreover, we won't run very well in this state;
192  * helper processes like walwriter and the bgwriter will exit, so
193  * performance may be poor. Finally, if we don't exit, pg_ctl will be
194  * unable to restart the postmaster without manual intervention, so no
195  * new connections can be accepted. Exiting clears the deck for a
196  * postmaster restart.
197  *
198  * (Note that we only make this check when we would otherwise sleep on
199  * our latch. We might still continue running for a while if the
200  * postmaster is killed in mid-query, or even through multiple queries
201  * if we never have to wait for read. We don't want to burn too many
202  * cycles checking for this very rare condition, and this should cause
203  * us to exit quickly in most cases.)
204  */
205  if (event.events & WL_POSTMASTER_DEATH)
206  ereport(FATAL,
207  (errcode(ERRCODE_ADMIN_SHUTDOWN),
208  errmsg("terminating connection due to unexpected postmaster exit")));
209 
210  /* Handle interrupt. */
211  if (event.events & WL_LATCH_SET)
212  {
215 
216  /*
217  * We'll retry the read. Most likely it will return immediately
218  * because there's still no data available, and we'll wait for the
219  * socket to become ready again.
220  */
221  }
222  goto retry;
223  }
224 
225  /*
226  * Process interrupts that happened during a successful (or non-blocking,
227  * or hard-failed) read.
228  */
230 
231  return n;
232 }
ssize_t be_tls_read(Port *port, void *ptr, size_t len, int *waitfor)
#define EAGAIN
Definition: win32_port.h:321
int errcode(int sqlerrcode)
Definition: elog.c:570
void ModifyWaitEvent(WaitEventSet *set, int pos, uint32 events, Latch *latch)
Definition: latch.c:766
bool ssl_in_use
Definition: libpq-be.h:190
#define WL_SOCKET_READABLE
Definition: latch.h:125
WaitEventSet * FeBeWaitSet
Definition: pqcomm.c:186
void ResetLatch(Latch *latch)
Definition: latch.c:519
#define FATAL
Definition: elog.h:52
uint32 events
Definition: latch.h:144
#define ereport(elevel, rest)
Definition: elog.h:141
#define WL_POSTMASTER_DEATH
Definition: latch.h:128
void ProcessClientReadInterrupt(bool blocked)
Definition: postgres.c:530
ssize_t secure_raw_read(Port *port, void *ptr, size_t len)
Definition: be-secure.c:235
#define Assert(condition)
Definition: c.h:732
void * gss
Definition: libpq-be.h:184
int errmsg(const char *fmt,...)
Definition: elog.c:784
struct Latch * MyLatch
Definition: globals.c:54
#define EWOULDBLOCK
Definition: win32_port.h:329
#define WL_LATCH_SET
Definition: latch.h:124
int WaitEventSetWait(WaitEventSet *set, long timeout, WaitEvent *occurred_events, int nevents, uint32 wait_event_info)
Definition: latch.c:953
ssize_t be_gssapi_read(Port *port, void *ptr, size_t len)

◆ secure_write()

ssize_t secure_write ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 259 of file be-secure.c.

References Assert, be_gssapi_write(), be_tls_write(), EAGAIN, ereport, errcode(), errmsg(), WaitEvent::events, EWOULDBLOCK, FATAL, FeBeWaitSet, Port::gss, ModifyWaitEvent(), MyLatch, ProcessClientWriteInterrupt(), ResetLatch(), secure_raw_write(), Port::ssl_in_use, WAIT_EVENT_CLIENT_WRITE, WaitEventSetWait(), WL_LATCH_SET, WL_POSTMASTER_DEATH, and WL_SOCKET_WRITEABLE.

Referenced by internal_flush().

