PostgreSQL Source Code  git master
be-secure.c File Reference
#include "postgres.h"
#include <signal.h>
#include <fcntl.h>
#include <ctype.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
#include "libpq/libpq.h"
#include "miscadmin.h"
#include "pgstat.h"
#include "storage/ipc.h"
#include "storage/proc.h"
#include "tcop/tcopprot.h"
#include "utils/memutils.h"
Include dependency graph for be-secure.c:

Go to the source code of this file.

Functions

int secure_initialize (bool isServerStart)
 
void secure_destroy (void)
 
bool secure_loaded_verify_locations (void)
 
int secure_open_server (Port *port)
 
void secure_close (Port *port)
 
ssize_t secure_read (Port *port, void *ptr, size_t len)
 
ssize_t secure_raw_read (Port *port, void *ptr, size_t len)
 
ssize_t secure_write (Port *port, void *ptr, size_t len)
 
ssize_t secure_raw_write (Port *port, const void *ptr, size_t len)
 

Variables

char * ssl_library
 
char * ssl_cert_file
 
char * ssl_key_file
 
char * ssl_ca_file
 
char * ssl_crl_file
 
char * ssl_crl_dir
 
char * ssl_dh_params_file
 
char * ssl_passphrase_command
 
bool ssl_passphrase_command_supports_reload
 
char * SSLCipherSuites = NULL
 
char * SSLECDHCurve
 
bool SSLPreferServerCiphers
 
int ssl_min_protocol_version = PG_TLS1_2_VERSION
 
int ssl_max_protocol_version = PG_TLS_ANY
 

Function Documentation

◆ secure_close()

void secure_close ( Port port)

Definition at line 133 of file be-secure.c.

134 {
135 #ifdef USE_SSL
136  if (port->ssl_in_use)
138 #endif
139 }
void be_tls_close(Port *port)
static int port
Definition: pg_regress.c:90

References be_tls_close(), and port.

Referenced by socket_close().

◆ secure_destroy()

void secure_destroy ( void  )

Definition at line 89 of file be-secure.c.

90 {
91 #ifdef USE_SSL
93 #endif
94 }
void be_tls_destroy(void)

References be_tls_destroy().

Referenced by SIGHUP_handler().

◆ secure_initialize()

int secure_initialize ( bool  isServerStart)

Definition at line 76 of file be-secure.c.

77 {
78 #ifdef USE_SSL
79  return be_tls_init(isServerStart);
80 #else
81  return 0;
82 #endif
83 }
int be_tls_init(bool isServerStart)

References be_tls_init().

Referenced by PostmasterMain(), and SIGHUP_handler().

◆ secure_loaded_verify_locations()

bool secure_loaded_verify_locations ( void  )

Definition at line 100 of file be-secure.c.

101 {
102 #ifdef USE_SSL
103  return ssl_loaded_verify_locations;
104 #else
105  return false;
106 #endif
107 }

Referenced by ClientAuthentication().

◆ secure_open_server()

int secure_open_server ( Port port)

Definition at line 113 of file be-secure.c.

114 {
115  int r = 0;
116 
117 #ifdef USE_SSL
119 
120  ereport(DEBUG2,
121  (errmsg_internal("SSL connection from DN:\"%s\" CN:\"%s\"",
122  port->peer_dn ? port->peer_dn : "(anonymous)",
123  port->peer_cn ? port->peer_cn : "(anonymous)")));
124 #endif
125 
126  return r;
127 }
int be_tls_open_server(Port *port)
int errmsg_internal(const char *fmt,...)
Definition: elog.c:993
#define DEBUG2
Definition: elog.h:25
#define ereport(elevel,...)
Definition: elog.h:145

References be_tls_open_server(), DEBUG2, ereport, errmsg_internal(), and port.

Referenced by ProcessStartupPacket().

◆ secure_raw_read()

ssize_t secure_raw_read ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 234 of file be-secure.c.

235 {
236  ssize_t n;
237 
238  /*
239  * Try to read from the socket without blocking. If it succeeds we're
240  * done, otherwise we'll wait for the socket using the latch mechanism.
241  */
242 #ifdef WIN32
243  pgwin32_noblock = true;
244 #endif
245  n = recv(port->sock, ptr, len, 0);
246 #ifdef WIN32
247  pgwin32_noblock = false;
248 #endif
249 
250  return n;
251 }
const void size_t len
int pgwin32_noblock
Definition: socket.c:28
#define recv(s, buf, len, flags)
Definition: win32_port.h:493

References len, pgwin32_noblock, port, and recv.

Referenced by be_gssapi_read(), my_sock_read(), read_or_wait(), and secure_read().

◆ secure_raw_write()

ssize_t secure_raw_write ( Port port,
const void *  ptr,
size_t  len 
)

Definition at line 330 of file be-secure.c.

