PostgreSQL Source Code  git master
be-secure.c File Reference
#include "postgres.h"
#include <signal.h>
#include <fcntl.h>
#include <ctype.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include "libpq/libpq.h"
#include "miscadmin.h"
#include "pgstat.h"
#include "storage/ipc.h"
#include "storage/proc.h"
#include "tcop/tcopprot.h"
#include "utils/memutils.h"
Include dependency graph for be-secure.c:

Go to the source code of this file.

Functions

int secure_initialize (bool isServerStart)
 
void secure_destroy (void)
 
bool secure_loaded_verify_locations (void)
 
int secure_open_server (Port *port)
 
void secure_close (Port *port)
 
ssize_t secure_read (Port *port, void *ptr, size_t len)
 
ssize_t secure_raw_read (Port *port, void *ptr, size_t len)
 
ssize_t secure_write (Port *port, void *ptr, size_t len)
 
ssize_t secure_raw_write (Port *port, const void *ptr, size_t len)
 

Variables

char * ssl_library
 
char * ssl_cert_file
 
char * ssl_key_file
 
char * ssl_ca_file
 
char * ssl_crl_file
 
char * ssl_crl_dir
 
char * ssl_dh_params_file
 
char * ssl_passphrase_command
 
bool ssl_passphrase_command_supports_reload
 
char * SSLCipherSuites = NULL
 
char * SSLECDHCurve
 
bool SSLPreferServerCiphers
 
int ssl_min_protocol_version
 
int ssl_max_protocol_version
 

Function Documentation

◆ secure_close()

void secure_close ( Port port)

Definition at line 135 of file be-secure.c.

References be_tls_close(), and Port::ssl_in_use.

Referenced by socket_close().

136 {
137 #ifdef USE_SSL
138  if (port->ssl_in_use)
139  be_tls_close(port);
140 #endif
141 }
bool ssl_in_use
Definition: libpq-be.h:209
void be_tls_close(Port *port)

◆ secure_destroy()

void secure_destroy ( void  )

Definition at line 91 of file be-secure.c.

References be_tls_destroy().

Referenced by SIGHUP_handler().

92 {
93 #ifdef USE_SSL
95 #endif
96 }
void be_tls_destroy(void)

◆ secure_initialize()

int secure_initialize ( bool  isServerStart)

Definition at line 78 of file be-secure.c.

References be_tls_init().

Referenced by BackendRun(), PostmasterMain(), and SIGHUP_handler().

79 {
80 #ifdef USE_SSL
81  return be_tls_init(isServerStart);
82 #else
83  return 0;
84 #endif
85 }
int be_tls_init(bool isServerStart)

◆ secure_loaded_verify_locations()

bool secure_loaded_verify_locations ( void  )

Definition at line 102 of file be-secure.c.

Referenced by ClientAuthentication().

103 {
104 #ifdef USE_SSL
105  return ssl_loaded_verify_locations;
106 #else
107  return false;
108 #endif
109 }

◆ secure_open_server()

int secure_open_server ( Port port)

Definition at line 115 of file be-secure.c.

References be_tls_open_server(), DEBUG2, ereport, errmsg_internal(), Port::peer_cn, and Port::peer_dn.

Referenced by ProcessStartupPacket().

116 {
117  int r = 0;
118 
119 #ifdef USE_SSL
120  r = be_tls_open_server(port);
121 
122  ereport(DEBUG2,
123  (errmsg_internal("SSL connection from DN:\"%s\" CN:\"%s\"",
124  port->peer_dn ? port->peer_dn : "(anonymous)",
125  port->peer_cn ? port->peer_cn : "(anonymous)")));
126 #endif
127 
128  return r;
129 }
char * peer_dn
Definition: libpq-be.h:211
char * peer_cn
Definition: libpq-be.h:210
#define DEBUG2
Definition: elog.h:24
#define ereport(elevel,...)
Definition: elog.h:157
int be_tls_open_server(Port *port)
int errmsg_internal(const char *fmt,...)
Definition: elog.c:996

◆ secure_raw_read()

ssize_t secure_raw_read ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 236 of file be-secure.c.

References pgwin32_noblock, recv, and Port::sock.

