PostgreSQL Source Code git master
Loading...
Searching...
No Matches
fe-connect.c
Go to the documentation of this file.
1/*-------------------------------------------------------------------------
2 *
3 * fe-connect.c
4 * functions related to setting up a connection to the backend
5 *
6 * Portions Copyright (c) 1996-2026, PostgreSQL Global Development Group
7 * Portions Copyright (c) 1994, Regents of the University of California
8 *
9 *
10 * IDENTIFICATION
11 * src/interfaces/libpq/fe-connect.c
12 *
13 *-------------------------------------------------------------------------
14 */
15
16#include "postgres_fe.h"
17
18#include <sys/stat.h>
19#include <fcntl.h>
20#include <ctype.h>
21#include <limits.h>
22#include <netdb.h>
23#include <time.h>
24#include <unistd.h>
25
26#include "common/base64.h"
27#include "common/ip.h"
28#include "common/link-canary.h"
29#include "common/scram-common.h"
30#include "common/string.h"
31#include "fe-auth.h"
32#include "fe-auth-oauth.h"
33#include "libpq-fe.h"
34#include "libpq-int.h"
35#include "mb/pg_wchar.h"
36#include "pg_config_paths.h"
37#include "port/pg_bswap.h"
38
39#ifdef WIN32
40#include "win32.h"
41#ifdef _WIN32_IE
42#undef _WIN32_IE
43#endif
44#define _WIN32_IE 0x0500
45#ifdef near
46#undef near
47#endif
48#define near
49#include <shlobj.h>
50#include <mstcpip.h>
51#else
52#include <sys/socket.h>
53#include <netdb.h>
54#include <netinet/in.h>
55#include <netinet/tcp.h>
56#include <pwd.h>
57#endif
58
59#ifdef WIN32
60#include "pthread-win32.h"
61#else
62#include <pthread.h>
63#endif
64
65#ifdef USE_LDAP
66#ifdef WIN32
67#include <winldap.h>
68#else
69/* OpenLDAP deprecates RFC 1823, but we want standard conformance */
70#define LDAP_DEPRECATED 1
71#include <ldap.h>
72typedef struct timeval LDAP_TIMEVAL;
73#endif
74static int ldapServiceLookup(const char *purl, PQconninfoOption *options,
75 PQExpBuffer errorMessage);
76#endif
77
78#ifndef WIN32
79#define PGPASSFILE ".pgpass"
80#else
81#define PGPASSFILE "pgpass.conf"
82#endif
83
84/*
85 * Pre-9.0 servers will return this SQLSTATE if asked to set
86 * application_name in a startup packet. We hard-wire the value rather
87 * than looking into errcodes.h since it reflects historical behavior
88 * rather than that of the current code.
89 */
90#define ERRCODE_APPNAME_UNKNOWN "42704"
91
92/* This is part of the protocol so just define it */
93#define ERRCODE_INVALID_PASSWORD "28P01"
94/* These too */
95#define ERRCODE_CANNOT_CONNECT_NOW "57P03"
96#define ERRCODE_PROTOCOL_VIOLATION "08P01"
97
98/*
99 * Cope with the various platform-specific ways to spell TCP keepalive socket
100 * options. This doesn't cover Windows, which as usual does its own thing.
101 */
102#if defined(TCP_KEEPIDLE)
103/* TCP_KEEPIDLE is the name of this option on Linux and *BSD */
104#define PG_TCP_KEEPALIVE_IDLE TCP_KEEPIDLE
105#define PG_TCP_KEEPALIVE_IDLE_STR "TCP_KEEPIDLE"
106#elif defined(TCP_KEEPALIVE_THRESHOLD)
107/* TCP_KEEPALIVE_THRESHOLD is the name of this option on Solaris >= 11 */
108#define PG_TCP_KEEPALIVE_IDLE TCP_KEEPALIVE_THRESHOLD
109#define PG_TCP_KEEPALIVE_IDLE_STR "TCP_KEEPALIVE_THRESHOLD"
110#elif defined(TCP_KEEPALIVE) && defined(__darwin__)
111/* TCP_KEEPALIVE is the name of this option on macOS */
112/* Caution: Solaris has this symbol but it means something different */
113#define PG_TCP_KEEPALIVE_IDLE TCP_KEEPALIVE
114#define PG_TCP_KEEPALIVE_IDLE_STR "TCP_KEEPALIVE"
115#endif
116
117/*
118 * fall back options if they are not specified by arguments or defined
119 * by environment variables
120 */
121#define DefaultHost "localhost"
122#define DefaultOption ""
123#ifdef USE_SSL
124#define DefaultChannelBinding "prefer"
125#else
126#define DefaultChannelBinding "disable"
127#endif
128#define DefaultTargetSessionAttrs "any"
129#define DefaultLoadBalanceHosts "disable"
130#ifdef USE_SSL
131#define DefaultSSLMode "prefer"
132#define DefaultSSLCertMode "allow"
133#else
134#define DefaultSSLMode "disable"
135#define DefaultSSLCertMode "disable"
136#endif
137#define DefaultSSLNegotiation "postgres"
138#ifdef ENABLE_GSS
139#include "fe-gssapi-common.h"
140#define DefaultGSSMode "prefer"
141#else
142#define DefaultGSSMode "disable"
143#endif
144
145/* ----------
146 * Definition of the conninfo parameters and their fallback resources.
147 *
148 * If Environment-Var and Compiled-in are specified as NULL, no
149 * fallback is available. If after all no value can be determined
150 * for an option, an error is returned.
151 *
152 * The value for the username is treated specially in conninfo_add_defaults.
153 * If the value is not obtained any other way, the username is determined
154 * by pg_fe_getauthname().
155 *
156 * The Label and Disp-Char entries are provided for applications that
157 * want to use PQconndefaults() to create a generic database connection
158 * dialog. Disp-Char is defined as follows:
159 * "" Normal input field
160 * "*" Password field - hide value
161 * "D" Debug option - don't show by default
162 *
163 * NB: Server-side clients -- dblink, postgres_fdw, libpqrcv -- use dispchar to
164 * determine which options to expose to end users, and how. Changing dispchar
165 * has compatibility and security implications for those clients. For example,
166 * postgres_fdw will attach a "*" option to USER MAPPING instead of the default
167 * SERVER, and it disallows setting "D" options entirely.
168 *
169 * PQconninfoOptions[] is a constant static array that we use to initialize
170 * a dynamically allocated working copy. All the "val" fields in
171 * PQconninfoOptions[] *must* be NULL. In a working copy, non-null "val"
172 * fields point to malloc'd strings that should be freed when the working
173 * array is freed (see PQconninfoFree).
174 *
175 * The first part of each struct is identical to the one in libpq-fe.h,
176 * which is required since we memcpy() data between the two!
177 * ----------
178 */
179typedef struct _internalPQconninfoOption
180{
181 char *keyword; /* The keyword of the option */
182 char *envvar; /* Fallback environment variable name */
183 char *compiled; /* Fallback compiled in default value */
184 char *val; /* Option's current value, or NULL */
185 char *label; /* Label for field in connect dialog */
186 char *dispchar; /* Indicates how to display this field in a
187 * connect dialog. Values are: "" Display
188 * entered value as is "*" Password field -
189 * hide value "D" Debug option - don't show
190 * by default */
191 int dispsize; /* Field size in characters for dialog */
192 /* ---
193 * Anything above this comment must be synchronized with
194 * PQconninfoOption in libpq-fe.h, since we memcpy() data
195 * between them!
196 * ---
197 */
198 off_t connofs; /* Offset into PGconn struct, -1 if not there */
199} internalPQconninfoOption;
200
201static const internalPQconninfoOption PQconninfoOptions[] = {
202 {"service", "PGSERVICE", NULL, NULL,
203 "Database-Service", "", 20,
204 offsetof(struct pg_conn, pgservice)},
205
206 {"servicefile", "PGSERVICEFILE", NULL, NULL,
207 "Database-Service-File", "", 64,
208 offsetof(struct pg_conn, pgservicefile)},
209
210 {"user", "PGUSER", NULL, NULL,
211 "Database-User", "", 20,
212 offsetof(struct pg_conn, pguser)},
213
214 {"password", "PGPASSWORD", NULL, NULL,
215 "Database-Password", "*", 20,
216 offsetof(struct pg_conn, pgpass)},
217
218 {"passfile", "PGPASSFILE", NULL, NULL,
219 "Database-Password-File", "", 64,
220 offsetof(struct pg_conn, pgpassfile)},
221
222 {"channel_binding", "PGCHANNELBINDING", DefaultChannelBinding, NULL,
223 "Channel-Binding", "", 8, /* sizeof("require") == 8 */
224 offsetof(struct pg_conn, channel_binding)},
225
226 {"connect_timeout", "PGCONNECT_TIMEOUT", NULL, NULL,
227 "Connect-timeout", "", 10, /* strlen(INT32_MAX) == 10 */
228 offsetof(struct pg_conn, connect_timeout)},
229
230 {"dbname", "PGDATABASE", NULL, NULL,
231 "Database-Name", "", 20,
232 offsetof(struct pg_conn, dbName)},
233
234 {"host", "PGHOST", NULL, NULL,
235 "Database-Host", "", 40,
236 offsetof(struct pg_conn, pghost)},
237
238 {"hostaddr", "PGHOSTADDR", NULL, NULL,
239 "Database-Host-IP-Address", "", 45,
240 offsetof(struct pg_conn, pghostaddr)},
241
242 {"port", "PGPORT", DEF_PGPORT_STR, NULL,
243 "Database-Port", "", 6,
244 offsetof(struct pg_conn, pgport)},
245
246 {"client_encoding", "PGCLIENTENCODING", NULL, NULL,
247 "Client-Encoding", "", 10,
248 offsetof(struct pg_conn, client_encoding_initial)},
249
250 {"options", "PGOPTIONS", DefaultOption, NULL,
251 "Backend-Options", "", 40,
252 offsetof(struct pg_conn, pgoptions)},
253
254 {"application_name", "PGAPPNAME", NULL, NULL,
255 "Application-Name", "", 64,
256 offsetof(struct pg_conn, appname)},
257
258 {"fallback_application_name", NULL, NULL, NULL,
259 "Fallback-Application-Name", "", 64,
260 offsetof(struct pg_conn, fbappname)},
261
262 {"keepalives", NULL, NULL, NULL,
263 "TCP-Keepalives", "", 1, /* should be just '0' or '1' */
264 offsetof(struct pg_conn, keepalives)},
265
266 {"keepalives_idle", NULL, NULL, NULL,
267 "TCP-Keepalives-Idle", "", 10, /* strlen(INT32_MAX) == 10 */
268 offsetof(struct pg_conn, keepalives_idle)},
269
270 {"keepalives_interval", NULL, NULL, NULL,
271 "TCP-Keepalives-Interval", "", 10, /* strlen(INT32_MAX) == 10 */
272 offsetof(struct pg_conn, keepalives_interval)},
273
274 {"keepalives_count", NULL, NULL, NULL,
275 "TCP-Keepalives-Count", "", 10, /* strlen(INT32_MAX) == 10 */
276 offsetof(struct pg_conn, keepalives_count)},
277
278 {"tcp_user_timeout", NULL, NULL, NULL,
279 "TCP-User-Timeout", "", 10, /* strlen(INT32_MAX) == 10 */
280 offsetof(struct pg_conn, pgtcp_user_timeout)},
281
282 /*
283 * ssl options are allowed even without client SSL support because the
284 * client can still handle SSL modes "disable" and "allow". Other
285 * parameters have no effect on non-SSL connections, so there is no reason
286 * to exclude them since none of them are mandatory.
287 */
288 {"sslmode", "PGSSLMODE", DefaultSSLMode, NULL,
289 "SSL-Mode", "", 12, /* sizeof("verify-full") == 12 */
290 offsetof(struct pg_conn, sslmode)},
291
292 {"sslnegotiation", "PGSSLNEGOTIATION", DefaultSSLNegotiation, NULL,
293 "SSL-Negotiation", "", 9, /* sizeof("postgres") == 9 */
294 offsetof(struct pg_conn, sslnegotiation)},
295
296 {"sslcompression", "PGSSLCOMPRESSION", "0", NULL,
297 "SSL-Compression", "", 1,
298 offsetof(struct pg_conn, sslcompression)},
299
300 {"sslcert", "PGSSLCERT", NULL, NULL,
301 "SSL-Client-Cert", "", 64,
302 offsetof(struct pg_conn, sslcert)},
303
304 {"sslkey", "PGSSLKEY", NULL, NULL,
305 "SSL-Client-Key", "", 64,
306 offsetof(struct pg_conn, sslkey)},
307
308 {"sslcertmode", "PGSSLCERTMODE", NULL, NULL,
309 "SSL-Client-Cert-Mode", "", 8, /* sizeof("disable") == 8 */
310 offsetof(struct pg_conn, sslcertmode)},
311
312 {"sslpassword", NULL, NULL, NULL,
313 "SSL-Client-Key-Password", "*", 20,
314 offsetof(struct pg_conn, sslpassword)},
315
316 {"sslrootcert", "PGSSLROOTCERT", NULL, NULL,
317 "SSL-Root-Certificate", "", 64,
318 offsetof(struct pg_conn, sslrootcert)},
319
320 {"sslcrl", "PGSSLCRL", NULL, NULL,
321 "SSL-Revocation-List", "", 64,
322 offsetof(struct pg_conn, sslcrl)},
323
324 {"sslcrldir", "PGSSLCRLDIR", NULL, NULL,
325 "SSL-Revocation-List-Dir", "", 64,
326 offsetof(struct pg_conn, sslcrldir)},
327
328 {"sslsni", "PGSSLSNI", "1", NULL,
329 "SSL-SNI", "", 1,
330 offsetof(struct pg_conn, sslsni)},
331
332 {"requirepeer", "PGREQUIREPEER", NULL, NULL,
333 "Require-Peer", "", 10,
334 offsetof(struct pg_conn, requirepeer)},
335
336 {"require_auth", "PGREQUIREAUTH", NULL, NULL,
337 "Require-Auth", "", 14, /* sizeof("scram-sha-256") == 14 */
338 offsetof(struct pg_conn, require_auth)},
339
340 {"min_protocol_version", "PGMINPROTOCOLVERSION",
341 NULL, NULL,
342 "Min-Protocol-Version", "", 6, /* sizeof("latest") = 6 */
343 offsetof(struct pg_conn, min_protocol_version)},
344
345 {"max_protocol_version", "PGMAXPROTOCOLVERSION",
346 NULL, NULL,
347 "Max-Protocol-Version", "", 6, /* sizeof("latest") = 6 */
348 offsetof(struct pg_conn, max_protocol_version)},
349
350 {"ssl_min_protocol_version", "PGSSLMINPROTOCOLVERSION", "TLSv1.2", NULL,
351 "SSL-Minimum-Protocol-Version", "", 8, /* sizeof("TLSv1.x") == 8 */
352 offsetof(struct pg_conn, ssl_min_protocol_version)},
353
354 {"ssl_max_protocol_version", "PGSSLMAXPROTOCOLVERSION", NULL, NULL,
355 "SSL-Maximum-Protocol-Version", "", 8, /* sizeof("TLSv1.x") == 8 */
356 offsetof(struct pg_conn, ssl_max_protocol_version)},
357
358 /*
359 * As with SSL, all GSS options are exposed even in builds that don't have
360 * support.