260 {
261  ssize_t n;
262  int waitfor;
263 
264  /* Deal with any already-pending interrupt condition. */
266 
267 retry:
268  waitfor = 0;
269 #ifdef USE_SSL
270  if (port->ssl_in_use)
271  {
272  n = be_tls_write(port, ptr, len, &waitfor);
273  }
274  else
275 #endif
276 #ifdef ENABLE_GSS
277  if (port->gss->enc)
278  {
279  n = be_gssapi_write(port, ptr, len);
280  waitfor = WL_SOCKET_WRITEABLE;
281  }
282  else
283 #endif
284  {
285  n = secure_raw_write(port, ptr, len);
286  waitfor = WL_SOCKET_WRITEABLE;
287  }
288 
289  if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))
290  {
291  WaitEvent event;
292 
293  Assert(waitfor);
294 
295  ModifyWaitEvent(FeBeWaitSet, 0, waitfor, NULL);
296 
297  WaitEventSetWait(FeBeWaitSet, -1 /* no timeout */ , &event, 1,
299 
300  /* See comments in secure_read. */
301  if (event.events & WL_POSTMASTER_DEATH)
302  ereport(FATAL,
303  (errcode(ERRCODE_ADMIN_SHUTDOWN),
304  errmsg("terminating connection due to unexpected postmaster exit")));
305 
306  /* Handle interrupt. */
307  if (event.events & WL_LATCH_SET)
308  {
311 
312  /*
313  * We'll retry the write. Most likely it will return immediately
314  * because there's still no buffer space available, and we'll wait
315  * for the socket to become ready again.
316  */
317  }
318  goto retry;
319  }
320 
321  /*
322  * Process interrupts that happened during a successful (or non-blocking,
323  * or hard-failed) write.
324  */
326 
327  return n;
328 }
#define WL_SOCKET_WRITEABLE
Definition: latch.h:126
#define EAGAIN
Definition: win32_port.h:321
ssize_t secure_raw_write(Port *port, const void *ptr, size_t len)
Definition: be-secure.c:331
int errcode(int sqlerrcode)
Definition: elog.c:570
void ModifyWaitEvent(WaitEventSet *set, int pos, uint32 events, Latch *latch)
Definition: latch.c:766
bool ssl_in_use
Definition: libpq-be.h:190
WaitEventSet * FeBeWaitSet
Definition: pqcomm.c:186
void ResetLatch(Latch *latch)
Definition: latch.c:519
#define FATAL
Definition: elog.h:52
uint32 events
Definition: latch.h:144
ssize_t be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
#define ereport(elevel, rest)
Definition: elog.h:141
#define WL_POSTMASTER_DEATH
Definition: latch.h:128
ssize_t be_gssapi_write(Port *port, void *ptr, size_t len)
#define Assert(condition)
Definition: c.h:732
void * gss
Definition: libpq-be.h:184
int errmsg(const char *fmt,...)
Definition: elog.c:784
struct Latch * MyLatch
Definition: globals.c:54
#define EWOULDBLOCK
Definition: win32_port.h:329
#define WL_LATCH_SET
Definition: latch.h:124
int WaitEventSetWait(WaitEventSet *set, long timeout, WaitEvent *occurred_events, int nevents, uint32 wait_event_info)
Definition: latch.c:953
void ProcessClientWriteInterrupt(bool blocked)
Definition: postgres.c:576

Variable Documentation

◆ ssl_ca_file

char* ssl_ca_file

Definition at line 44 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_cert_file

char* ssl_cert_file

Definition at line 42 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_crl_file

char* ssl_crl_file

Definition at line 45 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_dh_params_file

char* ssl_dh_params_file

Definition at line 46 of file be-secure.c.

Referenced by initialize_dh().

◆ ssl_key_file

char* ssl_key_file

Definition at line 43 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_library

char* ssl_library

Definition at line 41 of file be-secure.c.

◆ ssl_max_protocol_version

int ssl_max_protocol_version

Definition at line 64 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_min_protocol_version

int ssl_min_protocol_version

Definition at line 63 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_passphrase_command

char* ssl_passphrase_command

Definition at line 47 of file be-secure.c.

Referenced by be_tls_init(), and run_ssl_passphrase_command().

◆ ssl_passphrase_command_supports_reload

bool ssl_passphrase_command_supports_reload

Definition at line 48 of file be-secure.c.

Referenced by be_tls_init().

◆ SSLCipherSuites

char* SSLCipherSuites = NULL

Definition at line 55 of file be-secure.c.

Referenced by be_tls_init().

◆ SSLECDHCurve

char* SSLECDHCurve

Definition at line 58 of file be-secure.c.

Referenced by initialize_ecdh().

◆ SSLPreferServerCiphers

bool SSLPreferServerCiphers

Definition at line 61 of file be-secure.c.

Referenced by be_tls_init().