PostgreSQL Source Code  git master
be-secure.c File Reference
#include "postgres.h"
#include <signal.h>
#include <fcntl.h>
#include <ctype.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
#include "libpq/libpq.h"
#include "miscadmin.h"
#include "tcop/tcopprot.h"
#include "utils/wait_event.h"
Include dependency graph for be-secure.c:

Go to the source code of this file.

Functions

int secure_initialize (bool isServerStart)
 
void secure_destroy (void)
 
bool secure_loaded_verify_locations (void)
 
int secure_open_server (Port *port)
 
void secure_close (Port *port)
 
ssize_t secure_read (Port *port, void *ptr, size_t len)
 
ssize_t secure_raw_read (Port *port, void *ptr, size_t len)
 
ssize_t secure_write (Port *port, void *ptr, size_t len)
 
ssize_t secure_raw_write (Port *port, const void *ptr, size_t len)
 

Variables

char * ssl_library
 
char * ssl_cert_file
 
char * ssl_key_file
 
char * ssl_ca_file
 
char * ssl_crl_file
 
char * ssl_crl_dir
 
char * ssl_dh_params_file
 
char * ssl_passphrase_command
 
bool ssl_passphrase_command_supports_reload
 
char * SSLCipherSuites = NULL
 
char * SSLECDHCurve
 
bool SSLPreferServerCiphers
 
int ssl_min_protocol_version = PG_TLS1_2_VERSION
 
int ssl_max_protocol_version = PG_TLS_ANY
 

Function Documentation

◆ secure_close()

void secure_close ( Port port)

Definition at line 130 of file be-secure.c.

131 {
132 #ifdef USE_SSL
133  if (port->ssl_in_use)
135 #endif
136 }
void be_tls_close(Port *port)
static int port
Definition: pg_regress.c:116

References be_tls_close(), and port.

Referenced by socket_close().

◆ secure_destroy()

void secure_destroy ( void  )

Definition at line 86 of file be-secure.c.

87 {
88 #ifdef USE_SSL
90 #endif
91 }
void be_tls_destroy(void)

References be_tls_destroy().

Referenced by process_pm_reload_request().

◆ secure_initialize()

int secure_initialize ( bool  isServerStart)

Definition at line 73 of file be-secure.c.

74 {
75 #ifdef USE_SSL
76  return be_tls_init(isServerStart);
77 #else
78  return 0;
79 #endif
80 }
int be_tls_init(bool isServerStart)

References be_tls_init().

Referenced by BackendMain(), PostmasterMain(), and process_pm_reload_request().

◆ secure_loaded_verify_locations()

bool secure_loaded_verify_locations ( void  )

Definition at line 97 of file be-secure.c.

98 {
99 #ifdef USE_SSL
100  return ssl_loaded_verify_locations;
101 #else
102  return false;
103 #endif
104 }

Referenced by ClientAuthentication().

◆ secure_open_server()

int secure_open_server ( Port port)

Definition at line 110 of file be-secure.c.

111 {
112  int r = 0;
113 
114 #ifdef USE_SSL
116 
117  ereport(DEBUG2,
118  (errmsg_internal("SSL connection from DN:\"%s\" CN:\"%s\"",
119  port->peer_dn ? port->peer_dn : "(anonymous)",
120  port->peer_cn ? port->peer_cn : "(anonymous)")));
121 #endif
122 
123  return r;
124 }
int be_tls_open_server(Port *port)
int errmsg_internal(const char *fmt,...)
Definition: elog.c:1159
#define DEBUG2
Definition: elog.h:29
#define ereport(elevel,...)
Definition: elog.h:149

References be_tls_open_server(), DEBUG2, ereport, errmsg_internal(), and port.

Referenced by ProcessStartupPacket().

◆ secure_raw_read()

ssize_t secure_raw_read ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 231 of file be-secure.c.

232 {
233  ssize_t n;
234 
235  /*
236  * Try to read from the socket without blocking. If it succeeds we're
237  * done, otherwise we'll wait for the socket using the latch mechanism.
238  */
239 #ifdef WIN32
240  pgwin32_noblock = true;
241 #endif
242  n = recv(port->sock, ptr, len, 0);
243 #ifdef WIN32
244  pgwin32_noblock = false;
245 #endif
246 
247  return n;
248 }
const void size_t len
int pgwin32_noblock
Definition: socket.c:28
#define recv(s, buf, len, flags)
Definition: win32_port.h:496

References len, pgwin32_noblock, port, and recv.

Referenced by be_gssapi_read(), my_sock_read(), read_or_wait(), and secure_read().

◆ secure_raw_write()

ssize_t secure_raw_write ( Port port,
const void *  ptr,
size_t  len 
)

Definition at line 327 of file be-secure.c.