361 */
362 {"gssencmode", "PGGSSENCMODE", DefaultGSSMode, NULL,
363 "GSSENC-Mode", "", 8, /* sizeof("disable") == 8 */
364 offsetof(struct pg_conn, gssencmode)},
365
366 /* Kerberos and GSSAPI authentication support specifying the service name */
367 {"krbsrvname", "PGKRBSRVNAME", PG_KRB_SRVNAM, NULL,
368 "Kerberos-service-name", "", 20,
369 offsetof(struct pg_conn, krbsrvname)},
370
371 {"gsslib", "PGGSSLIB", NULL, NULL,
372 "GSS-library", "", 7, /* sizeof("gssapi") == 7 */
373 offsetof(struct pg_conn, gsslib)},
374
375 {"gssdelegation", "PGGSSDELEGATION", "0", NULL,
376 "GSS-delegation", "", 1,
377 offsetof(struct pg_conn, gssdelegation)},
378
379 {"replication", NULL, NULL, NULL,
380 "Replication", "D", 5,
381 offsetof(struct pg_conn, replication)},
382
383 {"target_session_attrs", "PGTARGETSESSIONATTRS",
384 DefaultTargetSessionAttrs, NULL,
385 "Target-Session-Attrs", "", 15, /* sizeof("prefer-standby") = 15 */
386 offsetof(struct pg_conn, target_session_attrs)},
387
388 {"load_balance_hosts", "PGLOADBALANCEHOSTS",
389 DefaultLoadBalanceHosts, NULL,
390 "Load-Balance-Hosts", "", 8, /* sizeof("disable") = 8 */
391 offsetof(struct pg_conn, load_balance_hosts)},
392
393 {"scram_client_key", NULL, NULL, NULL, "SCRAM-Client-Key", "D", SCRAM_MAX_KEY_LEN * 2,
394 offsetof(struct pg_conn, scram_client_key)},
395
396 {"scram_server_key", NULL, NULL, NULL, "SCRAM-Server-Key", "D", SCRAM_MAX_KEY_LEN * 2,
397 offsetof(struct pg_conn, scram_server_key)},
398
399 /* OAuth v2 */
400 {"oauth_issuer", NULL, NULL, NULL,
401 "OAuth-Issuer", "", 40,
402 offsetof(struct pg_conn, oauth_issuer)},
403
404 {"oauth_client_id", NULL, NULL, NULL,
405 "OAuth-Client-ID", "", 40,
406 offsetof(struct pg_conn, oauth_client_id)},
407
408 {"oauth_client_secret", NULL, NULL, NULL,
409 "OAuth-Client-Secret", "*", 40,
410 offsetof(struct pg_conn, oauth_client_secret)},
411
412 {"oauth_scope", NULL, NULL, NULL,
413 "OAuth-Scope", "", 15,
414 offsetof(struct pg_conn, oauth_scope)},
415
416 {"oauth_ca_file", "PGOAUTHCAFILE", NULL, NULL,
417 "OAuth-CA-File", "", 64,
418 offsetof(struct pg_conn, oauth_ca_file)},
419
420 {"sslkeylogfile", NULL, NULL, NULL,
421 "SSL-Key-Log-File", "D", 64,
422 offsetof(struct pg_conn, sslkeylogfile)},
423
424 /* Terminating entry --- MUST BE LAST */
425 {NULL, NULL, NULL, NULL,
426 NULL, NULL, 0}
427};
428
429static const PQEnvironmentOption EnvironmentOptions[] =
430{
431 /* common user-interface settings */
432 {
433 "PGDATESTYLE", "datestyle"
434 },
435 {
436 "PGTZ", "timezone"
437 },
438 /* internal performance-related settings */
439 {
440 "PGGEQO", "geqo"
441 },
442 {
443 NULL, NULL
444 }
445};
446
447static const pg_fe_sasl_mech *supported_sasl_mechs[] =
448{
449 &pg_scram_mech,
450 &pg_oauth_mech,
451};
452#define SASL_MECHANISM_COUNT lengthof(supported_sasl_mechs)
453
454/* The connection URI must start with either of the following designators: */
455static const char uri_designator[] = "postgresql://";
456static const char short_uri_designator[] = "postgres://";
457
458static bool connectOptions1(PGconn *conn, const char *conninfo);
459static bool init_allowed_encryption_methods(PGconn *conn);
460#if defined(USE_SSL) || defined(ENABLE_GSS)
461static int encryption_negotiation_failed(PGconn *conn);
462#endif
463static bool connection_failed(PGconn *conn);
464static bool select_next_encryption_method(PGconn *conn, bool have_valid_connection);
465static PGPing internal_ping(PGconn *conn);
466static void pqFreeCommandQueue(PGcmdQueueEntry *queue);
467static bool fillPGconn(PGconn *conn, PQconninfoOption *connOptions);
468static void freePGconn(PGconn *conn);
469static void release_conn_addrinfo(PGconn *conn);
470static int store_conn_addrinfo(PGconn *conn, struct addrinfo *addrlist);
471static void sendTerminateConn(PGconn *conn);
472static PQconninfoOption *conninfo_init(PQExpBuffer errorMessage);
473static PQconninfoOption *parse_connection_string(const char *connstr,
474 PQExpBuffer errorMessage, bool use_defaults);
475static int uri_prefix_length(const char *connstr);
476static bool recognized_connection_string(const char *connstr);
477static PQconninfoOption *conninfo_parse(const char *conninfo,
478 PQExpBuffer errorMessage, bool use_defaults);
479static PQconninfoOption *conninfo_array_parse(const char *const *keywords,
480 const char *const *values, PQExpBuffer errorMessage,
481 bool use_defaults, int expand_dbname);
482static bool conninfo_add_defaults(PQconninfoOption *options,
483 PQExpBuffer errorMessage);
484static PQconninfoOption *conninfo_uri_parse(const char *uri,
485 PQExpBuffer errorMessage, bool use_defaults);
486static bool conninfo_uri_parse_options(PQconninfoOption *options,
487 const char *uri, PQExpBuffer errorMessage);
488static bool conninfo_uri_parse_params(char *params,
489 PQconninfoOption *connOptions,
490 PQExpBuffer errorMessage);
491static char *conninfo_uri_decode(const char *str, PQExpBuffer errorMessage);
492static bool get_hexdigit(char digit, int *value);
493static const char *conninfo_getval(PQconninfoOption *connOptions,
494 const char *keyword);
495static PQconninfoOption *conninfo_storeval(PQconninfoOption *connOptions,
496 const char *keyword, const char *value,
497 PQExpBuffer errorMessage, bool ignoreMissing, bool uri_decode);
498static PQconninfoOption *conninfo_find(PQconninfoOption *connOptions,
499 const char *keyword);
500static void defaultNoticeReceiver(void *arg, const PGresult *res);
501static void defaultNoticeProcessor(void *arg, const char *message);
502static int parseServiceInfo(PQconninfoOption *options,
503 PQExpBuffer errorMessage);
504static int parseServiceFile(const char *serviceFile,
505 const char *service,
506 PQconninfoOption *options,
507 PQExpBuffer errorMessage,
508 bool *group_found);
509static char *pwdfMatchesString(char *buf, const char *token);
510static char *passwordFromFile(const char *hostname, const char *port,
511 const char *dbname, const char *username,
512 const char *pgpassfile, const char **errmsg);
513static void pgpassfileWarning(PGconn *conn);
514static void default_threadlock(int acquire);
515static bool sslVerifyProtocolVersion(const char *version);
516static bool sslVerifyProtocolRange(const char *min, const char *max);
517static bool pqParseProtocolVersion(const char *value, ProtocolVersion *result, PGconn *conn, const char *context);
518
519
520/* global variable because fe-auth.c needs to access it */
521pgthreadlock_t pg_g_threadlock = default_threadlock;
522
523
524/*
525 * pqDropConnection
526 *
527 * Close any physical connection to the server, and reset associated
528 * state inside the connection object. We don't release state that
529 * would be needed to reconnect, though, nor local state that might still
530 * be useful later.
531 *
532 * We can always flush the output buffer, since there's no longer any hope
533 * of sending that data. However, unprocessed input data might still be
534 * valuable, so the caller must tell us whether to flush that or not.
535 */
536void
537pqDropConnection(PGconn *conn, bool flushInput)
538{
539 /* Drop any SSL state */
540 pqsecure_close(conn);
541
542 /* Close the socket itself */
543 if (conn->sock != PGINVALID_SOCKET)
544 closesocket(conn->sock);
545 conn->sock = PGINVALID_SOCKET;
546
547 /* Optionally discard any unread data */
548 if (flushInput)
549 conn->inStart = conn->inCursor = conn->inEnd = 0;
550
551 /* Always discard any unsent data */
552 conn->outCount = 0;
553
554 /* Likewise, discard any pending pipelined commands */
555 pqFreeCommandQueue(conn->cmd_queue_head);
556 conn->cmd_queue_head = conn->cmd_queue_tail = NULL;
557 pqFreeCommandQueue(conn->cmd_queue_recycle);
558 conn->cmd_queue_recycle = NULL;
559
560 /* Free authentication/encryption state */
561 if (conn->cleanup_async_auth)
562 {
563 /*
564 * Any in-progress async authentication should be torn down first so
565 * that cleanup_async_auth() can depend on the other authentication
566 * state if necessary.
567 */
568 conn->cleanup_async_auth(conn);
569 conn->cleanup_async_auth = NULL;
570 }
571 conn->async_auth = NULL;
572 /* cleanup_async_auth() should have done this, but make sure */
573 conn->altsock = PGINVALID_SOCKET;
574#ifdef ENABLE_GSS
575 {
576 OM_uint32 min_s;
577
578 if (conn->gcred != GSS_C_NO_CREDENTIAL)
579 {
580 gss_release_cred(&min_s, &conn->gcred);
581 conn->gcred = GSS_C_NO_CREDENTIAL;
582 }
583 if (conn->gctx)
584 gss_delete_sec_context(&min_s, &conn->gctx, GSS_C_NO_BUFFER);
585 if (conn->gtarg_nam)
586 gss_release_name(&min_s, &conn->gtarg_nam);
587 if (conn->gss_SendBuffer)
588 {
589 free(conn->gss_SendBuffer);
590 conn->gss_SendBuffer = NULL;
591 }
592 if (conn->gss_RecvBuffer)
593 {
594 free(conn->gss_RecvBuffer);
595 conn->gss_RecvBuffer = NULL;
596 }
597 if (conn->gss_ResultBuffer)
598 {
599 free(conn->gss_ResultBuffer);
600 conn->gss_ResultBuffer = NULL;
601 }
602 conn->gssenc = false;
603 }
604#endif
605#ifdef ENABLE_SSPI
606 if (conn->sspitarget)
607 {
608 free(conn->sspitarget);
609 conn->sspitarget = NULL;
610 }
611 if (conn->sspicred)
612 {
613 FreeCredentialsHandle(conn->sspicred);
614 free(conn->sspicred);
615 conn->sspicred = NULL;
616 }
617 if (conn->sspictx)
618 {
619 DeleteSecurityContext(conn->sspictx);
620 free(conn->sspictx);
621 conn->sspictx = NULL;
622 }
623 conn->usesspi = 0;
624#endif
625 if (conn->sasl_state)
626 {
627 conn->sasl->free(conn->sasl_state);
628 conn->sasl_state = NULL;
629 }
630}
631
632/*
633 * pqFreeCommandQueue
634 * Free all the entries of PGcmdQueueEntry queue passed.
635 */
636static void
637pqFreeCommandQueue(PGcmdQueueEntry *queue)
638{
639 while (queue != NULL)
640 {
641 PGcmdQueueEntry *cur = queue;
642
643 queue = cur->next;
644 free(cur->query);
645 free(cur);
646 }
647}
648
649/*
650 * pqDropServerData
651 *
652 * Clear all connection state data that was received from (or deduced about)
653 * the server. This is essential to do between connection attempts to
654 * different servers, else we may incorrectly hold over some data from the
655 * old server.
656 *
657 * It would be better to merge this into pqDropConnection, perhaps, but
658 * right now we cannot because that function is called immediately on
659 * detection of connection loss (cf. pqReadData, for instance). This data
660 * should be kept until we are actually starting a new connection.
661 */
662static void
663pqDropServerData(PGconn *conn)
664{
665 PGnotify *notify;
666 pgParameterStatus *pstatus;
667
668 /* Forget pending notifies */
669 notify = conn->notifyHead;
670 while (notify != NULL)
671 {
672 PGnotify *prev = notify;
673
674 notify = notify->next;
675 free(prev);
676 }
677 conn->notifyHead = conn->notifyTail = NULL;
678
679 /* Reset ParameterStatus data, as well as variables deduced from it */
680 pstatus = conn->pstatus;
681 while (pstatus != NULL)
682 {
683 pgParameterStatus *prev = pstatus;
684
685 pstatus = pstatus->next;
686 free(prev);
687 }
688 conn->pstatus = NULL;
689 conn->client_encoding = PG_SQL_ASCII;
690 conn->std_strings = false;
691 conn->default_transaction_read_only = PG_BOOL_UNKNOWN;
692 conn->in_hot_standby = PG_BOOL_UNKNOWN;
693 conn->scram_sha_256_iterations = SCRAM_SHA_256_DEFAULT_ITERATIONS;
694 conn->sversion = 0;
695
696 /* Drop large-object lookup data */
697 free(conn->lobjfuncs);
698 conn->lobjfuncs = NULL;
699
700 /* Reset assorted other per-connection state */
701 conn->last_sqlstate[0] = '\0';
702 conn->pversion_negotiated = false;
703 conn->auth_req_received = false;
704 conn->client_finished_auth = false;
705 conn->password_needed = false;
706 conn->gssapi_used = false;
707 conn->write_failed = false;
708 free(conn->write_err_msg);
709 conn->write_err_msg = NULL;
710 conn->oauth_want_retry = false;
711
712 /*
713 * Cancel connections need to retain their be_pid and be_cancel_key across
714 * PQcancelReset invocations, otherwise they would not have access to the
715 * secret token of the connection they are supposed to cancel.
716 */
717 if (!conn->cancelRequest)
718 {
719 conn->be_pid = 0;
720 if (conn->be_cancel_key != NULL)
721 {
722 free(conn->be_cancel_key);
723 conn->be_cancel_key = NULL;
724 }
725 conn->be_cancel_key_len = 0;
726 }
727}
728
729
730/*
731 * Connecting to a Database
732 *
733 * There are now six different ways a user of this API can connect to the
734 * database. Two are not recommended for use in new code, because of their
735 * lack of extensibility with respect to the passing of options to the
736 * backend. These are PQsetdb and PQsetdbLogin (the former now being a macro
737 * to the latter).
738 *
739 * If it is desired to connect in a synchronous (blocking) manner, use the
740 * function PQconnectdb or PQconnectdbParams. The former accepts a string of
741 * option = value pairs (or a URI) which must be parsed; the latter takes two
742 * NULL terminated arrays instead.
743 *
744 * To connect in an asynchronous (non-blocking) manner, use the functions
745 * PQconnectStart or PQconnectStartParams (which differ in the same way as
746 * PQconnectdb and PQconnectdbParams) and PQconnectPoll.
747 *
748 * The non-exported functions pqConnectDBStart, pqConnectDBComplete are
749 * part of the connection procedure implementation.
750 */
751
752/*
753 * PQconnectdbParams
754 *
755 * establishes a connection to a postgres backend through the postmaster
756 * using connection information in two arrays.
757 *
758 * The keywords array is defined as
759 *
760 * const char *params[] = {"option1", "option2", NULL}
761 *
762 * The values array is defined as
763 *
764 * const char *values[] = {"value1", "value2", NULL}
765 *
766 * Returns a PGconn* which is needed for all subsequent libpq calls, or NULL
767 * if a memory allocation failed.
768 * If the status field of the connection returned is CONNECTION_BAD,
769 * then some fields may be null'ed out instead of having valid values.
770 *
771 * You should call PQfinish (if conn is not NULL) regardless of whether this
772 * call succeeded.
773 */
774PGconn *
775PQconnectdbParams(const char *const *keywords,
776 const char *const *values,
777 int expand_dbname)
778{
779 PGconn *conn = PQconnectStartParams(keywords, values, expand_dbname);
780
781 if (conn && conn->status != CONNECTION_BAD)
782 (void) pqConnectDBComplete(conn);
783
784 return conn;
785}
786
787/*
788 * PQpingParams
789 *
790 * check server status, accepting parameters identical to PQconnectdbParams
791 */
792PGPing
793PQpingParams(const char *const *keywords,
794 const char *const *values,
795 int expand_dbname)
796{
797 PGconn *conn = PQconnectStartParams(keywords, values, expand_dbname);
798 PGPing ret;
799
800 ret = internal_ping(conn);
801 PQfinish(conn);
802
803 return ret;
804}
805
806/*
807 * PQconnectdb
808 *
809 * establishes a connection to a postgres backend through the postmaster
810 * using connection information in a string.
811 *
812 * The conninfo string is either a whitespace-separated list of
813 *
814 * option = value
815 *
816 * definitions or a URI (refer to the documentation for details.) Value
817 * might be a single value containing no whitespaces or a single quoted
818 * string. If a single quote should appear anywhere in the value, it must be
819 * escaped with a backslash like \'
820 *
821 * Returns a PGconn* which is needed for all subsequent libpq calls, or NULL
822 * if a memory allocation failed.
823 * If the status field of the connection returned is CONNECTION_BAD,
824 * then some fields may be null'ed out instead of having valid values.
825 *
826 * You should call PQfinish (if conn is not NULL) regardless of whether this
827 * call succeeded.
