PostgreSQL Source Code  git master
be-secure.c File Reference
#include "postgres.h"
#include <signal.h>
#include <fcntl.h>
#include <ctype.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include "libpq/libpq.h"
#include "miscadmin.h"
#include "pgstat.h"
#include "storage/ipc.h"
#include "storage/proc.h"
#include "tcop/tcopprot.h"
#include "utils/memutils.h"
Include dependency graph for be-secure.c:

Go to the source code of this file.

Functions

int secure_initialize (bool isServerStart)
 
void secure_destroy (void)
 
bool secure_loaded_verify_locations (void)
 
int secure_open_server (Port *port)
 
void secure_close (Port *port)
 
ssize_t secure_read (Port *port, void *ptr, size_t len)
 
ssize_t secure_raw_read (Port *port, void *ptr, size_t len)
 
ssize_t secure_write (Port *port, void *ptr, size_t len)
 
ssize_t secure_raw_write (Port *port, const void *ptr, size_t len)
 

Variables

char * ssl_library
 
char * ssl_cert_file
 
char * ssl_key_file
 
char * ssl_ca_file
 
char * ssl_crl_file
 
char * ssl_dh_params_file
 
char * ssl_passphrase_command
 
bool ssl_passphrase_command_supports_reload
 
char * SSLCipherSuites = NULL
 
char * SSLECDHCurve
 
bool SSLPreferServerCiphers
 
int ssl_min_protocol_version
 
int ssl_max_protocol_version
 

Function Documentation

◆ secure_close()

void secure_close ( Port port)

Definition at line 133 of file be-secure.c.

References be_tls_close(), and Port::ssl_in_use.

Referenced by ConnFree(), and socket_close().

134 {
135 #ifdef USE_SSL
136  if (port->ssl_in_use)
137  be_tls_close(port);
138 #endif
139 }
bool ssl_in_use
Definition: libpq-be.h:190
void be_tls_close(Port *port)

◆ secure_destroy()

void secure_destroy ( void  )

Definition at line 90 of file be-secure.c.

References be_tls_destroy().

Referenced by SIGHUP_handler().

91 {
92 #ifdef USE_SSL
94 #endif
95 }
void be_tls_destroy(void)

◆ secure_initialize()

int secure_initialize ( bool  isServerStart)

Definition at line 77 of file be-secure.c.

References be_tls_init().

Referenced by BackendRun(), PostmasterMain(), and SIGHUP_handler().

78 {
79 #ifdef USE_SSL
80  return be_tls_init(isServerStart);
81 #else
82  return 0;
83 #endif
84 }
int be_tls_init(bool isServerStart)

◆ secure_loaded_verify_locations()

bool secure_loaded_verify_locations ( void  )

Definition at line 101 of file be-secure.c.

Referenced by ClientAuthentication().

102 {
103 #ifdef USE_SSL
104  return ssl_loaded_verify_locations;
105 #else
106  return false;
107 #endif
108 }

◆ secure_open_server()

int secure_open_server ( Port port)

Definition at line 114 of file be-secure.c.

References be_tls_open_server(), DEBUG2, ereport, errmsg(), and Port::peer_cn.

Referenced by ProcessStartupPacket().

115 {
116  int r = 0;
117 
118 #ifdef USE_SSL
119  r = be_tls_open_server(port);
120 
121  ereport(DEBUG2,
122  (errmsg("SSL connection from \"%s\"",
123  port->peer_cn ? port->peer_cn : "(anonymous)")));
124 #endif
125 
126  return r;
127 }
char * peer_cn
Definition: libpq-be.h:191
#define DEBUG2
Definition: elog.h:24
#define ereport(elevel, rest)
Definition: elog.h:141
int be_tls_open_server(Port *port)
int errmsg(const char *fmt,...)
Definition: elog.c:822

◆ secure_raw_read()

ssize_t secure_raw_read ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 234 of file be-secure.c.

References pgwin32_noblock, recv, and Port::sock.