331 {
332  ssize_t n;
333 
334 #ifdef WIN32
335  pgwin32_noblock = true;
336 #endif
337  n = send(port->sock, ptr, len, 0);
338 #ifdef WIN32
339  pgwin32_noblock = false;
340 #endif
341 
342  return n;
343 }
#define send(s, buf, len, flags)
Definition: win32_port.h:494

References len, pgwin32_noblock, port, and send.

Referenced by be_gssapi_write(), my_sock_write(), secure_open_gssapi(), and secure_write().

◆ secure_read()

ssize_t secure_read ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 145 of file be-secure.c.

146 {
147  ssize_t n;
148  int waitfor;
149 
150  /* Deal with any already-pending interrupt condition. */
152 
153 retry:
154 #ifdef USE_SSL
155  waitfor = 0;
156  if (port->ssl_in_use)
157  {
158  n = be_tls_read(port, ptr, len, &waitfor);
159  }
160  else
161 #endif
162 #ifdef ENABLE_GSS
163  if (port->gss && port->gss->enc)
164  {
165  n = be_gssapi_read(port, ptr, len);
166  waitfor = WL_SOCKET_READABLE;
167  }
168  else
169 #endif
170  {
171  n = secure_raw_read(port, ptr, len);
172  waitfor = WL_SOCKET_READABLE;
173  }
174 
175  /* In blocking mode, wait until the socket is ready */
176  if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))
177  {
178  WaitEvent event;
179 
180  Assert(waitfor);
181 
183 
184  WaitEventSetWait(FeBeWaitSet, -1 /* no timeout */ , &event, 1,
186 
187  /*
188  * If the postmaster has died, it's not safe to continue running,
189  * because it is the postmaster's job to kill us if some other backend
190  * exits uncleanly. Moreover, we won't run very well in this state;
191  * helper processes like walwriter and the bgwriter will exit, so
192  * performance may be poor. Finally, if we don't exit, pg_ctl will be
193  * unable to restart the postmaster without manual intervention, so no
194  * new connections can be accepted. Exiting clears the deck for a
195  * postmaster restart.
196  *
197  * (Note that we only make this check when we would otherwise sleep on
198  * our latch. We might still continue running for a while if the
199  * postmaster is killed in mid-query, or even through multiple queries
200  * if we never have to wait for read. We don't want to burn too many
201  * cycles checking for this very rare condition, and this should cause
202  * us to exit quickly in most cases.)
203  */
204  if (event.events & WL_POSTMASTER_DEATH)
205  ereport(FATAL,
206  (errcode(ERRCODE_ADMIN_SHUTDOWN),
207  errmsg("terminating connection due to unexpected postmaster exit")));
208 
209  /* Handle interrupt. */
210  if (event.events & WL_LATCH_SET)
211  {
214 
215  /*
216  * We'll retry the read. Most likely it will return immediately
217  * because there's still no data available, and we'll wait for the
218  * socket to become ready again.
219  */
220  }
221  goto retry;
222  }
223 
224  /*
225  * Process interrupts that happened during a successful (or non-blocking,
226  * or hard-failed) read.
227  */
229 
230  return n;
231 }
ssize_t be_gssapi_read(Port *port, void *ptr, size_t len)
ssize_t be_tls_read(Port *port, void *ptr, size_t len, int *waitfor)
ssize_t secure_raw_read(Port *port, void *ptr, size_t len)
Definition: be-secure.c:234
int errcode(int sqlerrcode)
Definition: elog.c:695
int errmsg(const char *fmt,...)
Definition: elog.c:906
#define FATAL
Definition: elog.h:37
struct Latch * MyLatch
Definition: globals.c:58
void ModifyWaitEvent(WaitEventSet *set, int pos, uint32 events, Latch *latch)
Definition: latch.c:972
int WaitEventSetWait(WaitEventSet *set, long timeout, WaitEvent *occurred_events, int nevents, uint32 wait_event_info)
Definition: latch.c:1345
void ResetLatch(Latch *latch)
Definition: latch.c:683
#define WL_SOCKET_READABLE
Definition: latch.h:126
#define WL_LATCH_SET
Definition: latch.h:125
#define WL_POSTMASTER_DEATH
Definition: latch.h:129
#define FeBeWaitSetSocketPos
Definition: libpq.h:63
Assert(fmt[strlen(fmt) - 1] !='\n')
void ProcessClientReadInterrupt(bool blocked)
Definition: postgres.c:476
WaitEventSet * FeBeWaitSet
Definition: pqcomm.c:164
uint32 events
Definition: latch.h:146
@ WAIT_EVENT_CLIENT_READ
Definition: wait_event.h:62
#define EWOULDBLOCK
Definition: win32_port.h:375
#define EAGAIN
Definition: win32_port.h:367

References Assert(), be_gssapi_read(), be_tls_read(), EAGAIN, ereport, errcode(), errmsg(), WaitEvent::events, EWOULDBLOCK, FATAL, FeBeWaitSet, FeBeWaitSetSocketPos, len, ModifyWaitEvent(), MyLatch, port, ProcessClientReadInterrupt(), ResetLatch(), secure_raw_read(), WAIT_EVENT_CLIENT_READ, WaitEventSetWait(), WL_LATCH_SET, WL_POSTMASTER_DEATH, and WL_SOCKET_READABLE.