Referenced by be_gssapi_read(), my_sock_read(), read_or_wait(), and secure_read().

237 {
238  ssize_t n;
239 
240  /*
241  * Try to read from the socket without blocking. If it succeeds we're
242  * done, otherwise we'll wait for the socket using the latch mechanism.
243  */
244 #ifdef WIN32
245  pgwin32_noblock = true;
246 #endif
247  n = recv(port->sock, ptr, len, 0);
248 #ifdef WIN32
249  pgwin32_noblock = false;
250 #endif
251 
252  return n;
253 }
int pgwin32_noblock
Definition: socket.c:28
#define recv(s, buf, len, flags)
Definition: win32_port.h:465
pgsocket sock
Definition: libpq-be.h:127

◆ secure_raw_write()

ssize_t secure_raw_write ( Port port,
const void *  ptr,
size_t  len 
)

Definition at line 332 of file be-secure.c.

References pgwin32_noblock, send, and Port::sock.

Referenced by be_gssapi_write(), my_sock_write(), secure_open_gssapi(), and secure_write().

333 {
334  ssize_t n;
335 
336 #ifdef WIN32
337  pgwin32_noblock = true;
338 #endif
339  n = send(port->sock, ptr, len, 0);
340 #ifdef WIN32
341  pgwin32_noblock = false;
342 #endif
343 
344  return n;
345 }
int pgwin32_noblock
Definition: socket.c:28
pgsocket sock
Definition: libpq-be.h:127
#define send(s, buf, len, flags)
Definition: win32_port.h:466

◆ secure_read()

ssize_t secure_read ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 147 of file be-secure.c.

References Assert, be_gssapi_read(), be_tls_read(), EAGAIN, ereport, errcode(), errmsg(), WaitEvent::events, EWOULDBLOCK, FATAL, FeBeWaitSet, FeBeWaitSetSocketPos, Port::gss, ModifyWaitEvent(), MyLatch, ProcessClientReadInterrupt(), ResetLatch(), secure_raw_read(), Port::ssl_in_use, WAIT_EVENT_CLIENT_READ, WaitEventSetWait(), WL_LATCH_SET, WL_POSTMASTER_DEATH, and WL_SOCKET_READABLE.

Referenced by pq_getbyte_if_available(), and pq_recvbuf().