828 */
829PGconn *
830PQconnectdb(const char *conninfo)
831{
832 PGconn *conn = PQconnectStart(conninfo);
833
834 if (conn && conn->status != CONNECTION_BAD)
835 (void) pqConnectDBComplete(conn);
836
837 return conn;
838}
839
840/*
841 * PQping
842 *
843 * check server status, accepting parameters identical to PQconnectdb
844 */
845PGPing
846PQping(const char *conninfo)
847{
848 PGconn *conn = PQconnectStart(conninfo);
849 PGPing ret;
850
851 ret = internal_ping(conn);
852 PQfinish(conn);
853
854 return ret;
855}
856
857/*
858 * PQconnectStartParams
859 *
860 * Begins the establishment of a connection to a postgres backend through the
861 * postmaster using connection information in a struct.
862 *
863 * See comment for PQconnectdbParams for the definition of the string format.
864 *
865 * Returns a PGconn*. If NULL is returned, a malloc error has occurred, and
866 * you should not attempt to proceed with this connection. If the status
867 * field of the connection returned is CONNECTION_BAD, an error has
868 * occurred. In this case you should call PQfinish on the result, (perhaps
869 * inspecting the error message first). Other fields of the structure may not
870 * be valid if that occurs. If the status field is not CONNECTION_BAD, then
871 * this stage has succeeded - call PQconnectPoll, using select(2) to see when
872 * this is necessary.
873 *
874 * See PQconnectPoll for more info.
875 */
876PGconn *
877PQconnectStartParams(const char *const *keywords,
878 const char *const *values,
879 int expand_dbname)
880{
881 PGconn *conn;
882 PQconninfoOption *connOptions;
883
884 /*
885 * Allocate memory for the conn structure. Note that we also expect this
886 * to initialize conn->errorMessage to empty. All subsequent steps during
887 * connection initialization will only append to that buffer.
888 */
889 conn = pqMakeEmptyPGconn();
890 if (conn == NULL)
891 return NULL;
892
893 /*
894 * Parse the conninfo arrays
895 */
896 connOptions = conninfo_array_parse(keywords, values,
897 &conn->errorMessage,
898 true, expand_dbname);
899 if (connOptions == NULL)
900 {
901 conn->status = CONNECTION_BAD;
902 /* errorMessage is already set */
903 return conn;
904 }
905
906 /*
907 * Move option values into conn structure
908 */
909 if (!fillPGconn(conn, connOptions))
910 {
911 PQconninfoFree(connOptions);
912 return conn;
913 }
914
915 /*
916 * Free the option info - all is in conn now
917 */
918 PQconninfoFree(connOptions);
919
920 /*
921 * Compute derived options
922 */
923 if (!pqConnectOptions2(conn))
924 return conn;
925
926 /*
927 * Connect to the database
928 */
929 if (!pqConnectDBStart(conn))
930 {
931 /* Just in case we failed to set it in pqConnectDBStart */
932 conn->status = CONNECTION_BAD;
933 }
934
935 return conn;
936}
937
938/*
939 * PQconnectStart
940 *
941 * Begins the establishment of a connection to a postgres backend through the
942 * postmaster using connection information in a string.
943 *
944 * See comment for PQconnectdb for the definition of the string format.
945 *
946 * Returns a PGconn*. If NULL is returned, a malloc error has occurred, and
947 * you should not attempt to proceed with this connection. If the status
948 * field of the connection returned is CONNECTION_BAD, an error has
949 * occurred. In this case you should call PQfinish on the result, (perhaps
950 * inspecting the error message first). Other fields of the structure may not
951 * be valid if that occurs. If the status field is not CONNECTION_BAD, then
952 * this stage has succeeded - call PQconnectPoll, using select(2) to see when
953 * this is necessary.
954 *
955 * See PQconnectPoll for more info.
956 */
957PGconn *
958PQconnectStart(const char *conninfo)
959{
960 PGconn *conn;
961
962 /*
963 * Allocate memory for the conn structure. Note that we also expect this
964 * to initialize conn->errorMessage to empty. All subsequent steps during
965 * connection initialization will only append to that buffer.
966 */
967 conn = pqMakeEmptyPGconn();
968 if (conn == NULL)
969 return NULL;
970
971 /*
972 * Parse the conninfo string
973 */
974 if (!connectOptions1(conn, conninfo))
975 return conn;
976
977 /*
978 * Compute derived options
979 */
980 if (!pqConnectOptions2(conn))
981 return conn;
982
983 /*
984 * Connect to the database
985 */
986 if (!pqConnectDBStart(conn))
987 {
988 /* Just in case we failed to set it in pqConnectDBStart */
989 conn->status = CONNECTION_BAD;
990 }
991
992 return conn;
993}
994
995/*
996 * Move option values into conn structure
997 *
998 * Don't put anything cute here --- intelligence should be in
999 * pqConnectOptions2 ...
1000 *
1001 * Returns true on success. On failure, returns false and sets error message.
1002 */
1003static bool
1004fillPGconn(PGconn *conn, PQconninfoOption *connOptions)
1005{
1006 const internalPQconninfoOption *option;
1007
1008 for (option = PQconninfoOptions; option->keyword; option++)
1009 {
1010 if (option->connofs >= 0)
1011 {
1012 const char *tmp = conninfo_getval(connOptions, option->keyword);
1013
1014 if (tmp)
1015 {
1016 char **connmember = (char **) ((char *) conn + option->connofs);
1017
1018 free(*connmember);
1019 *connmember = strdup(tmp);
1020 if (*connmember == NULL)
1021 {
1022 libpq_append_conn_error(conn, "out of memory");
1023 return false;
1024 }
1025 }
1026 }
1027 }
1028
1029 return true;
1030}
1031
1032/*
1033 * Copy over option values from srcConn to dstConn
1034 *
1035 * Don't put anything cute here --- intelligence should be in
1036 * pqConnectOptions2 ...
1037 *
1038 * Returns true on success. On failure, returns false and sets error message of
1039 * dstConn.
1040 */
1041bool
1042pqCopyPGconn(PGconn *srcConn, PGconn *dstConn)
1043{
1044 const internalPQconninfoOption *option;
1045
1046 /* copy over connection options */
1047 for (option = PQconninfoOptions; option->keyword; option++)
1048 {
1049 if (option->connofs >= 0)
1050 {
1051 const char **tmp = (const char **) ((char *) srcConn + option->connofs);
1052
1053 if (*tmp)
1054 {
1055 char **dstConnmember = (char **) ((char *) dstConn + option->connofs);
1056
1057 if (*dstConnmember)
1058 free(*dstConnmember);
1059 *dstConnmember = strdup(*tmp);
1060 if (*dstConnmember == NULL)
1061 {
1062 libpq_append_conn_error(dstConn, "out of memory");
1063 return false;
1064 }
1065 }
1066 }
1067 }
1068 return true;
1069}
1070
1071/*
1072 * connectOptions1
1073 *
1074 * Internal subroutine to set up connection parameters given an already-
1075 * created PGconn and a conninfo string. Derived settings should be
1076 * processed by calling pqConnectOptions2 next. (We split them because
1077 * PQsetdbLogin overrides defaults in between.)
1078 *
1079 * Returns true if OK, false if trouble (in which case errorMessage is set
1080 * and so is conn->status).
1081 */
1082static bool
1083connectOptions1(PGconn *conn, const char *conninfo)
1084{
1085 PQconninfoOption *connOptions;
1086
1087 /*
1088 * Parse the conninfo string
1089 */
1090 connOptions = parse_connection_string(conninfo, &conn->errorMessage, true);
1091 if (connOptions == NULL)
1092 {
1093 conn->status = CONNECTION_BAD;
1094 /* errorMessage is already set */
1095 return false;
1096 }
1097
1098 /*
1099 * Move option values into conn structure
1100 */
1101 if (!fillPGconn(conn, connOptions))
1102 {
1103 conn->status = CONNECTION_BAD;
1104 PQconninfoFree(connOptions);
1105 return false;
1106 }
1107
1108 /*
1109 * Free the option info - all is in conn now
1110 */
1111 PQconninfoFree(connOptions);
1112
1113 return true;
1114}
1115
1116/*
1117 * Count the number of elements in a simple comma-separated list.
1118 */
1119static int
1120count_comma_separated_elems(const char *input)
1121{
1122 int n;
1123
1124 n = 1;
1125 for (; *input != '\0'; input++)
1126 {
1127 if (*input == ',')
1128 n++;
1129 }
1130
1131 return n;
1132}
1133
1134/*
1135 * Parse a simple comma-separated list.
1136 *
1137 * On each call, returns a malloc'd copy of the next element, and sets *more
1138 * to indicate whether there are any more elements in the list after this,
1139 * and updates *startptr to point to the next element, if any.
1140 *
1141 * On out of memory, returns NULL.
1142 */
1143static char *
1144parse_comma_separated_list(char **startptr, bool *more)
1145{
1146 char *p;
1147 char *s = *startptr;
1148 char *e;
1149 size_t len;
1150
1151 /*
1152 * Search for the end of the current element; a comma or end-of-string
1153 * acts as a terminator.
1154 */
1155 e = s;
1156 while (*e != '\0' && *e != ',')
1157 ++e;
1158 *more = (*e == ',');
1159
1160 len = e - s;
1161 p = (char *) malloc(sizeof(char) * (len + 1));
1162 if (p)
1163 {
1164 memcpy(p, s, len);
1165 p[len] = '\0';
1166 }
1167 *startptr = e + 1;
1168
1169 return p;
1170}
1171
1172/*
1173 * Initializes the prng_state field of the connection. We want something
1174 * unpredictable, so if possible, use high-quality random bits for the
1175 * seed. Otherwise, fall back to a seed based on the connection address,
1176 * timestamp and PID.
1177 */
1178static void
1179libpq_prng_init(PGconn *conn)
1180{
1181 uint64 rseed;
1182 struct timeval tval = {0};
1183
1184 if (pg_prng_strong_seed(&conn->prng_state))
1185 return;
1186
1187 gettimeofday(&tval, NULL);
1188
1189 rseed = ((uintptr_t) conn) ^
1190 ((uint64) getpid()) ^
1191 ((uint64) tval.tv_usec) ^
1192 ((uint64) tval.tv_sec);
1193
1194 pg_prng_seed(&conn->prng_state, rseed);
1195}
1196
1197/*
1198 * Fills the connection's allowed_sasl_mechs list with all supported SASL
1199 * mechanisms.
1200 */
1201static inline void
1202fill_allowed_sasl_mechs(PGconn *conn)
1203{
1204 /*---
1205 * We only support two mechanisms at the moment, so rather than deal with a
1206 * linked list, conn->allowed_sasl_mechs is an array of static length. We
1207 * rely on the compile-time assertion here to keep us honest.
1208 *
1209 * To add a new mechanism to require_auth,
1210 * - add it to supported_sasl_mechs,
1211 * - update the length of conn->allowed_sasl_mechs,
1212 * - handle the new mechanism name in the require_auth portion of
1213 * pqConnectOptions2(), below.
1214 */
1215 StaticAssertDecl(lengthof(conn->allowed_sasl_mechs) == SASL_MECHANISM_COUNT,
1216 "conn->allowed_sasl_mechs[] is not sufficiently large for holding all supported SASL mechanisms");
1217
1218 for (int i = 0; i < SASL_MECHANISM_COUNT; i++)
1219 conn->allowed_sasl_mechs[i] = supported_sasl_mechs[i];
1220}
1221
1222/*
1223 * Clears the connection's allowed_sasl_mechs list.
1224 */
1225static inline void
1231
1232/*
1233 * Helper routine that searches the static allowed_sasl_mechs list for a
1234 * specific mechanism.
1235 */
1236static inline int
1237index_of_allowed_sasl_mech(PGconn *conn, const pg_fe_sasl_mech *mech)
1238{
1239 for (int i = 0; i < lengthof(conn->allowed_sasl_mechs); i++)
1240 {
1241 if (conn->allowed_sasl_mechs[i] == mech)
1242 return i;
1243 }
1244
1245 return -1;
1246}
1247
1248/*
1249 * pqConnectOptions2
1250 *
1251 * Compute derived connection options after absorbing all user-supplied info.
1252 *
1253 * Returns true if OK, false if trouble (in which case errorMessage is set
1254 * and so is conn->status).
1255 */
1256bool
1257pqConnectOptions2(PGconn *conn)
1258{
1259 int i;
1260
1261 /*
1262 * Allocate memory for details about each host to which we might possibly
1263 * try to connect. For that, count the number of elements in the hostaddr
1264 * or host options. If neither is given, assume one host.
1265 */
1266 conn->whichhost = 0;
1267 if (conn->pghostaddr && conn->pghostaddr[0] != '\0')
1268 conn->nconnhost = count_comma_separated_elems(conn->pghostaddr);
1269 else if (conn->pghost && conn->pghost[0] != '\0')
1270 conn->nconnhost = count_comma_separated_elems(conn->pghost);
1271 else
1272 conn->nconnhost = 1;
1273 conn->connhost = (pg_conn_host *)
1274 calloc(conn->nconnhost, sizeof(pg_conn_host));
1275 if (conn->connhost == NULL)
1276 goto oom_error;
1277
1278 /*
1279 * We now have one pg_conn_host structure per possible host. Fill in the
1280 * host and hostaddr fields for each, by splitting the parameter strings.
1281 */
1282 if (conn->pghostaddr != NULL && conn->pghostaddr[0] != '\0')
1283 {
1284 char *s = conn->pghostaddr;
1285 bool more = true;
1286
1287 for (i = 0; i < conn->nconnhost && more; i++)
1288 {
1289 conn->connhost[i].hostaddr = parse_comma_separated_list(&s, &more);
1290 if (conn->connhost[i].hostaddr == NULL)
1291 goto oom_error;
1292 }
1293
1294 /*
1295 * If hostaddr was given, the array was allocated according to the
1296 * number of elements in the hostaddr list, so it really should be the
1297 * right size.
1298 */
1299 Assert(!more);
1300 Assert(i == conn->nconnhost);
1301 }
1302
1303 if (conn->pghost != NULL && conn->pghost[0] != '\0')
1304 {
1305 char *s = conn->pghost;
1306 bool more = true;
1307
1308 for (i = 0; i < conn->nconnhost && more; i++)
1309 {
1310 conn->connhost[i].host = parse_comma_separated_list(&s, &more);
1311 if (conn->connhost[i].host == NULL)
1312 goto oom_error;
1313 }
1314
1315 /* Check for wrong number of host items. */
1316 if (more || i != conn->nconnhost)
1317 {
1318 conn->status = CONNECTION_BAD;
1319 libpq_append_conn_error(conn, "could not match %d host names to %d hostaddr values",
1320 count_comma_separated_elems(conn->pghost), conn->nconnhost);
1321 return false;
1322 }
1323 }
1324
1325 /*
1326 * Now, for each host slot, identify the type of address spec, and fill in
1327 * the default address if nothing was given.
1328 */
1329 for (i = 0; i < conn->nconnhost; i++)
1330 {
1331 pg_conn_host *ch = &conn->connhost[i];
1332
1333 if (ch->hostaddr != NULL && ch->hostaddr[0] != '\0')
1334 ch->type = CHT_HOST_ADDRESS;
1335 else if (ch->host != NULL && ch->host[0] != '\0')
1336 {
1337 ch->type = CHT_HOST_NAME;
1338 if (is_unixsock_path(ch->host))
1339 ch->type = CHT_UNIX_SOCKET;
1340 }
1341 else
1342 {
1343 free(ch->host);
1344
1345 /*
1346 * This bit selects the default host location. If you change
1347 * this, see also pg_regress.
1348 */
1349 if (DEFAULT_PGSOCKET_DIR[0])
1350 {
1351 ch->host = strdup(DEFAULT_PGSOCKET_DIR);
1352 ch->type = CHT_UNIX_SOCKET;
1353 }
1354 else
1355 {
1356 ch->host = strdup(DefaultHost);
1357 ch->type = CHT_HOST_NAME;
1358 }
1359 if (ch->host == NULL)
1360 goto oom_error;
1361 }
1362 }
1363
1364 /*
1365 * Next, work out the port number corresponding to each host name.
1366 *
1367 * Note: unlike the above for host names, this could leave the port fields
1368 * as null or empty strings. We will substitute DEF_PGPORT whenever we
1369 * read such a port field.
1370 */
1371 if (conn->pgport != NULL && conn->pgport[0] != '\0')
1372 {
1373 char *s = conn->pgport;
1374 bool more = true;
1375
1376 for (i = 0; i < conn->nconnhost && more; i++)
1377 {
1378 conn->connhost[i].port = parse_comma_separated_list(&s, &more);
1379 if (conn->connhost[i].port == NULL)
1380 goto oom_error;
1381 }
1382
1383 /*
1384 * If exactly one port was given, use it for every host. Otherwise,
1385 * there must be exactly as many ports as there were hosts.