Referenced by pq_getbyte_if_available(), and pq_recvbuf().

◆ secure_write()

ssize_t secure_write ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 258 of file be-secure.c.

259 {
260  ssize_t n;
261  int waitfor;
262 
263  /* Deal with any already-pending interrupt condition. */
265 
266 retry:
267  waitfor = 0;
268 #ifdef USE_SSL
269  if (port->ssl_in_use)
270  {
271  n = be_tls_write(port, ptr, len, &waitfor);
272  }
273  else
274 #endif
275 #ifdef ENABLE_GSS
276  if (port->gss && port->gss->enc)
277  {
278  n = be_gssapi_write(port, ptr, len);
279  waitfor = WL_SOCKET_WRITEABLE;
280  }
281  else
282 #endif
283  {
284  n = secure_raw_write(port, ptr, len);
285  waitfor = WL_SOCKET_WRITEABLE;
286  }
287 
288  if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))
289  {
290  WaitEvent event;
291 
292  Assert(waitfor);
293 
295 
296  WaitEventSetWait(FeBeWaitSet, -1 /* no timeout */ , &event, 1,
298 
299  /* See comments in secure_read. */
300  if (event.events & WL_POSTMASTER_DEATH)
301  ereport(FATAL,
302  (errcode(ERRCODE_ADMIN_SHUTDOWN),
303  errmsg("terminating connection due to unexpected postmaster exit")));
304 
305  /* Handle interrupt. */
306  if (event.events & WL_LATCH_SET)
307  {
310 
311  /*
312  * We'll retry the write. Most likely it will return immediately
313  * because there's still no buffer space available, and we'll wait
314  * for the socket to become ready again.
315  */
316  }
317  goto retry;
318  }
319 
320  /*
321  * Process interrupts that happened during a successful (or non-blocking,
322  * or hard-failed) write.
323  */
325 
326  return n;
327 }
ssize_t be_gssapi_write(Port *port, void *ptr, size_t len)
ssize_t be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
ssize_t secure_raw_write(Port *port, const void *ptr, size_t len)
Definition: be-secure.c:330
#define WL_SOCKET_WRITEABLE
Definition: latch.h:127
void ProcessClientWriteInterrupt(bool blocked)
Definition: postgres.c:522
@ WAIT_EVENT_CLIENT_WRITE
Definition: wait_event.h:63

References Assert(), be_gssapi_write(), be_tls_write(), EAGAIN, ereport, errcode(), errmsg(), WaitEvent::events, EWOULDBLOCK, FATAL, FeBeWaitSet, FeBeWaitSetSocketPos, len, ModifyWaitEvent(), MyLatch, port, ProcessClientWriteInterrupt(), ResetLatch(), secure_raw_write(), WAIT_EVENT_CLIENT_WRITE, WaitEventSetWait(), WL_LATCH_SET, WL_POSTMASTER_DEATH, and WL_SOCKET_WRITEABLE.

Referenced by internal_flush().

Variable Documentation

◆ ssl_ca_file

char* ssl_ca_file

Definition at line 41 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_cert_file

char* ssl_cert_file

Definition at line 39 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_crl_dir

char* ssl_crl_dir

Definition at line 43 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_crl_file

char* ssl_crl_file

Definition at line 42 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_dh_params_file

char* ssl_dh_params_file

Definition at line 44 of file be-secure.c.

Referenced by initialize_dh().

◆ ssl_key_file

char* ssl_key_file

Definition at line 40 of file be-secure.c.

Referenced by be_tls_init(), and check_ssl_key_file_permissions().

◆ ssl_library

char* ssl_library

Definition at line 38 of file be-secure.c.

◆ ssl_max_protocol_version

int ssl_max_protocol_version = PG_TLS_ANY

Definition at line 62 of file be-secure.c.

Referenced by be_tls_init(), and be_tls_open_server().

◆ ssl_min_protocol_version

int ssl_min_protocol_version = PG_TLS1_2_VERSION

Definition at line 61 of file be-secure.c.

Referenced by be_tls_init(), and be_tls_open_server().

◆ ssl_passphrase_command

char* ssl_passphrase_command

Definition at line 45 of file be-secure.c.

Referenced by default_openssl_tls_init(), run_ssl_passphrase_command(), and set_rot13().

◆ ssl_passphrase_command_supports_reload

bool ssl_passphrase_command_supports_reload

Definition at line 46 of file be-secure.c.

Referenced by default_openssl_tls_init().

◆ SSLCipherSuites

char* SSLCipherSuites = NULL

Definition at line 53 of file be-secure.c.

Referenced by be_tls_init().

◆ SSLECDHCurve

char* SSLECDHCurve

Definition at line 56 of file be-secure.c.

Referenced by initialize_ecdh().

◆ SSLPreferServerCiphers

bool SSLPreferServerCiphers

Definition at line 59 of file be-secure.c.

Referenced by be_tls_init().