148 {
149  ssize_t n;
150  int waitfor;
151 
152  /* Deal with any already-pending interrupt condition. */
154 
155 retry:
156 #ifdef USE_SSL
157  waitfor = 0;
158  if (port->ssl_in_use)
159  {
160  n = be_tls_read(port, ptr, len, &waitfor);
161  }
162  else
163 #endif
164 #ifdef ENABLE_GSS
165  if (port->gss && port->gss->enc)
166  {
167  n = be_gssapi_read(port, ptr, len);
168  waitfor = WL_SOCKET_READABLE;
169  }
170  else
171 #endif
172  {
173  n = secure_raw_read(port, ptr, len);
174  waitfor = WL_SOCKET_READABLE;
175  }
176 
177  /* In blocking mode, wait until the socket is ready */
178  if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))
179  {
180  WaitEvent event;
181 
182  Assert(waitfor);
183 
185 
186  WaitEventSetWait(FeBeWaitSet, -1 /* no timeout */ , &event, 1,
188 
189  /*
190  * If the postmaster has died, it's not safe to continue running,
191  * because it is the postmaster's job to kill us if some other backend
192  * exits uncleanly. Moreover, we won't run very well in this state;
193  * helper processes like walwriter and the bgwriter will exit, so
194  * performance may be poor. Finally, if we don't exit, pg_ctl will be
195  * unable to restart the postmaster without manual intervention, so no
196  * new connections can be accepted. Exiting clears the deck for a
197  * postmaster restart.
198  *
199  * (Note that we only make this check when we would otherwise sleep on
200  * our latch. We might still continue running for a while if the
201  * postmaster is killed in mid-query, or even through multiple queries
202  * if we never have to wait for read. We don't want to burn too many
203  * cycles checking for this very rare condition, and this should cause
204  * us to exit quickly in most cases.)
205  */
206  if (event.events & WL_POSTMASTER_DEATH)
207  ereport(FATAL,
208  (errcode(ERRCODE_ADMIN_SHUTDOWN),
209  errmsg("terminating connection due to unexpected postmaster exit")));
210 
211  /* Handle interrupt. */
212  if (event.events & WL_LATCH_SET)
213  {
216 
217  /*
218  * We'll retry the read. Most likely it will return immediately
219  * because there's still no data available, and we'll wait for the
220  * socket to become ready again.
221  */
222  }
223  goto retry;
224  }
225 
226  /*
227  * Process interrupts that happened during a successful (or non-blocking,
228  * or hard-failed) read.
229  */
231 
232  return n;
233 }
ssize_t be_tls_read(Port *port, void *ptr, size_t len, int *waitfor)
#define FeBeWaitSetSocketPos
Definition: libpq.h:63
#define EAGAIN
Definition: win32_port.h:341
int errcode(int sqlerrcode)
Definition: elog.c:698
void ModifyWaitEvent(WaitEventSet *set, int pos, uint32 events, Latch *latch)
Definition: latch.c:948
bool ssl_in_use
Definition: libpq-be.h:209
#define WL_SOCKET_READABLE
Definition: latch.h:126
WaitEventSet * FeBeWaitSet
Definition: pqcomm.c:168
void ResetLatch(Latch *latch)
Definition: latch.c:660
#define FATAL
Definition: elog.h:49
uint32 events
Definition: latch.h:145
#define WL_POSTMASTER_DEATH
Definition: latch.h:129
void ProcessClientReadInterrupt(bool blocked)
Definition: postgres.c:492
#define ereport(elevel,...)
Definition: elog.h:157
ssize_t secure_raw_read(Port *port, void *ptr, size_t len)
Definition: be-secure.c:236
#define Assert(condition)
Definition: c.h:804
void * gss
Definition: libpq-be.h:203
int errmsg(const char *fmt,...)
Definition: elog.c:909
struct Latch * MyLatch
Definition: globals.c:57
#define EWOULDBLOCK
Definition: win32_port.h:349
#define WL_LATCH_SET
Definition: latch.h:125
int WaitEventSetWait(WaitEventSet *set, long timeout, WaitEvent *occurred_events, int nevents, uint32 wait_event_info)
Definition: latch.c:1306
ssize_t be_gssapi_read(Port *port, void *ptr, size_t len)

◆ secure_write()

ssize_t secure_write ( Port port,
void *  ptr,
size_t  len 
)

Definition at line 260 of file be-secure.c.

References Assert, be_gssapi_write(), be_tls_write(), EAGAIN, ereport, errcode(), errmsg(), WaitEvent::events, EWOULDBLOCK, FATAL, FeBeWaitSet, FeBeWaitSetSocketPos, Port::gss, ModifyWaitEvent(), MyLatch, ProcessClientWriteInterrupt(), ResetLatch(), secure_raw_write(), Port::ssl_in_use, WAIT_EVENT_CLIENT_WRITE, WaitEventSetWait(), WL_LATCH_SET, WL_POSTMASTER_DEATH, and WL_SOCKET_WRITEABLE.

Referenced by internal_flush().