1386 */
1387 if (i == 1 && !more)
1388 {
1389 for (i = 1; i < conn->nconnhost; i++)
1390 {
1391 conn->connhost[i].port = strdup(conn->connhost[0].port);
1392 if (conn->connhost[i].port == NULL)
1393 goto oom_error;
1394 }
1395 }
1396 else if (more || i != conn->nconnhost)
1397 {
1398 conn->status = CONNECTION_BAD;
1399 libpq_append_conn_error(conn, "could not match %d port numbers to %d hosts",
1400 count_comma_separated_elems(conn->pgport), conn->nconnhost);
1401 return false;
1402 }
1403 }
1404
1405 /*
1406 * If user name was not given, fetch it. (Most likely, the fetch will
1407 * fail, since the only way we get here is if pg_fe_getauthname() failed
1408 * during conninfo_add_defaults(). But now we want an error message.)
1409 */
1410 if (conn->pguser == NULL || conn->pguser[0] == '\0')
1411 {
1412 free(conn->pguser);
1413 conn->pguser = pg_fe_getauthname(&conn->errorMessage);
1414 if (!conn->pguser)
1415 {
1416 conn->status = CONNECTION_BAD;
1417 return false;
1418 }
1419 }
1420
1421 /*
1422 * If database name was not given, default it to equal user name
1423 */
1424 if (conn->dbName == NULL || conn->dbName[0] == '\0')
1425 {
1426 free(conn->dbName);
1427 conn->dbName = strdup(conn->pguser);
1428 if (!conn->dbName)
1429 goto oom_error;
1430 }
1431
1432 /*
1433 * If password was not given, try to look it up in password file. Note
1434 * that the result might be different for each host/port pair.
1435 */
1436 if (conn->pgpass == NULL || conn->pgpass[0] == '\0')
1437 {
1438 /* If password file wasn't specified, use ~/PGPASSFILE */
1439 if (conn->pgpassfile == NULL || conn->pgpassfile[0] == '\0')
1440 {
1441 char homedir[MAXPGPATH];
1442
1443 if (pqGetHomeDirectory(homedir, sizeof(homedir)))
1444 {
1445 free(conn->pgpassfile);
1446 conn->pgpassfile = malloc(MAXPGPATH);
1447 if (!conn->pgpassfile)
1448 goto oom_error;
1449 snprintf(conn->pgpassfile, MAXPGPATH, "%s/%s",
1450 homedir, PGPASSFILE);
1451 }
1452 }
1453
1454 if (conn->pgpassfile != NULL && conn->pgpassfile[0] != '\0')
1455 {
1456 for (i = 0; i < conn->nconnhost; i++)
1457 {
1458 /*
1459 * Try to get a password for this host from file. We use host
1460 * for the hostname search key if given, else hostaddr (at
1461 * least one of them is guaranteed nonempty by now).
1462 */
1463 const char *pwhost = conn->connhost[i].host;
1464 const char *password_errmsg = NULL;
1465
1466 if (pwhost == NULL || pwhost[0] == '\0')
1467 pwhost = conn->connhost[i].hostaddr;
1468
1469 conn->connhost[i].password =
1470 passwordFromFile(pwhost,
1471 conn->connhost[i].port,
1472 conn->dbName,
1473 conn->pguser,
1474 conn->pgpassfile,
1475 &password_errmsg);
1476
1477 if (password_errmsg != NULL)
1478 {
1479 conn->status = CONNECTION_BAD;
1480 libpq_append_conn_error(conn, "%s", password_errmsg);
1481 return false;
1482 }
1483 }
1484 }
1485 }
1486
1487 /*
1488 * parse and validate require_auth option
1489 */
1490 if (conn->require_auth && conn->require_auth[0])
1491 {
1492 char *s = conn->require_auth;
1493 bool first,
1494 more;
1495 bool negated = false;
1496
1497 /*
1498 * By default, start from an empty set of allowed methods and
1499 * mechanisms, and add to it.
1500 */
1501 conn->auth_required = true;
1502 conn->allowed_auth_methods = 0;
1503 clear_allowed_sasl_mechs(conn);
1504
1505 for (first = true, more = true; more; first = false)
1506 {
1507 char *method,
1508 *part;
1509 uint32 bits = 0;
1510 const pg_fe_sasl_mech *mech = NULL;
1511
1512 part = parse_comma_separated_list(&s, &more);
1513 if (part == NULL)
1514 goto oom_error;
1515
1516 /*
1517 * Check for negation, e.g. '!password'. If one element is
1518 * negated, they all have to be.
1519 */
1520 method = part;
1521 if (*method == '!')
1522 {
1523 if (first)
1524 {
1525 /*
1526 * Switch to a permissive set of allowed methods and
1527 * mechanisms, and subtract from it.
1528 */
1529 conn->auth_required = false;
1530 conn->allowed_auth_methods = -1;
1531 fill_allowed_sasl_mechs(conn);
1532 }
1533 else if (!negated)
1534 {
1535 conn->status = CONNECTION_BAD;
1536 libpq_append_conn_error(conn, "negative require_auth method \"%s\" cannot be mixed with non-negative methods",
1537 method);
1538
1539 free(part);
1540 return false;
1541 }
1542
1543 negated = true;
1544 method++;
1545 }
1546 else if (negated)
1547 {
1548 conn->status = CONNECTION_BAD;
1549 libpq_append_conn_error(conn, "require_auth method \"%s\" cannot be mixed with negative methods",
1550 method);
1551
1552 free(part);
1553 return false;
1554 }
1555
1556 /*
1557 * First group: methods that can be handled solely with the
1558 * authentication request codes.
1559 */
1560 if (strcmp(method, "password") == 0)
1561 {
1562 bits = (1 << AUTH_REQ_PASSWORD);
1563 }
1564 else if (strcmp(method, "md5") == 0)
1565 {
1566 bits = (1 << AUTH_REQ_MD5);
1567 }
1568 else if (strcmp(method, "gss") == 0)
1569 {
1570 bits = (1 << AUTH_REQ_GSS);
1571 bits |= (1 << AUTH_REQ_GSS_CONT);
1572 }
1573 else if (strcmp(method, "sspi") == 0)
1574 {
1575 bits = (1 << AUTH_REQ_SSPI);
1576 bits |= (1 << AUTH_REQ_GSS_CONT);
1577 }
1578
1579 /*
1580 * Next group: SASL mechanisms. All of these use the same request
1581 * codes, so the list of allowed mechanisms is tracked separately.
1582 *
1583 * supported_sasl_mechs must contain all mechanisms handled here.
1584 */
1585 else if (strcmp(method, "scram-sha-256") == 0)
1586 {
1587 mech = &pg_scram_mech;
1588 }
1589 else if (strcmp(method, "oauth") == 0)
1590 {
1591 mech = &pg_oauth_mech;
1592 }
1593
1594 /*
1595 * Final group: meta-options.
1596 */
1597 else if (strcmp(method, "none") == 0)
1598 {
1599 /*
1600 * Special case: let the user explicitly allow (or disallow)
1601 * connections where the server does not send an explicit
1602 * authentication challenge, such as "trust" and "cert" auth.
1603 */
1604 if (negated) /* "!none" */
1605 {
1606 if (conn->auth_required)
1607 goto duplicate;
1608
1609 conn->auth_required = true;
1610 }
1611 else /* "none" */
1612 {
1613 if (!conn->auth_required)
1614 goto duplicate;
1615
1616 conn->auth_required = false;
1617 }
1618
1619 free(part);
1620 continue; /* avoid the bitmask manipulation below */
1621 }
1622 else
1623 {
1624 conn->status = CONNECTION_BAD;
1625 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
1626 "require_auth", method);
1627
1628 free(part);
1629 return false;
1630 }
1631
1632 if (mech)
1633 {
1634 /*
1635 * Update the mechanism set only. The method bitmask will be
1636 * updated for SASL further down.
1637 */
1638 Assert(!bits);
1639
1640 if (negated)
1641 {
1642 /* Remove the existing mechanism from the list. */
1643 i = index_of_allowed_sasl_mech(conn, mech);
1644 if (i < 0)
1645 goto duplicate;
1646
1647 conn->allowed_sasl_mechs[i] = NULL;
1648 }
1649 else
1650 {
1651 /*
1652 * Find a space to put the new mechanism (after making
1653 * sure it's not already there).
1654 */
1655 i = index_of_allowed_sasl_mech(conn, mech);
1656 if (i >= 0)
1657 goto duplicate;
1658
1659 i = index_of_allowed_sasl_mech(conn, NULL);
1660 if (i < 0)
1661 {
1662 /* Should not happen; the pointer list is corrupted. */
1663 Assert(false);
1664
1665 conn->status = CONNECTION_BAD;
1666 libpq_append_conn_error(conn,
1667 "internal error: no space in allowed_sasl_mechs");
1668 free(part);
1669 return false;
1670 }
1671
1672 conn->allowed_sasl_mechs[i] = mech;
1673 }
1674 }
1675 else
1676 {
1677 /* Update the method bitmask. */
1678 Assert(bits);
1679
1680 if (negated)
1681 {
1682 if ((conn->allowed_auth_methods & bits) == 0)
1683 goto duplicate;
1684
1685 conn->allowed_auth_methods &= ~bits;
1686 }
1687 else
1688 {
1689 if ((conn->allowed_auth_methods & bits) == bits)
1690 goto duplicate;
1691
1692 conn->allowed_auth_methods |= bits;
1693 }
1694 }
1695
1696 free(part);
1697 continue;
1698
1699 duplicate:
1700
1701 /*
1702 * A duplicated method probably indicates a typo in a setting
1703 * where typos are extremely risky.
1704 */
1705 conn->status = CONNECTION_BAD;
1706 libpq_append_conn_error(conn, "require_auth method \"%s\" is specified more than once",
1707 part);
1708
1709 free(part);
1710 return false;
1711 }
1712
1713 /*
1714 * Finally, allow SASL authentication requests if (and only if) we've
1715 * allowed any mechanisms.
1716 */
1717 {
1718 bool allowed = false;
1719 const uint32 sasl_bits =
1720 (1 << AUTH_REQ_SASL)
1721 | (1 << AUTH_REQ_SASL_CONT)
1722 | (1 << AUTH_REQ_SASL_FIN);
1723
1724 for (i = 0; i < lengthof(conn->allowed_sasl_mechs); i++)
1725 {
1726 if (conn->allowed_sasl_mechs[i])
1727 {
1728 allowed = true;
1729 break;
1730 }
1731 }
1732
1733 /*
1734 * For the standard case, add the SASL bits to the (default-empty)
1735 * set if needed. For the negated case, remove them.
1736 */
1737 if (!negated && allowed)
1738 conn->allowed_auth_methods |= sasl_bits;
1739 else if (negated && !allowed)
1740 conn->allowed_auth_methods &= ~sasl_bits;
1741 }
1742 }
1743
1744 /*
1745 * validate channel_binding option
1746 */
1747 if (conn->channel_binding)
1748 {
1749 if (strcmp(conn->channel_binding, "disable") != 0
1750 && strcmp(conn->channel_binding, "prefer") != 0
1751 && strcmp(conn->channel_binding, "require") != 0)
1752 {
1753 conn->status = CONNECTION_BAD;
1754 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
1755 "channel_binding", conn->channel_binding);
1756 return false;
1757 }
1758 }
1759 else
1760 {
1761 conn->channel_binding = strdup(DefaultChannelBinding);
1762 if (!conn->channel_binding)
1763 goto oom_error;
1764 }
1765
1766#ifndef USE_SSL
1767
1768 /*
1769 * sslrootcert=system is not supported. Since setting this changes the
1770 * default sslmode, check this _before_ we validate sslmode, to avoid
1771 * confusing the user with errors for an option they may not have set.
1772 */
1773 if (conn->sslrootcert
1774 && strcmp(conn->sslrootcert, "system") == 0)
1775 {
1776 conn->status = CONNECTION_BAD;
1777 libpq_append_conn_error(conn, "%s value \"%s\" invalid when SSL support is not compiled in",
1778 "sslrootcert", conn->sslrootcert);
1779 return false;
1780 }
1781#endif
1782
1783 /*
1784 * validate sslmode option
1785 */
1786 if (conn->sslmode)
1787 {
1788 if (strcmp(conn->sslmode, "disable") != 0
1789 && strcmp(conn->sslmode, "allow") != 0
1790 && strcmp(conn->sslmode, "prefer") != 0
1791 && strcmp(conn->sslmode, "require") != 0
1792 && strcmp(conn->sslmode, "verify-ca") != 0
1793 && strcmp(conn->sslmode, "verify-full") != 0)
1794 {
1795 conn->status = CONNECTION_BAD;
1796 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
1797 "sslmode", conn->sslmode);
1798 return false;
1799 }
1800
1801#ifndef USE_SSL
1802 switch (conn->sslmode[0])
1803 {
1804 case 'a': /* "allow" */
1805 case 'p': /* "prefer" */
1806
1807 /*
1808 * warn user that an SSL connection will never be negotiated
1809 * since SSL was not compiled in?
1810 */
1811 break;
1812
1813 case 'r': /* "require" */
1814 case 'v': /* "verify-ca" or "verify-full" */
1815 conn->status = CONNECTION_BAD;
1816 libpq_append_conn_error(conn, "%s value \"%s\" invalid when SSL support is not compiled in",
1817 "sslmode", conn->sslmode);
1818 return false;
1819 }
1820#endif
1821 }
1822 else
1823 {
1824 conn->sslmode = strdup(DefaultSSLMode);
1825 if (!conn->sslmode)
1826 goto oom_error;
1827 }
1828
1829 /*
1830 * validate sslnegotiation option, default is "postgres" for the postgres
1831 * style negotiated connection with an extra round trip but more options.
1832 */
1833 if (conn->sslnegotiation)
1834 {
1835 if (strcmp(conn->sslnegotiation, "postgres") != 0
1836 && strcmp(conn->sslnegotiation, "direct") != 0)
1837 {
1838 conn->status = CONNECTION_BAD;
1839 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
1840 "sslnegotiation", conn->sslnegotiation);
1841 return false;
1842 }
1843
1844#ifndef USE_SSL
1845 if (conn->sslnegotiation[0] != 'p')
1846 {
1847 conn->status = CONNECTION_BAD;
1848 libpq_append_conn_error(conn, "%s value \"%s\" invalid when SSL support is not compiled in",
1849 "sslnegotiation", conn->sslnegotiation);
1850 return false;
1851 }
1852#endif
1853
1854 /*
1855 * Don't allow direct SSL negotiation with sslmode='prefer', because
1856 * that poses a risk of unintentional fallback to plaintext connection
1857 * when connecting to a pre-v17 server that does not support direct
1858 * SSL connections. To keep things simple, don't allow it with
1859 * sslmode='allow' or sslmode='disable' either. If a user goes through
1860 * the trouble of setting sslnegotiation='direct', they probably
1861 * intend to use SSL, and sslmode=disable or allow is probably a user
1862 * mistake anyway.
1863 */
1864 if (conn->sslnegotiation[0] == 'd' &&
1865 conn->sslmode[0] != 'r' && conn->sslmode[0] != 'v')
1866 {
1867 conn->status = CONNECTION_BAD;
1868 libpq_append_conn_error(conn, "weak sslmode \"%s\" may not be used with sslnegotiation=direct (use \"require\", \"verify-ca\", or \"verify-full\")",
1869 conn->sslmode);
1870 return false;
1871 }
1872 }
1873 else
1874 {
1875 conn->sslnegotiation = strdup(DefaultSSLNegotiation);
1876 if (!conn->sslnegotiation)
1877 goto oom_error;
1878 }
1879
1880#ifdef USE_SSL
1881
1882 /*
1883 * If sslrootcert=system, make sure our chosen sslmode is compatible.
1884 */
1885 if (conn->sslrootcert
1886 && strcmp(conn->sslrootcert, "system") == 0
1887 && strcmp(conn->sslmode, "verify-full") != 0)
1888 {
1889 conn->status = CONNECTION_BAD;
1890 libpq_append_conn_error(conn, "weak sslmode \"%s\" may not be used with sslrootcert=system (use \"verify-full\")",
1891 conn->sslmode);
1892 return false;
1893 }
1894#endif
1895
1896 /*
1897 * Validate TLS protocol versions for ssl_min_protocol_version and
1898 * ssl_max_protocol_version.