328 {
329  ssize_t n;
330 
331 #ifdef WIN32
332  pgwin32_noblock = true;
333 #endif
334  n = send(port->sock, ptr, len, 0);
335 #ifdef WIN32
336  pgwin32_noblock = false;
337 #endif
338 
339  return n;
340 }
#define send(s, buf, len, flags)
Definition: win32_port.h:497

References len, pgwin32_noblock, port, and send.

Referenced by be_gssapi_write(), my_sock_write(), secure_open_gssapi(), and secure_write().

◆ secure_read()

ssize_t secure_read ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 142 of file be-secure.c.

143 {
144  ssize_t n;
145  int waitfor;
146 
147  /* Deal with any already-pending interrupt condition. */
149 
150 retry:
151 #ifdef USE_SSL
152  waitfor = 0;
153  if (port->ssl_in_use)
154  {
155  n = be_tls_read(port, ptr, len, &waitfor);
156  }
157  else
158 #endif
159 #ifdef ENABLE_GSS
160  if (port->gss && port->gss->enc)
161  {
162  n = be_gssapi_read(port, ptr, len);
163  waitfor = WL_SOCKET_READABLE;
164  }
165  else
166 #endif
167  {
168  n = secure_raw_read(port, ptr, len);
169  waitfor = WL_SOCKET_READABLE;
170  }
171 
172  /* In blocking mode, wait until the socket is ready */
173  if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))
174  {
175  WaitEvent event;
176 
177  Assert(waitfor);
178 
180 
181  WaitEventSetWait(FeBeWaitSet, -1 /* no timeout */ , &event, 1,
182  WAIT_EVENT_CLIENT_READ);
183 
184  /*
185  * If the postmaster has died, it's not safe to continue running,
186  * because it is the postmaster's job to kill us if some other backend
187  * exits uncleanly. Moreover, we won't run very well in this state;
188  * helper processes like walwriter and the bgwriter will exit, so
189  * performance may be poor. Finally, if we don't exit, pg_ctl will be
190  * unable to restart the postmaster without manual intervention, so no
191  * new connections can be accepted. Exiting clears the deck for a
192  * postmaster restart.
193  *
194  * (Note that we only make this check when we would otherwise sleep on
195  * our latch. We might still continue running for a while if the
196  * postmaster is killed in mid-query, or even through multiple queries
197  * if we never have to wait for read. We don't want to burn too many
198  * cycles checking for this very rare condition, and this should cause
199  * us to exit quickly in most cases.)
200  */
201  if (event.events & WL_POSTMASTER_DEATH)
202  ereport(FATAL,
203  (errcode(ERRCODE_ADMIN_SHUTDOWN),
204  errmsg("terminating connection due to unexpected postmaster exit")));
205 
206  /* Handle interrupt. */
207  if (event.events & WL_LATCH_SET)
208  {
211 
212  /*
213  * We'll retry the read. Most likely it will return immediately
214  * because there's still no data available, and we'll wait for the
215  * socket to become ready again.
216  */
217  }
218  goto retry;
219  }
220 
221  /*
222  * Process interrupts that happened during a successful (or non-blocking,
223  * or hard-failed) read.
224  */
226 
227  return n;
228 }
ssize_t be_gssapi_read(Port *port, void *ptr, size_t len)
ssize_t be_tls_read(Port *port, void *ptr, size_t len, int *waitfor)
ssize_t secure_raw_read(Port *port, void *ptr, size_t len)
Definition: be-secure.c:231
int errcode(int sqlerrcode)
Definition: elog.c:859
int errmsg(const char *fmt,...)
Definition: elog.c:1072
#define FATAL
Definition: elog.h:41
struct Latch * MyLatch
Definition: globals.c:60
void ModifyWaitEvent(WaitEventSet *set, int pos, uint32 events, Latch *latch)
Definition: latch.c:1049
int WaitEventSetWait(WaitEventSet *set, long timeout, WaitEvent *occurred_events, int nevents, uint32 wait_event_info)
Definition: latch.c:1424
void ResetLatch(Latch *latch)
Definition: latch.c:724
#define WL_SOCKET_READABLE
Definition: latch.h:128
#define WL_LATCH_SET
Definition: latch.h:127
#define WL_POSTMASTER_DEATH
Definition: latch.h:131
#define FeBeWaitSetSocketPos
Definition: libpq.h:63
Assert(fmt[strlen(fmt) - 1] !='\n')
void ProcessClientReadInterrupt(bool blocked)
Definition: postgres.c:509
WaitEventSet * FeBeWaitSet
Definition: pqcomm.c:163
uint32 events
Definition: latch.h:155
#define EWOULDBLOCK
Definition: win32_port.h:380
#define EAGAIN
Definition: win32_port.h:372

References Assert(), be_gssapi_read(), be_tls_read(), EAGAIN, ereport, errcode(), errmsg(), WaitEvent::events, EWOULDBLOCK, FATAL, FeBeWaitSet, FeBeWaitSetSocketPos, len, ModifyWaitEvent(), MyLatch, port, ProcessClientReadInterrupt(), ResetLatch(), secure_raw_read(), WaitEventSetWait(), WL_LATCH_SET, WL_POSTMASTER_DEATH, and WL_SOCKET_READABLE.