261 {
262  ssize_t n;
263  int waitfor;
264 
265  /* Deal with any already-pending interrupt condition. */
267 
268 retry:
269  waitfor = 0;
270 #ifdef USE_SSL
271  if (port->ssl_in_use)
272  {
273  n = be_tls_write(port, ptr, len, &waitfor);
274  }
275  else
276 #endif
277 #ifdef ENABLE_GSS
278  if (port->gss && port->gss->enc)
279  {
280  n = be_gssapi_write(port, ptr, len);
281  waitfor = WL_SOCKET_WRITEABLE;
282  }
283  else
284 #endif
285  {
286  n = secure_raw_write(port, ptr, len);
287  waitfor = WL_SOCKET_WRITEABLE;
288  }
289 
290  if (n < 0 && !port->noblock && (errno == EWOULDBLOCK || errno == EAGAIN))
291  {
292  WaitEvent event;
293 
294  Assert(waitfor);
295 
297 
298  WaitEventSetWait(FeBeWaitSet, -1 /* no timeout */ , &event, 1,
300 
301  /* See comments in secure_read. */
302  if (event.events & WL_POSTMASTER_DEATH)
303  ereport(FATAL,
304  (errcode(ERRCODE_ADMIN_SHUTDOWN),
305  errmsg("terminating connection due to unexpected postmaster exit")));
306 
307  /* Handle interrupt. */
308  if (event.events & WL_LATCH_SET)
309  {
312 
313  /*
314  * We'll retry the write. Most likely it will return immediately
315  * because there's still no buffer space available, and we'll wait
316  * for the socket to become ready again.
317  */
318  }
319  goto retry;
320  }
321 
322  /*
323  * Process interrupts that happened during a successful (or non-blocking,
324  * or hard-failed) write.
325  */
327 
328  return n;
329 }
#define FeBeWaitSetSocketPos
Definition: libpq.h:63
#define WL_SOCKET_WRITEABLE
Definition: latch.h:127
#define EAGAIN
Definition: win32_port.h:341
ssize_t secure_raw_write(Port *port, const void *ptr, size_t len)
Definition: be-secure.c:332
int errcode(int sqlerrcode)
Definition: elog.c:698
void ModifyWaitEvent(WaitEventSet *set, int pos, uint32 events, Latch *latch)
Definition: latch.c:948
bool ssl_in_use
Definition: libpq-be.h:209
WaitEventSet * FeBeWaitSet
Definition: pqcomm.c:168
void ResetLatch(Latch *latch)
Definition: latch.c:660
#define FATAL
Definition: elog.h:49
uint32 events
Definition: latch.h:145
ssize_t be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
#define WL_POSTMASTER_DEATH
Definition: latch.h:129
ssize_t be_gssapi_write(Port *port, void *ptr, size_t len)
#define ereport(elevel,...)
Definition: elog.h:157
#define Assert(condition)
Definition: c.h:804
void * gss
Definition: libpq-be.h:203
int errmsg(const char *fmt,...)
Definition: elog.c:909
struct Latch * MyLatch
Definition: globals.c:57
#define EWOULDBLOCK
Definition: win32_port.h:349
#define WL_LATCH_SET
Definition: latch.h:125
int WaitEventSetWait(WaitEventSet *set, long timeout, WaitEvent *occurred_events, int nevents, uint32 wait_event_info)
Definition: latch.c:1306
void ProcessClientWriteInterrupt(bool blocked)
Definition: postgres.c:538

Variable Documentation

◆ ssl_ca_file

char* ssl_ca_file

Definition at line 43 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_cert_file

char* ssl_cert_file

Definition at line 41 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_crl_dir

char* ssl_crl_dir

Definition at line 45 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_crl_file

char* ssl_crl_file

Definition at line 44 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_dh_params_file

char* ssl_dh_params_file

Definition at line 46 of file be-secure.c.

Referenced by initialize_dh().

◆ ssl_key_file

char* ssl_key_file

Definition at line 42 of file be-secure.c.

Referenced by be_tls_init().

◆ ssl_library

char* ssl_library

Definition at line 40 of file be-secure.c.

◆ ssl_max_protocol_version

int ssl_max_protocol_version

Definition at line 64 of file be-secure.c.

Referenced by be_tls_init(), and be_tls_open_server().

◆ ssl_min_protocol_version

int ssl_min_protocol_version

Definition at line 63 of file be-secure.c.

Referenced by be_tls_init(), and be_tls_open_server().

◆ ssl_passphrase_command

char* ssl_passphrase_command

Definition at line 47 of file be-secure.c.

Referenced by default_openssl_tls_init(), run_ssl_passphrase_command(), and set_rot13().

◆ ssl_passphrase_command_supports_reload

bool ssl_passphrase_command_supports_reload

Definition at line 48 of file be-secure.c.

Referenced by default_openssl_tls_init().

◆ SSLCipherSuites

char* SSLCipherSuites = NULL

Definition at line 55 of file be-secure.c.

Referenced by be_tls_init().

◆ SSLECDHCurve

char* SSLECDHCurve

Definition at line 58 of file be-secure.c.

Referenced by initialize_ecdh().

◆ SSLPreferServerCiphers

bool SSLPreferServerCiphers

Definition at line 61 of file be-secure.c.

Referenced by be_tls_init().