1899 */
1900 if (!sslVerifyProtocolVersion(conn->ssl_min_protocol_version))
1901 {
1902 conn->status = CONNECTION_BAD;
1903 libpq_append_conn_error(conn, "invalid \"%s\" value: \"%s\"",
1904 "ssl_min_protocol_version",
1905 conn->ssl_min_protocol_version);
1906 return false;
1907 }
1908 if (!sslVerifyProtocolVersion(conn->ssl_max_protocol_version))
1909 {
1910 conn->status = CONNECTION_BAD;
1911 libpq_append_conn_error(conn, "invalid \"%s\" value: \"%s\"",
1912 "ssl_max_protocol_version",
1913 conn->ssl_max_protocol_version);
1914 return false;
1915 }
1916
1917 /*
1918 * Check if the range of SSL protocols defined is correct. This is done
1919 * at this early step because this is independent of the SSL
1920 * implementation used, and this avoids unnecessary cycles with an
1921 * already-built SSL context when the connection is being established, as
1922 * it would be doomed anyway.
1923 */
1924 if (!sslVerifyProtocolRange(conn->ssl_min_protocol_version,
1925 conn->ssl_max_protocol_version))
1926 {
1927 conn->status = CONNECTION_BAD;
1928 libpq_append_conn_error(conn, "invalid SSL protocol version range");
1929 return false;
1930 }
1931
1932 /*
1933 * validate sslcertmode option
1934 */
1935 if (conn->sslcertmode)
1936 {
1937 if (strcmp(conn->sslcertmode, "disable") != 0 &&
1938 strcmp(conn->sslcertmode, "allow") != 0 &&
1939 strcmp(conn->sslcertmode, "require") != 0)
1940 {
1941 conn->status = CONNECTION_BAD;
1942 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
1943 "sslcertmode", conn->sslcertmode);
1944 return false;
1945 }
1946#ifndef USE_SSL
1947 if (strcmp(conn->sslcertmode, "require") == 0)
1948 {
1949 conn->status = CONNECTION_BAD;
1950 libpq_append_conn_error(conn, "%s value \"%s\" invalid when SSL support is not compiled in",
1951 "sslcertmode", conn->sslcertmode);
1952 return false;
1953 }
1954#endif
1955#ifndef HAVE_SSL_CTX_SET_CERT_CB
1956
1957 /*
1958 * Without a certificate callback, the current implementation can't
1959 * figure out if a certificate was actually requested, so "require" is
1960 * useless.
1961 */
1962 if (strcmp(conn->sslcertmode, "require") == 0)
1963 {
1964 conn->status = CONNECTION_BAD;
1965 libpq_append_conn_error(conn, "%s value \"%s\" is not supported (check OpenSSL version)",
1966 "sslcertmode", conn->sslcertmode);
1967 return false;
1968 }
1969#endif
1970 }
1971 else
1972 {
1973 conn->sslcertmode = strdup(DefaultSSLCertMode);
1974 if (!conn->sslcertmode)
1975 goto oom_error;
1976 }
1977
1978 /*
1979 * validate gssencmode option
1980 */
1981 if (conn->gssencmode)
1982 {
1983 if (strcmp(conn->gssencmode, "disable") != 0 &&
1984 strcmp(conn->gssencmode, "prefer") != 0 &&
1985 strcmp(conn->gssencmode, "require") != 0)
1986 {
1987 conn->status = CONNECTION_BAD;
1988 libpq_append_conn_error(conn, "invalid %s value: \"%s\"", "gssencmode", conn->gssencmode);
1989 return false;
1990 }
1991#ifndef ENABLE_GSS
1992 if (strcmp(conn->gssencmode, "require") == 0)
1993 {
1994 conn->status = CONNECTION_BAD;
1995 libpq_append_conn_error(conn, "gssencmode value \"%s\" invalid when GSSAPI support is not compiled in",
1996 conn->gssencmode);
1997 return false;
1998 }
1999#endif
2000 }
2001 else
2002 {
2003 conn->gssencmode = strdup(DefaultGSSMode);
2004 if (!conn->gssencmode)
2005 goto oom_error;
2006 }
2007
2008 /*
2009 * validate target_session_attrs option, and set target_server_type
2010 */
2011 if (conn->target_session_attrs)
2012 {
2013 if (strcmp(conn->target_session_attrs, "any") == 0)
2014 conn->target_server_type = SERVER_TYPE_ANY;
2015 else if (strcmp(conn->target_session_attrs, "read-write") == 0)
2016 conn->target_server_type = SERVER_TYPE_READ_WRITE;
2017 else if (strcmp(conn->target_session_attrs, "read-only") == 0)
2018 conn->target_server_type = SERVER_TYPE_READ_ONLY;
2019 else if (strcmp(conn->target_session_attrs, "primary") == 0)
2020 conn->target_server_type = SERVER_TYPE_PRIMARY;
2021 else if (strcmp(conn->target_session_attrs, "standby") == 0)
2022 conn->target_server_type = SERVER_TYPE_STANDBY;
2023 else if (strcmp(conn->target_session_attrs, "prefer-standby") == 0)
2024 conn->target_server_type = SERVER_TYPE_PREFER_STANDBY;
2025 else
2026 {
2027 conn->status = CONNECTION_BAD;
2028 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
2029 "target_session_attrs",
2030 conn->target_session_attrs);
2031 return false;
2032 }
2033 }
2034 else
2035 conn->target_server_type = SERVER_TYPE_ANY;
2036
2037 if (conn->scram_client_key)
2038 {
2039 int len;
2040
2041 len = pg_b64_dec_len(strlen(conn->scram_client_key));
2042 conn->scram_client_key_binary = malloc(len);
2043 if (!conn->scram_client_key_binary)
2044 goto oom_error;
2045 len = pg_b64_decode(conn->scram_client_key, strlen(conn->scram_client_key),
2046 conn->scram_client_key_binary, len);
2047 if (len < 0)
2048 {
2049 libpq_append_conn_error(conn, "invalid SCRAM client key");
2050 return false;
2051 }
2052 if (len != SCRAM_MAX_KEY_LEN)
2053 {
2054 libpq_append_conn_error(conn, "invalid SCRAM client key length: %d", len);
2055 return false;
2056 }
2057 conn->scram_client_key_len = len;
2058 }
2059
2060 if (conn->scram_server_key)
2061 {
2062 int len;
2063
2064 len = pg_b64_dec_len(strlen(conn->scram_server_key));
2065 conn->scram_server_key_binary = malloc(len);
2066 if (!conn->scram_server_key_binary)
2067 goto oom_error;
2068 len = pg_b64_decode(conn->scram_server_key, strlen(conn->scram_server_key),
2069 conn->scram_server_key_binary, len);
2070 if (len < 0)
2071 {
2072 libpq_append_conn_error(conn, "invalid SCRAM server key");
2073 return false;
2074 }
2075 if (len != SCRAM_MAX_KEY_LEN)
2076 {
2077 libpq_append_conn_error(conn, "invalid SCRAM server key length: %d", len);
2078 return false;
2079 }
2080 conn->scram_server_key_len = len;
2081 }
2082
2083 /*
2084 * validate load_balance_hosts option, and set load_balance_type
2085 */
2086 if (conn->load_balance_hosts)
2087 {
2088 if (strcmp(conn->load_balance_hosts, "disable") == 0)
2089 conn->load_balance_type = LOAD_BALANCE_DISABLE;
2090 else if (strcmp(conn->load_balance_hosts, "random") == 0)
2091 conn->load_balance_type = LOAD_BALANCE_RANDOM;
2092 else
2093 {
2094 conn->status = CONNECTION_BAD;
2095 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
2096 "load_balance_hosts",
2097 conn->load_balance_hosts);
2098 return false;
2099 }
2100 }
2101 else
2102 conn->load_balance_type = LOAD_BALANCE_DISABLE;
2103
2104 if (conn->load_balance_type == LOAD_BALANCE_RANDOM)
2105 {
2106 libpq_prng_init(conn);
2107
2108 /*
2109 * This is the "inside-out" variant of the Fisher-Yates shuffle
2110 * algorithm. Notionally, we append each new value to the array and
2111 * then swap it with a randomly-chosen array element (possibly
2112 * including itself, else we fail to generate permutations with the
2113 * last integer last). The swap step can be optimized by combining it
2114 * with the insertion.
2115 */
2116 for (i = 1; i < conn->nconnhost; i++)
2117 {
2118 int j = pg_prng_uint64_range(&conn->prng_state, 0, i);
2119 pg_conn_host temp = conn->connhost[j];
2120
2121 conn->connhost[j] = conn->connhost[i];
2122 conn->connhost[i] = temp;
2123 }
2124 }
2125
2126 if (conn->min_protocol_version)
2127 {
2128 if (!pqParseProtocolVersion(conn->min_protocol_version, &conn->min_pversion, conn, "min_protocol_version"))
2129 {
2130 conn->status = CONNECTION_BAD;
2131 return false;
2132 }
2133 }
2134 else
2135 {
2136 conn->min_pversion = PG_PROTOCOL_EARLIEST;
2137 }
2138
2139 if (conn->max_protocol_version)
2140 {
2141 if (!pqParseProtocolVersion(conn->max_protocol_version, &conn->max_pversion, conn, "max_protocol_version"))
2142 {
2143 conn->status = CONNECTION_BAD;
2144 return false;
2145 }
2146 }
2147 else
2148 {
2149 /*
2150 * Default to PG_PROTOCOL_GREASE, which is larger than all real
2151 * versions, to test negotiation. The server should automatically
2152 * downgrade to a supported version.
2153 *
2154 * This behavior is for 19beta only. It will be reverted before RC1.
2155 */
2156 conn->max_pversion = PG_PROTOCOL_GREASE;
2157 }
2158
2159 if (conn->min_pversion > conn->max_pversion)
2160 {
2161 conn->status = CONNECTION_BAD;
2162 libpq_append_conn_error(conn, "\"%s\" is greater than \"%s\"", "min_protocol_version", "max_protocol_version");
2163 return false;
2164 }
2165
2166 /*
2167 * Resolve special "auto" client_encoding from the locale
2168 */
2169 if (conn->client_encoding_initial &&
2170 strcmp(conn->client_encoding_initial, "auto") == 0)
2171 {
2172 free(conn->client_encoding_initial);
2173 conn->client_encoding_initial = strdup(pg_encoding_to_char(pg_get_encoding_from_locale(NULL, true)));
2174 if (!conn->client_encoding_initial)
2175 goto oom_error;
2176 }
2177
2178 /*
2179 * Only if we get this far is it appropriate to try to connect. (We need a
2180 * state flag, rather than just the boolean result of this function, in
2181 * case someone tries to PQreset() the PGconn.)
2182 */
2183 conn->options_valid = true;
2184
2185 return true;
2186
2187oom_error:
2188 conn->status = CONNECTION_BAD;
2189 libpq_append_conn_error(conn, "out of memory");
2190 return false;
2191}
2192
2193/*
2194 * PQconndefaults
2195 *
2196 * Construct a default connection options array, which identifies all the
2197 * available options and shows any default values that are available from the
2198 * environment etc. On error (eg out of memory), NULL is returned.
2199 *
2200 * Using this function, an application may determine all possible options
2201 * and their current default values.
2202 *
2203 * NOTE: as of PostgreSQL 7.0, the returned array is dynamically allocated
2204 * and should be freed when no longer needed via PQconninfoFree(). (In prior
2205 * versions, the returned array was static, but that's not thread-safe.)
2206 * Pre-7.0 applications that use this function will see a small memory leak
2207 * until they are updated to call PQconninfoFree.
2208 */
2209PQconninfoOption *
2210PQconndefaults(void)
2211{
2212 PQExpBufferData errorBuf;
2213 PQconninfoOption *connOptions;
2214
2215 /* We don't actually report any errors here, but callees want a buffer */
2216 initPQExpBuffer(&errorBuf);
2217 if (PQExpBufferDataBroken(errorBuf))
2218 return NULL; /* out of memory already :-( */
2219
2220 connOptions = conninfo_init(&errorBuf);
2221 if (connOptions != NULL)
2222 {
2223 /* pass NULL errorBuf to ignore errors */
2224 if (!conninfo_add_defaults(connOptions, NULL))
2225 {
2226 PQconninfoFree(connOptions);
2227 connOptions = NULL;
2228 }
2229 }
2230
2231 termPQExpBuffer(&errorBuf);
2232 return connOptions;
2233}
2234
2235/* ----------------
2236 * PQsetdbLogin
2237 *
2238 * establishes a connection to a postgres backend through the postmaster
2239 * at the specified host and port.
2240 *
2241 * returns a PGconn* which is needed for all subsequent libpq calls
2242 *
2243 * if the status field of the connection returned is CONNECTION_BAD,
2244 * then only the errorMessage is likely to be useful.
2245 * ----------------
2246 */
2247PGconn *
2248PQsetdbLogin(const char *pghost, const char *pgport, const char *pgoptions,
2249 const char *pgtty, const char *dbName, const char *login,
2250 const char *pwd)
2251{
2252 PGconn *conn;
2253
2254 /*
2255 * Allocate memory for the conn structure. Note that we also expect this
2256 * to initialize conn->errorMessage to empty. All subsequent steps during
2257 * connection initialization will only append to that buffer.
2258 */
2259 conn = pqMakeEmptyPGconn();
2260 if (conn == NULL)
2261 return NULL;
2262
2263 /*
2264 * If the dbName parameter contains what looks like a connection string,
2265 * parse it into conn struct using connectOptions1.
2266 */
2267 if (dbName && recognized_connection_string(dbName))
2268 {
2269 if (!connectOptions1(conn, dbName))
2270 return conn;
2271 }
2272 else
2273 {
2274 /*
2275 * Old-style path: first, parse an empty conninfo string in order to
2276 * set up the same defaults that PQconnectdb() would use.
2277 */
2278 if (!connectOptions1(conn, ""))
2279 return conn;
2280
2281 /* Insert dbName parameter value into struct */
2282 if (dbName && dbName[0] != '\0')
2283 {
2284 free(conn->dbName);
2285 conn->dbName = strdup(dbName);
2286 if (!conn->dbName)
2287 goto oom_error;
2288 }
2289 }
2290
2291 /*
2292 * Insert remaining parameters into struct, overriding defaults (as well
2293 * as any conflicting data from dbName taken as a conninfo).
2294 */
2295 if (pghost && pghost[0] != '\0')
2296 {
2297 free(conn->pghost);
2298 conn->pghost = strdup(pghost);
2299 if (!conn->pghost)
2300 goto oom_error;
2301 }
2302
2303 if (pgport && pgport[0] != '\0')
2304 {
2305 free(conn->pgport);
2306 conn->pgport = strdup(pgport);
2307 if (!conn->pgport)
2308 goto oom_error;
2309 }
2310
2311 if (pgoptions && pgoptions[0] != '\0')
2312 {
2313 free(conn->pgoptions);
2314 conn->pgoptions = strdup(pgoptions);
2315 if (!conn->pgoptions)
2316 goto oom_error;
2317 }
2318
2319 if (login && login[0] != '\0')
2320 {
2321 free(conn->pguser);
2322 conn->pguser = strdup(login);
2323 if (!conn->pguser)
2324 goto oom_error;
2325 }
2326
2327 if (pwd && pwd[0] != '\0')
2328 {
2329 free(conn->pgpass);
2330 conn->pgpass = strdup(pwd);
2331 if (!conn->pgpass)
2332 goto oom_error;
2333 }
2334
2335 /*
2336 * Compute derived options
2337 */
2338 if (!pqConnectOptions2(conn))
2339 return conn;
2340
2341 /*
2342 * Connect to the database
2343 */
2344 if (pqConnectDBStart(conn))
2345 (void) pqConnectDBComplete(conn);
2346
2347 return conn;
2348
2349oom_error:
2350 conn->status = CONNECTION_BAD;
2351 libpq_append_conn_error(conn, "out of memory");
2352 return conn;
2353}
2354
2355
2356/* ----------
2357 * connectNoDelay -
2358 * Sets the TCP_NODELAY socket option.
2359 * Returns 1 if successful, 0 if not.
2360 * ----------
2361 */
2362static int
2363connectNoDelay(PGconn *conn)
2364{
2365#ifdef TCP_NODELAY
2366 int on = 1;
2367
2368 if (setsockopt(conn->sock, IPPROTO_TCP, TCP_NODELAY,
2369 (char *) &on,
2370 sizeof(on)) < 0)
2371 {
2372 char sebuf[PG_STRERROR_R_BUFLEN];
2373
2374 libpq_append_conn_error(conn, "could not set socket to TCP no delay mode: %s",
2375 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
2376 return 0;
2377 }
2378#endif
2379
2380 return 1;
2381}
2382
2383/* ----------
2384 * Write currently connected IP address into host_addr (of len host_addr_len).