Referenced by be_gssapi_read(), my_sock_read(), read_or_wait(), and secure_read().

235 {
236  ssize_t n;
237 
238  /*
239  * Try to read from the socket without blocking. If it succeeds we're
240  * done, otherwise we'll wait for the socket using the latch mechanism.
241  */
242 #ifdef WIN32
243  pgwin32_noblock = true;
244 #endif
245  n = recv(port->sock, ptr, len, 0);
246 #ifdef WIN32
247  pgwin32_noblock = false;
248 #endif
249 
250  return n;
251 }
int pgwin32_noblock
Definition: socket.c:28
#define recv(s, buf, len, flags)
Definition: win32_port.h:437
pgsocket sock
Definition: libpq-be.h:122

◆ secure_raw_write()

ssize_t secure_raw_write ( Port port,
const void *  ptr,
size_t  len 
)

Definition at line 330 of file be-secure.c.

References pgwin32_noblock, send, and Port::sock.

Referenced by be_gssapi_write(), my_sock_write(), secure_open_gssapi(), and secure_write().

331 {
332  ssize_t n;
333 
334 #ifdef WIN32
335  pgwin32_noblock = true;
336 #endif
337  n = send(port->sock, ptr, len, 0);
338 #ifdef WIN32
339  pgwin32_noblock = false;
340 #endif
341 
342  return n;
343 }
int pgwin32_noblock
Definition: socket.c:28
pgsocket sock
Definition: libpq-be.h:122
#define send(s, buf, len, flags)
Definition: win32_port.h:438

◆ secure_read()

ssize_t secure_read ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 145 of file be-secure.c.

References Assert, be_gssapi_read(), be_tls_read(), EAGAIN, ereport, errcode(), errmsg(), WaitEvent::events, EWOULDBLOCK, FATAL, FeBeWaitSet, Port::gss, ModifyWaitEvent(), MyLatch, ProcessClientReadInterrupt(), ResetLatch(), secure_raw_read(), Port::ssl_in_use, WAIT_EVENT_CLIENT_READ, WaitEventSetWait(), WL_LATCH_SET, WL_POSTMASTER_DEATH, and WL_SOCKET_READABLE.

Referenced by pq_getbyte_if_available(), and pq_recvbuf().