Referenced by pq_getbyte_if_available(), and pq_recvbuf().

◆ secure_write()

ssize_t secure_write ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 255 of file be-secure.c.

256 {
257  ssize_t n;
258  int waitfor;
259 
260  /* Deal with any already-pending interrupt condition. */
262 
263 retry:
264  waitfor = 0;
265 #ifdef USE_SSL
266  if (port->ssl_in_use)
267  {
268  n = be_tls_write(port, ptr, len, &waitfor);
269  }
270  else
271 #endif
272 #ifdef ENABLE_GSS
273  if (port->gss && port->gss->enc)
274  {
275  n = be_gssapi_write(port, ptr, len);
276  waitfor = WL_SOCKET_WRITEABLE;
277  }
278  else
279 #endif
280  {
281  n = secure_raw_write(port, ptr, len);
282  waitfor = WL_SOCKET_WRITEABLE;
283  }
284 
285  if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))
286  {
287  WaitEvent event;
288 
289  Assert(waitfor);
290 
292 
293  WaitEventSetWait(FeBeWaitSet, -1 /* no timeout */ , &event, 1,
294  WAIT_EVENT_CLIENT_WRITE);
295 
296  /* See comments in secure_read. */
297  if (event.events & WL_POSTMASTER_DEATH)
298  ereport(FATAL,
299  (errcode(ERRCODE_ADMIN_SHUTDOWN),
300  errmsg("terminating connection due to unexpected postmaster exit")));
301 
302  /* Handle interrupt. */
303  if (event.events & WL_LATCH_SET)
304  {
307 
308  /*
309  * We'll retry the write. Most likely it will return immediately
310  * because there's still no buffer space available, and we'll wait
311  * for the socket to become ready again.
312  */
313  }
314  goto retry;
315  }
316 
317  /*
318  * Process interrupts that happened during a successful (or non-blocking,
319  * or hard-failed) write.
320  */
322 
323  return n;
324 }
ssize_t be_gssapi_write(Port *port, void *ptr, size_t len)
ssize_t be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
ssize_t secure_raw_write(Port *port, const void *ptr, size_t len)
Definition: be-secure.c:327
#define WL_SOCKET_WRITEABLE
Definition: latch.h:129
void ProcessClientWriteInterrupt(bool blocked)
Definition: postgres.c:555

References Assert(), be_gssapi_write(), be_tls_write(), EAGAIN, ereport, errcode(), errmsg(), WaitEvent::events, EWOULDBLOCK, FATAL, FeBeWaitSet, FeBeWaitSetSocketPos, len, ModifyWaitEvent(), MyLatch, port, ProcessClientWriteInterrupt(), ResetLatch(), secure_raw_write(), WaitEventSetWait(), WL_LATCH_SET, WL_POSTMASTER_DEATH, and WL_SOCKET_WRITEABLE.

Referenced by internal_flush().

Variable Documentation

◆ ssl_ca_file

char* ssl_ca_file

Definition at line 38 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_cert_file

char* ssl_cert_file

Definition at line 36 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_crl_dir

char* ssl_crl_dir

Definition at line 40 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_crl_file

char* ssl_crl_file

Definition at line 39 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_dh_params_file

char* ssl_dh_params_file

Definition at line 41 of file be-secure.c.

Referenced by initialize_dh().

◆ ssl_key_file

char* ssl_key_file

Definition at line 37 of file be-secure.c.

Referenced by be_tls_init(), and check_ssl_key_file_permissions().

◆ ssl_library

char* ssl_library

Definition at line 35 of file be-secure.c.

◆ ssl_max_protocol_version

int ssl_max_protocol_version = PG_TLS_ANY

Definition at line 59 of file be-secure.c.

Referenced by be_tls_init(), and be_tls_open_server().

◆ ssl_min_protocol_version

int ssl_min_protocol_version = PG_TLS1_2_VERSION

Definition at line 58 of file be-secure.c.

Referenced by be_tls_init(), and be_tls_open_server().

◆ ssl_passphrase_command

char* ssl_passphrase_command

Definition at line 42 of file be-secure.c.

Referenced by default_openssl_tls_init(), run_ssl_passphrase_command(), and set_rot13().

◆ ssl_passphrase_command_supports_reload

bool ssl_passphrase_command_supports_reload

Definition at line 43 of file be-secure.c.

Referenced by default_openssl_tls_init().

◆ SSLCipherSuites

char* SSLCipherSuites = NULL

Definition at line 50 of file be-secure.c.

Referenced by be_tls_init().

◆ SSLECDHCurve

char* SSLECDHCurve

Definition at line 53 of file be-secure.c.

Referenced by initialize_ecdh().

◆ SSLPreferServerCiphers

bool SSLPreferServerCiphers

Definition at line 56 of file be-secure.c.

Referenced by be_tls_init().