2385 * If unable to, set it to the empty string.
2386 * ----------
2387 */
2388static void
2389getHostaddr(PGconn *conn, char *host_addr, int host_addr_len)
2390{
2391 struct sockaddr_storage *addr = &conn->raddr.addr;
2392
2393 if (addr->ss_family == AF_INET)
2394 {
2395 if (pg_inet_net_ntop(AF_INET,
2396 &((struct sockaddr_in *) addr)->sin_addr.s_addr,
2397 32,
2398 host_addr, host_addr_len) == NULL)
2399 host_addr[0] = '\0';
2400 }
2401 else if (addr->ss_family == AF_INET6)
2402 {
2403 if (pg_inet_net_ntop(AF_INET6,
2404 &((struct sockaddr_in6 *) addr)->sin6_addr.s6_addr,
2405 128,
2406 host_addr, host_addr_len) == NULL)
2407 host_addr[0] = '\0';
2408 }
2409 else
2410 host_addr[0] = '\0';
2411}
2412
2413/*
2414 * emitHostIdentityInfo -
2415 * Speculatively append "connection to server so-and-so failed: " to
2416 * conn->errorMessage once we've identified the current connection target
2417 * address. This ensures that any subsequent error message will be properly
2418 * attributed to the server we couldn't connect to. conn->raddr must be
2419 * valid, and the result of getHostaddr() must be supplied.
2420 */
2421static void
2422emitHostIdentityInfo(PGconn *conn, const char *host_addr)
2423{
2424 if (conn->raddr.addr.ss_family == AF_UNIX)
2425 {
2426 char service[NI_MAXHOST];
2427
2428 pg_getnameinfo_all(&conn->raddr.addr, conn->raddr.salen,
2429 NULL, 0,
2430 service, sizeof(service),
2431 NI_NUMERICSERV);
2432 appendPQExpBuffer(&conn->errorMessage,
2433 libpq_gettext("connection to server on socket \"%s\" failed: "),
2434 service);
2435 }
2436 else
2437 {
2438 const char *displayed_host;
2439 const char *displayed_port;
2440
2441 /* To which host and port were we actually connecting? */
2442 if (conn->connhost[conn->whichhost].type == CHT_HOST_ADDRESS)
2443 displayed_host = conn->connhost[conn->whichhost].hostaddr;
2444 else
2445 displayed_host = conn->connhost[conn->whichhost].host;
2446 displayed_port = conn->connhost[conn->whichhost].port;
2447 if (displayed_port == NULL || displayed_port[0] == '\0')
2448 displayed_port = DEF_PGPORT_STR;
2449
2450 /*
2451 * If the user did not supply an IP address using 'hostaddr', and
2452 * 'host' was missing or does not match our lookup, display the
2453 * looked-up IP address.
2454 */
2455 if (conn->connhost[conn->whichhost].type != CHT_HOST_ADDRESS &&
2456 host_addr[0] &&
2457 strcmp(displayed_host, host_addr) != 0)
2458 appendPQExpBuffer(&conn->errorMessage,
2459 libpq_gettext("connection to server at \"%s\" (%s), port %s failed: "),
2460 displayed_host, host_addr,
2461 displayed_port);
2462 else
2463 appendPQExpBuffer(&conn->errorMessage,
2464 libpq_gettext("connection to server at \"%s\", port %s failed: "),
2465 displayed_host,
2466 displayed_port);
2467 }
2468}
2469
2470/* ----------
2471 * connectFailureMessage -
2472 * create a friendly error message on connection failure,
2473 * using the given errno value. Use this for error cases that
2474 * imply that there's no server there.
2475 * ----------
2476 */
2477static void
2478connectFailureMessage(PGconn *conn, int errorno)
2479{
2480 char sebuf[PG_STRERROR_R_BUFLEN];
2481
2482 appendPQExpBuffer(&conn->errorMessage,
2483 "%s\n",
2484 SOCK_STRERROR(errorno, sebuf, sizeof(sebuf)));
2485
2486 if (conn->raddr.addr.ss_family == AF_UNIX)
2487 libpq_append_conn_error(conn, "\tIs the server running locally and accepting connections on that socket?");
2488 else
2489 libpq_append_conn_error(conn, "\tIs the server running on that host and accepting TCP/IP connections?");
2490}
2491
2492/*
2493 * Should we use keepalives? Returns 1 if yes, 0 if no, and -1 if
2494 * conn->keepalives is set to a value which is not parseable as an
2495 * integer.
2496 */
2497static int
2498useKeepalives(PGconn *conn)
2499{
2500 int val;
2501
2502 if (conn->keepalives == NULL)
2503 return 1;
2504
2505 if (!pqParseIntParam(conn->keepalives, &val, conn, "keepalives"))
2506 return -1;
2507
2508 return val != 0 ? 1 : 0;
2509}
2510
2511#ifndef WIN32
2512/*
2513 * Set the keepalive idle timer.
2514 */
2515static int
2516setKeepalivesIdle(PGconn *conn)
2517{
2518 int idle;
2519
2520 if (conn->keepalives_idle == NULL)
2521 return 1;
2522
2523 if (!pqParseIntParam(conn->keepalives_idle, &idle, conn,
2524 "keepalives_idle"))
2525 return 0;
2526 if (idle < 0)
2527 idle = 0;
2528
2529#ifdef PG_TCP_KEEPALIVE_IDLE
2530 if (setsockopt(conn->sock, IPPROTO_TCP, PG_TCP_KEEPALIVE_IDLE,
2531 (char *) &idle, sizeof(idle)) < 0)
2532 {
2533 char sebuf[PG_STRERROR_R_BUFLEN];
2534
2535 libpq_append_conn_error(conn, "%s(%s) failed: %s",
2536 "setsockopt",
2537 PG_TCP_KEEPALIVE_IDLE_STR,
2538 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
2539 return 0;
2540 }
2541#endif
2542
2543 return 1;
2544}
2545
2546/*
2547 * Set the keepalive interval.
2548 */
2549static int
2550setKeepalivesInterval(PGconn *conn)
2551{
2552 int interval;
2553
2554 if (conn->keepalives_interval == NULL)
2555 return 1;
2556
2557 if (!pqParseIntParam(conn->keepalives_interval, &interval, conn,
2558 "keepalives_interval"))
2559 return 0;
2560 if (interval < 0)
2561 interval = 0;
2562
2563#ifdef TCP_KEEPINTVL
2564 if (setsockopt(conn->sock, IPPROTO_TCP, TCP_KEEPINTVL,
2565 (char *) &interval, sizeof(interval)) < 0)
2566 {
2567 char sebuf[PG_STRERROR_R_BUFLEN];
2568
2569 libpq_append_conn_error(conn, "%s(%s) failed: %s",
2570 "setsockopt",
2571 "TCP_KEEPINTVL",
2572 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
2573 return 0;
2574 }
2575#endif
2576
2577 return 1;
2578}
2579
2580/*
2581 * Set the count of lost keepalive packets that will trigger a connection
2582 * break.
2583 */
2584static int
2585setKeepalivesCount(PGconn *conn)
2586{
2587 int count;
2588
2589 if (conn->keepalives_count == NULL)
2590 return 1;
2591
2592 if (!pqParseIntParam(conn->keepalives_count, &count, conn,
2593 "keepalives_count"))
2594 return 0;
2595 if (count < 0)
2596 count = 0;
2597
2598#ifdef TCP_KEEPCNT
2599 if (setsockopt(conn->sock, IPPROTO_TCP, TCP_KEEPCNT,
2600 (char *) &count, sizeof(count)) < 0)
2601 {
2602 char sebuf[PG_STRERROR_R_BUFLEN];
2603
2604 libpq_append_conn_error(conn, "%s(%s) failed: %s",
2605 "setsockopt",
2606 "TCP_KEEPCNT",
2607 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
2608 return 0;
2609 }
2610#endif
2611
2612 return 1;
2613}
2614#else /* WIN32 */
2615#ifdef SIO_KEEPALIVE_VALS
2616/*
2617 * Enable keepalives and set the keepalive values on Win32,
2618 * where they are always set in one batch.
2619 *
2620 * CAUTION: This needs to be signal safe, since it's used by PQcancel.
2621 */
2622int
2623pqSetKeepalivesWin32(pgsocket sock, int idle, int interval)
2624{
2625 struct tcp_keepalive ka;
2626 DWORD retsize;
2627
2628 if (idle <= 0)
2629 idle = 2 * 60 * 60; /* 2 hours = default */
2630 if (interval <= 0)
2631 interval = 1; /* 1 second = default */
2632
2633 ka.onoff = 1;
2634 ka.keepalivetime = idle * 1000;
2635 ka.keepaliveinterval = interval * 1000;
2636
2637 if (WSAIoctl(sock,
2638 SIO_KEEPALIVE_VALS,
2639 (LPVOID) &ka,
2640 sizeof(ka),
2641 NULL,
2642 0,
2643 &retsize,
2644 NULL,
2645 NULL)
2646 != 0)
2647 return 0;
2648 return 1;
2649}
2650
2651static int
2652prepKeepalivesWin32(PGconn *conn)
2653{
2654 int idle = -1;
2655 int interval = -1;
2656
2657 if (conn->keepalives_idle &&
2658 !pqParseIntParam(conn->keepalives_idle, &idle, conn,
2659 "keepalives_idle"))
2660 return 0;
2661 if (conn->keepalives_interval &&
2662 !pqParseIntParam(conn->keepalives_interval, &interval, conn,
2663 "keepalives_interval"))
2664 return 0;
2665
2666 if (!pqSetKeepalivesWin32(conn->sock, idle, interval))
2667 {
2668 libpq_append_conn_error(conn, "%s(%s) failed: error code %d",
2669 "WSAIoctl", "SIO_KEEPALIVE_VALS",
2670 WSAGetLastError());
2671 return 0;
2672 }
2673 return 1;
2674}
2675#endif /* SIO_KEEPALIVE_VALS */
2676#endif /* WIN32 */
2677
2678/*
2679 * Set the TCP user timeout.
2680 */
2681static int
2682setTCPUserTimeout(PGconn *conn)
2683{
2684 int timeout;
2685
2686 if (conn->pgtcp_user_timeout == NULL)
2687 return 1;
2688
2689 if (!pqParseIntParam(conn->pgtcp_user_timeout, &timeout, conn,
2690 "tcp_user_timeout"))
2691 return 0;
2692
2693 if (timeout < 0)
2694 timeout = 0;
2695
2696#ifdef TCP_USER_TIMEOUT
2697 if (setsockopt(conn->sock, IPPROTO_TCP, TCP_USER_TIMEOUT,
2698 (char *) &timeout, sizeof(timeout)) < 0)
2699 {
2700 char sebuf[256];
2701
2702 libpq_append_conn_error(conn, "%s(%s) failed: %s",
2703 "setsockopt",
2704 "TCP_USER_TIMEOUT",
2705 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
2706 return 0;
2707 }
2708#endif
2709
2710 return 1;
2711}
2712
2713/* ----------
2714 * pqConnectDBStart -
2715 * Begin the process of making a connection to the backend.
2716 *
2717 * Returns 1 if successful, 0 if not.
2718 * ----------
2719 */
2720int
2721pqConnectDBStart(PGconn *conn)
2722{
2723 if (!conn)
2724 return 0;
2725
2726 if (!conn->options_valid)
2727 goto connect_errReturn;
2728
2729 /*
2730 * Check for bad linking to backend-internal versions of src/common
2731 * functions (see comments in link-canary.c for the reason we need this).
2732 * Nobody but developers should see this message, so we don't bother
2733 * translating it.
2734 */
2735 if (!pg_link_canary_is_frontend())
2736 {
2737 appendPQExpBufferStr(&conn->errorMessage,
2738 "libpq is incorrectly linked to backend functions\n");
2739 goto connect_errReturn;
2740 }
2741
2742 /* Ensure our buffers are empty */
2743 conn->inStart = conn->inCursor = conn->inEnd = 0;
2744 conn->outCount = 0;
2745
2746 /*
2747 * Set up to try to connect to the first host. (Setting whichhost = -1 is
2748 * a bit of a cheat, but PQconnectPoll will advance it to 0 before
2749 * anything else looks at it.)
2750 *
2751 * Cancel requests are special though, they should only try one host and
2752 * address, and these fields have already been set up in PQcancelCreate,
2753 * so leave these fields alone for cancel requests.
2754 */
2755 if (!conn->cancelRequest)
2756 {
2757 conn->whichhost = -1;
2758 conn->try_next_host = true;
2759 conn->try_next_addr = false;
2760 }
2761
2762 conn->status = CONNECTION_NEEDED;
2763
2764 /* Also reset the target_server_type state if needed */
2765 if (conn->target_server_type == SERVER_TYPE_PREFER_STANDBY_PASS2)
2766 conn->target_server_type = SERVER_TYPE_PREFER_STANDBY;
2767
2768 /*
2769 * The code for processing CONNECTION_NEEDED state is in PQconnectPoll(),
2770 * so that it can easily be re-executed if needed again during the
2771 * asynchronous startup process. However, we must run it once here,
2772 * because callers expect a success return from this routine to mean that
2773 * we are in PGRES_POLLING_WRITING connection state.
2774 */
2775 if (PQconnectPoll(conn) == PGRES_POLLING_WRITING)
2776 return 1;
2777
2778connect_errReturn:
2779
2780 /*
2781 * If we managed to open a socket, close it immediately rather than
2782 * waiting till PQfinish. (The application cannot have gotten the socket
2783 * from PQsocket yet, so this doesn't risk breaking anything.)
2784 */
2785 pqDropConnection(conn, true);
2786 conn->status = CONNECTION_BAD;
2787 return 0;
2788}
2789
2790
2791/*
2792 * pqConnectDBComplete
2793 *
2794 * Block and complete a connection.
2795 *
2796 * Returns 1 on success, 0 on failure.
2797 */
2798int
2799pqConnectDBComplete(PGconn *conn)
2800{
2801 PostgresPollingStatusType flag = PGRES_POLLING_WRITING;
2802 pg_usec_time_t end_time = -1;
2803 int timeout = 0;
2804 int last_whichhost = -2; /* certainly different from whichhost */
2805 int last_whichaddr = -2; /* certainly different from whichaddr */
2806
2807 if (conn == NULL || conn->status == CONNECTION_BAD)
2808 return 0;
2809
2810 /*
2811 * Set up a time limit, if connect_timeout is greater than zero.
2812 */
2813 if (conn->connect_timeout != NULL)
2814 {
2815 if (!pqParseIntParam(conn->connect_timeout, &timeout, conn,
2816 "connect_timeout"))
2817 {
2818 /* mark the connection as bad to report the parsing failure */
2819 conn->status = CONNECTION_BAD;
2820 return 0;
2821 }
2822 }
2823
2824 for (;;)
2825 {
2826 int ret = 0;
2827
2828 /*
2829 * (Re)start the connect_timeout timer if it's active and we are
2830 * considering a different host than we were last time through. If
2831 * we've already succeeded, though, needn't recalculate.
2832 */
2833 if (flag != PGRES_POLLING_OK &&
2834 timeout > 0 &&
2835 (conn->whichhost != last_whichhost ||
2836 conn->whichaddr != last_whichaddr))
2837 {
2838 end_time = PQgetCurrentTimeUSec() + (pg_usec_time_t) timeout * 1000000;
2839 last_whichhost = conn->whichhost;
2840 last_whichaddr = conn->whichaddr;
2841 }
2842
2843 /*
2844 * Wait, if necessary. Note that the initial state (just after
2845 * PQconnectStart) is to wait for the socket to select for writing.
2846 */
2847 switch (flag)
2848 {
2849 case PGRES_POLLING_OK:
2850 return 1; /* success! */
2851
2852 case PGRES_POLLING_READING:
2853 ret = pqWaitTimed(1, 0, conn, end_time);
2854 if (ret == -1)
2855 {
2856 /* hard failure, eg select() problem, aborts everything */
2857 conn->status = CONNECTION_BAD;
2858 return 0;
2859 }
2860 break;
2861
2862 case PGRES_POLLING_WRITING:
2863 ret = pqWaitTimed(0, 1, conn, end_time);
2864 if (ret == -1)
2865 {
2866 /* hard failure, eg select() problem, aborts everything */
2867 conn->status = CONNECTION_BAD;
2868 return 0;
2869 }
2870 break;
2871
2872 default:
2873 /* Just in case we failed to set it in PQconnectPoll */
2874 conn->status = CONNECTION_BAD;
2875 return 0;
2876 }
2877
2878 if (ret == 1) /* connect_timeout elapsed */
2879 {
2880 /*
2881 * Give up on current server/address, try the next one.