146 {
147  ssize_t n;
148  int waitfor;
149 
150  /* Deal with any already-pending interrupt condition. */
152 
153 retry:
154 #ifdef USE_SSL
155  waitfor = 0;
156  if (port->ssl_in_use)
157  {
158  n = be_tls_read(port, ptr, len, &waitfor);
159  }
160  else
161 #endif
162 #ifdef ENABLE_GSS
163  if (port->gss->enc)
164  {
165  n = be_gssapi_read(port, ptr, len);
166  waitfor = WL_SOCKET_READABLE;
167  }
168  else
169 #endif
170  {
171  n = secure_raw_read(port, ptr, len);
172  waitfor = WL_SOCKET_READABLE;
173  }
174 
175  /* In blocking mode, wait until the socket is ready */
176  if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))
177  {
178  WaitEvent event;
179 
180  Assert(waitfor);
181 
182  ModifyWaitEvent(FeBeWaitSet, 0, waitfor, NULL);
183 
184  WaitEventSetWait(FeBeWaitSet, -1 /* no timeout */ , &event, 1,
186 
187  /*
188  * If the postmaster has died, it's not safe to continue running,
189  * because it is the postmaster's job to kill us if some other backend
190  * exits uncleanly. Moreover, we won't run very well in this state;
191  * helper processes like walwriter and the bgwriter will exit, so
192  * performance may be poor. Finally, if we don't exit, pg_ctl will be
193  * unable to restart the postmaster without manual intervention, so no
194  * new connections can be accepted. Exiting clears the deck for a
195  * postmaster restart.
196  *
197  * (Note that we only make this check when we would otherwise sleep on
198  * our latch. We might still continue running for a while if the
199  * postmaster is killed in mid-query, or even through multiple queries
200  * if we never have to wait for read. We don't want to burn too many
201  * cycles checking for this very rare condition, and this should cause
202  * us to exit quickly in most cases.)
203  */
204  if (event.events & WL_POSTMASTER_DEATH)
205  ereport(FATAL,
206  (errcode(ERRCODE_ADMIN_SHUTDOWN),
207  errmsg("terminating connection due to unexpected postmaster exit")));
208 
209  /* Handle interrupt. */
210  if (event.events & WL_LATCH_SET)
211  {
214 
215  /*
216  * We'll retry the read. Most likely it will return immediately
217  * because there's still no data available, and we'll wait for the
218  * socket to become ready again.
219  */
220  }
221  goto retry;
222  }
223 
224  /*
225  * Process interrupts that happened during a successful (or non-blocking,
226  * or hard-failed) read.
227  */
229 
230  return n;
231 }
ssize_t be_tls_read(Port *port, void *ptr, size_t len, int *waitfor)
#define EAGAIN
Definition: win32_port.h:321
int errcode(int sqlerrcode)
Definition: elog.c:608
void ModifyWaitEvent(WaitEventSet *set, int pos, uint32 events, Latch *latch)
Definition: latch.c:766
bool ssl_in_use
Definition: libpq-be.h:190
#define WL_SOCKET_READABLE
Definition: latch.h:125
WaitEventSet * FeBeWaitSet
Definition: pqcomm.c:186
void ResetLatch(Latch *latch)
Definition: latch.c:519
#define FATAL
Definition: elog.h:52
uint32 events
Definition: latch.h:144
#define ereport(elevel, rest)
Definition: elog.h:141
#define WL_POSTMASTER_DEATH
Definition: latch.h:128
void ProcessClientReadInterrupt(bool blocked)
Definition: postgres.c:524
ssize_t secure_raw_read(Port *port, void *ptr, size_t len)
Definition: be-secure.c:234
#define Assert(condition)
Definition: c.h:739
void * gss
Definition: libpq-be.h:184
int errmsg(const char *fmt,...)
Definition: elog.c:822
struct Latch * MyLatch
Definition: globals.c:54
#define EWOULDBLOCK
Definition: win32_port.h:329
#define WL_LATCH_SET
Definition: latch.h:124
int WaitEventSetWait(WaitEventSet *set, long timeout, WaitEvent *occurred_events, int nevents, uint32 wait_event_info)
Definition: latch.c:953
ssize_t be_gssapi_read(Port *port, void *ptr, size_t len)

◆ secure_write()

ssize_t secure_write ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 258 of file be-secure.c.

References Assert, be_gssapi_write(), be_tls_write(), EAGAIN, ereport, errcode(), errmsg(), WaitEvent::events, EWOULDBLOCK, FATAL, FeBeWaitSet, Port::gss, ModifyWaitEvent(), MyLatch, ProcessClientWriteInterrupt(), ResetLatch(), secure_raw_write(), Port::ssl_in_use, WAIT_EVENT_CLIENT_WRITE, WaitEventSetWait(), WL_LATCH_SET, WL_POSTMASTER_DEATH, and WL_SOCKET_WRITEABLE.

Referenced by internal_flush().