2882 */
2883 conn->try_next_addr = true;
2884 conn->status = CONNECTION_NEEDED;
2885 }
2886
2887 /*
2888 * Now try to advance the state machine.
2889 */
2890 if (conn->cancelRequest)
2891 flag = PQcancelPoll((PGcancelConn *) conn);
2892 else
2893 flag = PQconnectPoll(conn);
2894 }
2895}
2896
2897/* ----------------
2898 * PQconnectPoll
2899 *
2900 * Poll an asynchronous connection.
2901 *
2902 * Returns a PostgresPollingStatusType.
2903 * Before calling this function, use select(2) to determine when data
2904 * has arrived..
2905 *
2906 * You must call PQfinish whether or not this fails.
2907 *
2908 * This function and PQconnectStart are intended to allow connections to be
2909 * made without blocking the execution of your program on remote I/O. However,
2910 * there are a number of caveats:
2911 *
2912 * o If you call PQtrace, ensure that the stream object into which you trace
2913 * will not block.
2914 * o If you do not supply an IP address for the remote host (i.e. you
2915 * supply a host name instead) then PQconnectStart will block on
2916 * getaddrinfo. You will be fine if using Unix sockets (i.e. by
2917 * supplying neither a host name nor a host address).
2918 * o If your backend wants to use Kerberos authentication then you must
2919 * supply both a host name and a host address, otherwise this function
2920 * may block on gethostname.
2921 *
2922 * ----------------
2923 */
2924PostgresPollingStatusType
2925PQconnectPoll(PGconn *conn)
2926{
2927 bool reset_connection_state_machine = false;
2928 bool need_new_connection = false;
2929 PGresult *res;
2930 char sebuf[PG_STRERROR_R_BUFLEN];
2931 int optval;
2932
2933 if (conn == NULL)
2934 return PGRES_POLLING_FAILED;
2935
2936 /* Get the new data */
2937 switch (conn->status)
2938 {
2939 /*
2940 * We really shouldn't have been polled in these two cases, but we
2941 * can handle it.
2942 */
2943 case CONNECTION_BAD:
2944 return PGRES_POLLING_FAILED;
2945 case CONNECTION_OK:
2946 return PGRES_POLLING_OK;
2947
2948 /* These are reading states */
2949 case CONNECTION_AWAITING_RESPONSE:
2950 case CONNECTION_AUTH_OK:
2951 case CONNECTION_CHECK_WRITABLE:
2952 case CONNECTION_CONSUME:
2953 case CONNECTION_CHECK_STANDBY:
2954 {
2955 /* Load waiting data */
2956 int n = pqReadData(conn);
2957
2958 if (n < 0)
2959 goto error_return;
2960 if (n == 0)
2961 return PGRES_POLLING_READING;
2962
2963 break;
2964 }
2965
2966 /* These are writing states, so we just proceed. */
2967 case CONNECTION_STARTED:
2968 case CONNECTION_MADE:
2969 break;
2970
2971 /* Special cases: proceed without waiting. */
2972 case CONNECTION_SSL_STARTUP:
2973 case CONNECTION_NEEDED:
2974 case CONNECTION_GSS_STARTUP:
2975 case CONNECTION_CHECK_TARGET:
2976 case CONNECTION_AUTHENTICATING:
2977 break;
2978
2979 default:
2980 libpq_append_conn_error(conn, "invalid connection state, probably indicative of memory corruption");
2981 goto error_return;
2982 }
2983
2984
2985keep_going: /* We will come back to here until there is
2986 * nothing left to do. */
2987
2988 /* Time to advance to next address, or next host if no more addresses? */
2989 if (conn->try_next_addr)
2990 {
2991 if (conn->whichaddr < conn->naddr)
2992 {
2993 conn->whichaddr++;
2994 reset_connection_state_machine = true;
2995 }
2996 else
2997 conn->try_next_host = true;
2998 conn->try_next_addr = false;
2999 }
3000
3001 /* Time to advance to next connhost[] entry? */
3002 if (conn->try_next_host)
3003 {
3004 pg_conn_host *ch;
3005 struct addrinfo hint;
3006 struct addrinfo *addrlist;
3007 int thisport;
3008 int ret;
3009 char portstr[MAXPGPATH];
3010
3011 if (conn->whichhost + 1 < conn->nconnhost)
3012 conn->whichhost++;
3013 else
3014 {
3015 /*
3016 * Oops, no more hosts.
3017 *
3018 * If we are trying to connect in "prefer-standby" mode, then drop
3019 * the standby requirement and start over. Don't do this for
3020 * cancel requests though, since we are certain the list of
3021 * servers won't change as the target_server_type option is not
3022 * applicable to those connections.
3023 *
3024 * Otherwise, an appropriate error message is already set up, so
3025 * we just need to set the right status.
3026 */
3027 if (conn->target_server_type == SERVER_TYPE_PREFER_STANDBY &&
3028 conn->nconnhost > 0 &&
3029 !conn->cancelRequest)
3030 {
3031 conn->target_server_type = SERVER_TYPE_PREFER_STANDBY_PASS2;
3032 conn->whichhost = 0;
3033 }
3034 else
3035 goto error_return;
3036 }
3037
3038 /* Drop any address info for previous host */
3039 release_conn_addrinfo(conn);
3040
3041 /*
3042 * Look up info for the new host. On failure, log the problem in
3043 * conn->errorMessage, then loop around to try the next host. (Note
3044 * we don't clear try_next_host until we've succeeded.)
3045 */
3046 ch = &conn->connhost[conn->whichhost];
3047
3048 /* Initialize hint structure */
3049 MemSet(&hint, 0, sizeof(hint));
3050 hint.ai_socktype = SOCK_STREAM;
3051 hint.ai_family = AF_UNSPEC;
3052
3053 /* Figure out the port number we're going to use. */
3054 if (ch->port == NULL || ch->port[0] == '\0')
3055 thisport = DEF_PGPORT;
3056 else
3057 {
3058 if (!pqParseIntParam(ch->port, &thisport, conn, "port"))
3059 goto error_return;
3060
3061 if (thisport < 1 || thisport > 65535)
3062 {
3063 libpq_append_conn_error(conn, "invalid port number: \"%s\"", ch->port);
3064 goto keep_going;
3065 }
3066 }
3067 snprintf(portstr, sizeof(portstr), "%d", thisport);
3068
3069 /* Use pg_getaddrinfo_all() to resolve the address */
3070 switch (ch->type)
3071 {
3072 case CHT_HOST_NAME:
3073 ret = pg_getaddrinfo_all(ch->host, portstr, &hint,
3074 &addrlist);
3075 if (ret || !addrlist)
3076 {
3077 libpq_append_conn_error(conn, "could not translate host name \"%s\" to address: %s",
3078 ch->host, gai_strerror(ret));
3079 goto keep_going;
3080 }
3081 break;
3082
3083 case CHT_HOST_ADDRESS:
3084 hint.ai_flags = AI_NUMERICHOST;
3085 ret = pg_getaddrinfo_all(ch->hostaddr, portstr, &hint,
3086 &addrlist);
3087 if (ret || !addrlist)
3088 {
3089 libpq_append_conn_error(conn, "could not parse network address \"%s\": %s",
3090 ch->hostaddr, gai_strerror(ret));
3091 goto keep_going;
3092 }
3093 break;
3094
3095 case CHT_UNIX_SOCKET:
3096 hint.ai_family = AF_UNIX;
3097 UNIXSOCK_PATH(portstr, thisport, ch->host);
3098 if (strlen(portstr) >= UNIXSOCK_PATH_BUFLEN)
3099 {
3100 libpq_append_conn_error(conn, "Unix-domain socket path \"%s\" is too long (maximum %zu bytes)",
3101 portstr,
3102 (UNIXSOCK_PATH_BUFLEN - 1));
3103 goto keep_going;
3104 }
3105
3106 /*
3107 * NULL hostname tells pg_getaddrinfo_all to parse the service
3108 * name as a Unix-domain socket path.
3109 */
3110 ret = pg_getaddrinfo_all(NULL, portstr, &hint,
3111 &addrlist);
3112 if (ret || !addrlist)
3113 {
3114 libpq_append_conn_error(conn, "could not translate Unix-domain socket path \"%s\" to address: %s",
3115 portstr, gai_strerror(ret));
3116 goto keep_going;
3117 }
3118 break;
3119 }
3120
3121 /*
3122 * Store a copy of the addrlist in private memory so we can perform
3123 * randomization for load balancing.
3124 */
3125 ret = store_conn_addrinfo(conn, addrlist);
3126 pg_freeaddrinfo_all(hint.ai_family, addrlist);
3127 if (ret)
3128 goto error_return; /* message already logged */
3129
3130 /*
3131 * If random load balancing is enabled we shuffle the addresses.
3132 */
3133 if (conn->load_balance_type == LOAD_BALANCE_RANDOM)
3134 {
3135 /*
3136 * This is the "inside-out" variant of the Fisher-Yates shuffle
3137 * algorithm. Notionally, we append each new value to the array
3138 * and then swap it with a randomly-chosen array element (possibly
3139 * including itself, else we fail to generate permutations with
3140 * the last integer last). The swap step can be optimized by
3141 * combining it with the insertion.
3142 *
3143 * We don't need to initialize conn->prng_state here, because that
3144 * already happened in pqConnectOptions2.
3145 */
3146 for (int i = 1; i < conn->naddr; i++)
3147 {
3148 int j = pg_prng_uint64_range(&conn->prng_state, 0, i);
3149 AddrInfo temp = conn->addr[j];
3150
3151 conn->addr[j] = conn->addr[i];
3152 conn->addr[i] = temp;
3153 }
3154 }
3155
3156 reset_connection_state_machine = true;
3157 conn->try_next_host = false;
3158 }
3159
3160 /* Reset connection state machine? */
3161 if (reset_connection_state_machine)
3162 {
3163 /*
3164 * (Re) initialize our connection control variables for a set of
3165 * connection attempts to a single server address. These variables
3166 * must persist across individual connection attempts, but we must
3167 * reset them when we start to consider a new server.
3168 */
3169 conn->pversion = conn->max_pversion;
3170 conn->send_appname = true;
3171 conn->failed_enc_methods = 0;
3172 conn->current_enc_method = 0;
3173 conn->allowed_enc_methods = 0;
3174 reset_connection_state_machine = false;
3175 need_new_connection = true;
3176 }
3177
3178 /* Force a new connection (perhaps to the same server as before)? */
3179 if (need_new_connection)
3180 {
3181 /* Drop any existing connection */
3182 pqDropConnection(conn, true);
3183
3184 /* Reset all state obtained from old server */
3185 pqDropServerData(conn);
3186
3187 /* Drop any PGresult we might have, too */
3188 conn->asyncStatus = PGASYNC_IDLE;
3189 conn->xactStatus = PQTRANS_IDLE;
3190 conn->pipelineStatus = PQ_PIPELINE_OFF;
3191 pqClearAsyncResult(conn);
3192
3193 /* Reset conn->status to put the state machine in the right state */
3194 conn->status = CONNECTION_NEEDED;
3195
3196 need_new_connection = false;
3197 }
3198
3199 /*
3200 * Decide what to do next, if server rejects SSL or GSS negotiation, but
3201 * the connection is still valid. If there are no options left, error out
3202 * with 'msg'.
3203 */
3204#define ENCRYPTION_NEGOTIATION_FAILED(msg) \
3205 do { \
3206 switch (encryption_negotiation_failed(conn)) \
3207 { \
3208 case 0: \
3209 libpq_append_conn_error(conn, (msg)); \
3210 goto error_return; \
3211 case 1: \
3212 conn->status = CONNECTION_MADE; \
3213 return PGRES_POLLING_WRITING; \
3214 case 2: \
3215 need_new_connection = true; \
3216 goto keep_going; \
3217 } \
3218 } while(0);
3219
3220 /*
3221 * Decide what to do next, if connection fails. If there are no options
3222 * left, return with an error. The error message has already been written
3223 * to the connection's error buffer.
3224 */
3225#define CONNECTION_FAILED() \
3226 do { \
3227 if (connection_failed(conn)) \
3228 { \
3229 need_new_connection = true; \
3230 goto keep_going; \
3231 } \
3232 else \
3233 goto error_return; \
3234 } while(0);
3235
3236 /* Now try to advance the state machine for this connection */
3237 switch (conn->status)
3238 {
3239 case CONNECTION_NEEDED:
3240 {
3241 /*
3242 * Try to initiate a connection to one of the addresses
3243 * returned by pg_getaddrinfo_all(). conn->whichaddr is the
3244 * next one to try.
3245 *
3246 * The extra level of braces here is historical. It's not
3247 * worth reindenting this whole switch case to remove 'em.
3248 */
3249 {
3250 char host_addr[NI_MAXHOST];
3251 int sock_type;
3252 AddrInfo *addr_cur;
3253
3254 /*
3255 * Advance to next possible host, if we've tried all of
3256 * the addresses for the current host.
3257 */
3258 if (conn->whichaddr == conn->naddr)
3259 {
3260 conn->try_next_host = true;
3261 goto keep_going;
3262 }
3263 addr_cur = &conn->addr[conn->whichaddr];
3264
3265 /* Remember current address for possible use later */
3266 memcpy(&conn->raddr, &addr_cur->addr, sizeof(SockAddr));
3267
3268#ifdef ENABLE_GSS
3269
3270 /*
3271 * Before establishing the connection, check if it's
3272 * doomed to fail because gssencmode='require' but GSSAPI
3273 * is not available.
3274 */
3275 if (conn->gssencmode[0] == 'r')
3276 {
3277 if (conn->raddr.addr.ss_family == AF_UNIX)
3278 {
3279 libpq_append_conn_error(conn,
3280 "GSSAPI encryption required but it is not supported over a local socket");
3281 goto error_return;
3282 }
3283 if (conn->gcred == GSS_C_NO_CREDENTIAL)
3284 {
3285 if (!pg_GSS_have_cred_cache(&conn->gcred))
3286 {
3287 libpq_append_conn_error(conn,
3288 "GSSAPI encryption required but no credential cache");
3289 goto error_return;
3290 }
3291 }
3292 }
3293#endif
3294
3295 /*
3296 * Choose the encryption method to try first. Do this
3297 * before establishing the connection, so that if none of
3298 * the modes allowed by the connections options are
3299 * available, we can error out before establishing the
3300 * connection.
3301 */
3302 if (!init_allowed_encryption_methods(conn))
3303 goto error_return;
3304
3305 /*
3306 * Set connip, too. Note we purposely ignore strdup
3307 * failure; not a big problem if it fails.
3308 */
3309 if (conn->connip != NULL)
3310 {
3311 free(conn->connip);
3312 conn->connip = NULL;
3313 }
3314 getHostaddr(conn, host_addr, NI_MAXHOST);
3315 if (host_addr[0])
3316 conn->connip = strdup(host_addr);
3317
3318 /* Try to create the socket */
3319 sock_type = SOCK_STREAM;
3320#ifdef SOCK_CLOEXEC
3321
3322 /*
3323 * Atomically mark close-on-exec, if possible on this
3324 * platform, so that there isn't a window where a
3325 * subprogram executed by another thread inherits the
3326 * socket. See fallback code below.
3327 */
3328 sock_type |= SOCK_CLOEXEC;
3329#endif
3330#ifdef SOCK_NONBLOCK
3331
3332 /*
3333 * We might as well skip a system call for nonblocking
3334 * mode too, if we can.
3335 */
3336 sock_type |= SOCK_NONBLOCK;
3337#endif
3338 conn->sock = socket(addr_cur->family, sock_type, 0);
3339 if (conn->sock == PGINVALID_SOCKET)
3340 {
3341 int errorno = SOCK_ERRNO;
3342
3343 /*
3344 * Silently ignore socket() failure if we have more
3345 * addresses to try; this reduces useless chatter in
3346 * cases where the address list includes both IPv4 and
3347 * IPv6 but kernel only accepts one family.