259 {
260  ssize_t n;
261  int waitfor;
262 
263  /* Deal with any already-pending interrupt condition. */
265 
266 retry:
267  waitfor = 0;
268 #ifdef USE_SSL
269  if (port->ssl_in_use)
270  {
271  n = be_tls_write(port, ptr, len, &waitfor);
272  }
273  else
274 #endif
275 #ifdef ENABLE_GSS
276  if (port->gss->enc)
277  {
278  n = be_gssapi_write(port, ptr, len);
279  waitfor = WL_SOCKET_WRITEABLE;
280  }
281  else
282 #endif
283  {
284  n = secure_raw_write(port, ptr, len);
285  waitfor = WL_SOCKET_WRITEABLE;
286  }
287 
288  if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))
289  {
290  WaitEvent event;
291 
292  Assert(waitfor);
293 
294  ModifyWaitEvent(FeBeWaitSet, 0, waitfor, NULL);
295 
296  WaitEventSetWait(FeBeWaitSet, -1 /* no timeout */ , &event, 1,
298 
299  /* See comments in secure_read. */
300  if (event.events & WL_POSTMASTER_DEATH)
301  ereport(FATAL,
302  (errcode(ERRCODE_ADMIN_SHUTDOWN),
303  errmsg("terminating connection due to unexpected postmaster exit")));
304 
305  /* Handle interrupt. */
306  if (event.events & WL_LATCH_SET)
307  {
310 
311  /*
312  * We'll retry the write. Most likely it will return immediately
313  * because there's still no buffer space available, and we'll wait
314  * for the socket to become ready again.
315  */
316  }
317  goto retry;
318  }
319 
320  /*
321  * Process interrupts that happened during a successful (or non-blocking,
322  * or hard-failed) write.
323  */
325 
326  return n;
327 }
#define WL_SOCKET_WRITEABLE
Definition: latch.h:126
#define EAGAIN
Definition: win32_port.h:321
ssize_t secure_raw_write(Port *port, const void *ptr, size_t len)
Definition: be-secure.c:330
int errcode(int sqlerrcode)
Definition: elog.c:608
void ModifyWaitEvent(WaitEventSet *set, int pos, uint32 events, Latch *latch)
Definition: latch.c:766
bool ssl_in_use
Definition: libpq-be.h:190
WaitEventSet * FeBeWaitSet
Definition: pqcomm.c:186
void ResetLatch(Latch *latch)
Definition: latch.c:519
#define FATAL
Definition: elog.h:52
uint32 events
Definition: latch.h:144
ssize_t be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
#define ereport(elevel, rest)
Definition: elog.h:141
#define WL_POSTMASTER_DEATH
Definition: latch.h:128
ssize_t be_gssapi_write(Port *port, void *ptr, size_t len)
#define Assert(condition)
Definition: c.h:739
void * gss
Definition: libpq-be.h:184
int errmsg(const char *fmt,...)
Definition: elog.c:822
struct Latch * MyLatch
Definition: globals.c:54
#define EWOULDBLOCK
Definition: win32_port.h:329
#define WL_LATCH_SET
Definition: latch.h:124
int WaitEventSetWait(WaitEventSet *set, long timeout, WaitEvent *occurred_events, int nevents, uint32 wait_event_info)
Definition: latch.c:953
void ProcessClientWriteInterrupt(bool blocked)
Definition: postgres.c:570

Variable Documentation

◆ ssl_ca_file

char* ssl_ca_file

Definition at line 43 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_cert_file

char* ssl_cert_file

Definition at line 41 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_crl_file

char* ssl_crl_file

Definition at line 44 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_dh_params_file

char* ssl_dh_params_file

Definition at line 45 of file be-secure.c.

Referenced by initialize_dh().

◆ ssl_key_file

char* ssl_key_file

Definition at line 42 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_library

char* ssl_library

Definition at line 40 of file be-secure.c.

◆ ssl_max_protocol_version

int ssl_max_protocol_version

Definition at line 63 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_min_protocol_version

int ssl_min_protocol_version

Definition at line 62 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_passphrase_command

char* ssl_passphrase_command

Definition at line 46 of file be-secure.c.

Referenced by be_tls_init(), and run_ssl_passphrase_command().

◆ ssl_passphrase_command_supports_reload

bool ssl_passphrase_command_supports_reload

Definition at line 47 of file be-secure.c.

Referenced by be_tls_init().

◆ SSLCipherSuites

char* SSLCipherSuites = NULL

Definition at line 54 of file be-secure.c.

Referenced by be_tls_init().

◆ SSLECDHCurve

char* SSLECDHCurve

Definition at line 57 of file be-secure.c.

Referenced by initialize_ecdh().

◆ SSLPreferServerCiphers

bool SSLPreferServerCiphers

Definition at line 60 of file be-secure.c.

Referenced by be_tls_init().