3348 */
3349 if (conn->whichaddr < conn->naddr ||
3350 conn->whichhost + 1 < conn->nconnhost)
3351 {
3352 conn->try_next_addr = true;
3353 goto keep_going;
3354 }
3355 emitHostIdentityInfo(conn, host_addr);
3356 libpq_append_conn_error(conn, "could not create socket: %s",
3357 SOCK_STRERROR(errorno, sebuf, sizeof(sebuf)));
3358 goto error_return;
3359 }
3360
3361 /*
3362 * Once we've identified a target address, all errors
3363 * except the preceding socket()-failure case should be
3364 * prefixed with host-identity information. (If the
3365 * connection succeeds, the contents of conn->errorMessage
3366 * won't matter, so this is harmless.)
3367 */
3368 emitHostIdentityInfo(conn, host_addr);
3369
3370 /*
3371 * Select socket options: no delay of outgoing data for
3372 * TCP sockets, nonblock mode, close-on-exec. Try the
3373 * next address if any of this fails.
3374 */
3375 if (addr_cur->family != AF_UNIX)
3376 {
3377 if (!connectNoDelay(conn))
3378 {
3379 /* error message already created */
3380 conn->try_next_addr = true;
3381 goto keep_going;
3382 }
3383 }
3384#ifndef SOCK_NONBLOCK
3385 if (!pg_set_noblock(conn->sock))
3386 {
3387 libpq_append_conn_error(conn, "could not set socket to nonblocking mode: %s",
3388 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3389 conn->try_next_addr = true;
3390 goto keep_going;
3391 }
3392#endif
3393
3394#ifndef SOCK_CLOEXEC
3395#ifdef F_SETFD
3396 if (fcntl(conn->sock, F_SETFD, FD_CLOEXEC) == -1)
3397 {
3398 libpq_append_conn_error(conn, "could not set socket to close-on-exec mode: %s",
3399 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3400 conn->try_next_addr = true;
3401 goto keep_going;
3402 }
3403#endif /* F_SETFD */
3404#endif
3405
3406 if (addr_cur->family != AF_UNIX)
3407 {
3408#ifndef WIN32
3409 int on = 1;
3410#endif
3411 int usekeepalives = useKeepalives(conn);
3412 int err = 0;
3413
3414 if (usekeepalives < 0)
3415 {
3416 /* error is already reported */
3417 err = 1;
3418 }
3419 else if (usekeepalives == 0)
3420 {
3421 /* Do nothing */
3422 }
3423#ifndef WIN32
3424 else if (setsockopt(conn->sock,
3425 SOL_SOCKET, SO_KEEPALIVE,
3426 (char *) &on, sizeof(on)) < 0)
3427 {
3428 libpq_append_conn_error(conn, "%s(%s) failed: %s",
3429 "setsockopt",
3430 "SO_KEEPALIVE",
3431 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3432 err = 1;
3433 }
3434 else if (!setKeepalivesIdle(conn)
3435 || !setKeepalivesInterval(conn)
3436 || !setKeepalivesCount(conn))
3437 err = 1;
3438#else /* WIN32 */
3439#ifdef SIO_KEEPALIVE_VALS
3440 else if (!prepKeepalivesWin32(conn))
3441 err = 1;
3442#endif /* SIO_KEEPALIVE_VALS */
3443#endif /* WIN32 */
3444 else if (!setTCPUserTimeout(conn))
3445 err = 1;
3446
3447 if (err)
3448 {
3449 conn->try_next_addr = true;
3450 goto keep_going;
3451 }
3452 }
3453
3454 /*----------
3455 * We have three methods of blocking SIGPIPE during
3456 * send() calls to this socket:
3457 *
3458 * - setsockopt(sock, SO_NOSIGPIPE)
3459 * - send(sock, ..., MSG_NOSIGNAL)
3460 * - setting the signal mask to SIG_IGN during send()
3461 *
3462 * The third method requires three syscalls per send,
3463 * so we prefer either of the first two, but they are
3464 * less portable. The state is tracked in the following
3465 * members of PGconn:
3466 *
3467 * conn->sigpipe_so - we have set up SO_NOSIGPIPE
3468 * conn->sigpipe_flag - we're specifying MSG_NOSIGNAL
3469 *
3470 * If we can use SO_NOSIGPIPE, then set sigpipe_so here
3471 * and we're done. Otherwise, set sigpipe_flag so that
3472 * we will try MSG_NOSIGNAL on sends. If we get an error
3473 * with MSG_NOSIGNAL, we'll clear that flag and revert to
3474 * signal masking.
3475 *----------
3476 */
3477 conn->sigpipe_so = false;
3478#ifdef MSG_NOSIGNAL
3479 conn->sigpipe_flag = true;
3480#else
3481 conn->sigpipe_flag = false;
3482#endif /* MSG_NOSIGNAL */
3483
3484#ifdef SO_NOSIGPIPE
3485 optval = 1;
3486 if (setsockopt(conn->sock, SOL_SOCKET, SO_NOSIGPIPE,
3487 (char *) &optval, sizeof(optval)) == 0)
3488 {
3489 conn->sigpipe_so = true;
3490 conn->sigpipe_flag = false;
3491 }
3492#endif /* SO_NOSIGPIPE */
3493
3494 /*
3495 * Start/make connection. This should not block, since we
3496 * are in nonblock mode. If it does, well, too bad.
3497 */
3498 if (connect(conn->sock, (struct sockaddr *) &addr_cur->addr.addr,
3499 addr_cur->addr.salen) < 0)
3500 {
3501 if (SOCK_ERRNO == EINPROGRESS ||
3502#ifdef WIN32
3503 SOCK_ERRNO == EWOULDBLOCK ||
3504#endif
3505 SOCK_ERRNO == EINTR)
3506 {
3507 /*
3508 * This is fine - we're in non-blocking mode, and
3509 * the connection is in progress. Tell caller to
3510 * wait for write-ready on socket.
3511 */
3512 conn->status = CONNECTION_STARTED;
3513 return PGRES_POLLING_WRITING;
3514 }
3515 /* otherwise, trouble */
3516 }
3517 else
3518 {
3519 /*
3520 * Hm, we're connected already --- seems the "nonblock
3521 * connection" wasn't. Advance the state machine and
3522 * go do the next stuff.
3523 */
3524 conn->status = CONNECTION_STARTED;
3525 goto keep_going;
3526 }
3527
3528 /*
3529 * This connection failed. Add the error report to
3530 * conn->errorMessage, then try the next address if any.
3531 */
3532 connectFailureMessage(conn, SOCK_ERRNO);
3533 conn->try_next_addr = true;
3534 goto keep_going;
3535 }
3536 }
3537
3538 case CONNECTION_STARTED:
3539 {
3540 socklen_t optlen = sizeof(optval);
3541
3542 /*
3543 * Write ready, since we've made it here, so the connection
3544 * has been made ... or has failed.
3545 */
3546
3547 /*
3548 * Now check (using getsockopt) that there is not an error
3549 * state waiting for us on the socket.
3550 */
3551
3552 if (getsockopt(conn->sock, SOL_SOCKET, SO_ERROR,
3553 (char *) &optval, &optlen) == -1)
3554 {
3555 libpq_append_conn_error(conn, "could not get socket error status: %s",
3556 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3557 goto error_return;
3558 }
3559 else if (optval != 0)
3560 {
3561 /*
3562 * When using a nonblocking connect, we will typically see
3563 * connect failures at this point, so provide a friendly
3564 * error message.
3565 */
3566 connectFailureMessage(conn, optval);
3567
3568 /*
3569 * Try the next address if any, just as in the case where
3570 * connect() returned failure immediately.
3571 */
3572 conn->try_next_addr = true;
3573 goto keep_going;
3574 }
3575
3576 /* Fill in the client address */
3577 conn->laddr.salen = sizeof(conn->laddr.addr);
3578 if (getsockname(conn->sock,
3579 (struct sockaddr *) &conn->laddr.addr,
3580 &conn->laddr.salen) < 0)
3581 {
3582 libpq_append_conn_error(conn, "could not get client address from socket: %s",
3583 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3584 goto error_return;
3585 }
3586
3587 /*
3588 * Implement requirepeer check, if requested and it's a
3589 * Unix-domain socket.
3590 */
3591 if (conn->requirepeer && conn->requirepeer[0] &&
3592 conn->raddr.addr.ss_family == AF_UNIX)
3593 {
3594#ifndef WIN32
3595 char *remote_username;
3596#endif
3597 uid_t uid;
3598 gid_t gid;
3599
3600 errno = 0;
3601 if (getpeereid(conn->sock, &uid, &gid) != 0)
3602 {
3603 /*
3604 * Provide special error message if getpeereid is a
3605 * stub
3606 */
3607 if (errno == ENOSYS)
3608 libpq_append_conn_error(conn, "requirepeer parameter is not supported on this platform");
3609 else
3610 libpq_append_conn_error(conn, "could not get peer credentials: %s",
3611 strerror_r(errno, sebuf, sizeof(sebuf)));
3612 goto error_return;
3613 }
3614
3615#ifndef WIN32
3616 remote_username = pg_fe_getusername(uid,
3617 &conn->errorMessage);
3618 if (remote_username == NULL)
3619 goto error_return; /* message already logged */
3620
3621 if (strcmp(remote_username, conn->requirepeer) != 0)
3622 {
3623 libpq_append_conn_error(conn, "requirepeer specifies \"%s\", but actual peer user name is \"%s\"",
3624 conn->requirepeer, remote_username);
3625 free(remote_username);
3626 goto error_return;
3627 }
3628 free(remote_username);
3629#else /* WIN32 */
3630 /* should have failed with ENOSYS above */
3631 Assert(false);
3632#endif /* WIN32 */
3633 }
3634
3635 /*
3636 * Make sure we can write before advancing to next step.
3637 */
3638 conn->status = CONNECTION_MADE;
3639 return PGRES_POLLING_WRITING;
3640 }
3641
3642 case CONNECTION_MADE:
3643 {
3644 char *startpacket;
3645 int packetlen;
3646
3647#ifdef ENABLE_GSS
3648
3649 /*
3650 * If GSSAPI encryption is enabled, send a packet to the
3651 * server asking for GSSAPI Encryption and proceed with GSSAPI
3652 * handshake. We will come back here after GSSAPI encryption
3653 * has been established, with conn->gctx set.
3654 */
3655 if (conn->current_enc_method == ENC_GSSAPI && !conn->gctx)
3656 {
3657 ProtocolVersion pv = pg_hton32(NEGOTIATE_GSS_CODE);
3658
3659 if (pqPacketSend(conn, 0, &pv, sizeof(pv)) != STATUS_OK)
3660 {
3661 libpq_append_conn_error(conn, "could not send GSSAPI negotiation packet: %s",
3662 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3663 goto error_return;
3664 }
3665
3666 /* Ok, wait for response */
3667 conn->status = CONNECTION_GSS_STARTUP;
3668 return PGRES_POLLING_READING;
3669 }
3670#endif
3671
3672#ifdef USE_SSL
3673
3674 /*
3675 * If SSL is enabled, start the SSL negotiation. We will come
3676 * back here after SSL encryption has been established, with
3677 * ssl_in_use set.
3678 */
3679 if (conn->current_enc_method == ENC_SSL && !conn->ssl_in_use)
3680 {
3681 /*
3682 * If traditional postgres SSL negotiation is used, send
3683 * the SSL request. In direct negotiation, jump straight
3684 * into the SSL handshake.
3685 */
3686 if (conn->sslnegotiation[0] == 'p')
3687 {
3688 ProtocolVersion pv;
3689
3690 /*
3691 * Send the SSL request packet.
3692 *
3693 * Theoretically, this could block, but it really
3694 * shouldn't since we only got here if the socket is
3695 * write-ready.
3696 */
3697 pv = pg_hton32(NEGOTIATE_SSL_CODE);
3698 if (pqPacketSend(conn, 0, &pv, sizeof(pv)) != STATUS_OK)
3699 {
3700 libpq_append_conn_error(conn, "could not send SSL negotiation packet: %s",
3701 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3702 goto error_return;
3703 }
3704 /* Ok, wait for response */
3705 conn->status = CONNECTION_SSL_STARTUP;
3706 return PGRES_POLLING_READING;
3707 }
3708 else
3709 {
3710 Assert(conn->sslnegotiation[0] == 'd');
3711 conn->status = CONNECTION_SSL_STARTUP;
3712 return PGRES_POLLING_WRITING;
3713 }
3714 }
3715#endif /* USE_SSL */
3716
3717 /*
3718 * For cancel requests this is as far as we need to go in the
3719 * connection establishment. Now we can actually send our
3720 * cancellation request.
3721 */
3722 if (conn->cancelRequest)
3723 {
3724 if (PQsendCancelRequest(conn) != STATUS_OK)
3725 {
3726 libpq_append_conn_error(conn, "could not send cancel packet: %s",
3727 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3728 goto error_return;
3729 }
3730 conn->status = CONNECTION_AWAITING_RESPONSE;
3731 return PGRES_POLLING_READING;
3732 }
3733
3734 /*
3735 * We have now established encryption, or we are happy to
3736 * proceed without.
3737 */
3738
3739 /* Build the startup packet. */
3740 startpacket = pqBuildStartupPacket3(conn, &packetlen,
3741 EnvironmentOptions);
3742 if (!startpacket)
3743 {
3744 libpq_append_conn_error(conn, "out of memory");
3745 goto error_return;
3746 }
3747
3748 /*
3749 * Send the startup packet.
3750 *
3751 * Theoretically, this could block, but it really shouldn't
3752 * since we only got here if the socket is write-ready.
3753 */
3754 if (pqPacketSend(conn, 0, startpacket, packetlen) != STATUS_OK)
3755 {
3756 libpq_append_conn_error(conn, "could not send startup packet: %s",
3757 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3758 free(startpacket);
3759 goto error_return;
3760 }
3761
3762 free(startpacket);
3763
3764 conn->status = CONNECTION_AWAITING_RESPONSE;
3765 return PGRES_POLLING_READING;
3766 }
3767
3768 /*
3769 * Handle SSL negotiation: wait for postmaster messages and
3770 * respond as necessary.
3771 */
3772 case CONNECTION_SSL_STARTUP:
3773 {
3774#ifdef USE_SSL
3775 PostgresPollingStatusType pollres;
3776
3777 /*
3778 * On first time through with traditional SSL negotiation, get
3779 * the postmaster's response to our SSLRequest packet. With
3780 * sslnegotiation='direct', go straight to initiating SSL.
3781 */
3782 if (!conn->ssl_in_use && conn->sslnegotiation[0] == 'p')
3783 {
3784 /*
3785 * We use pqReadData here since it has the logic to
3786 * distinguish no-data-yet from connection closure. Since
3787 * conn->ssl isn't set, a plain recv() will occur.
3788 */
3789 char SSLok;
3790 int rdresult;
3791
3792 rdresult = pqReadData(conn);
3793 if (rdresult < 0)
3794 {
3795 /* errorMessage is already filled in */
3796 goto error_return;
3797 }
3798 if (rdresult == 0)
3799 {
3800 /* caller failed to wait for data */
3801 return PGRES_POLLING_READING;
3802 }
3803 if (pqGetc(&SSLok, conn) < 0)
3804 {
3805 /* should not happen really */
3806 return PGRES_POLLING_READING;
3807 }
3808 if (SSLok == 'S')
3809 {
3810 if (conn->Pfdebug)
3811 pqTraceOutputCharResponse(conn, "SSLResponse",
3812 SSLok);
3813 /* mark byte consumed */
3814 conn->inStart = conn->inCursor;
3815 }
3816 else if (SSLok == 'N')
3817 {
3818 if (conn->Pfdebug)
3819 pqTraceOutputCharResponse(conn, "SSLResponse",
3820 SSLok);
3821 /* mark byte consumed */
3822 conn->inStart = conn->inCursor;
3823
3824 /*
3825 * The connection is still valid, so if it's OK to
3826 * continue without SSL, we can proceed using this
3827 * connection. Otherwise return with an error.
3828 */
3829 ENCRYPTION_NEGOTIATION_FAILED(libpq_gettext("server does not support SSL, but SSL was required"));
3830 }
3831 else if (SSLok == 'E')
3832 {
3833 /*
3834 * Server failure of some sort, such as failure to
3835 * fork a backend process. Don't bother retrieving
3836 * the error message; we should not trust it as the
3837 * server has not been authenticated yet.
3838 */
3839 libpq_append_conn_error(conn, "server sent an error response during SSL exchange");
3840 goto error_return;
3841 }
3842 else
3843 {
3844 libpq_append_conn_error(conn, "received invalid response to SSL negotiation: %c",
3845 SSLok);
3846 goto error_return;
3847 }
3848 }
3849
3850 /*
3851 * Begin or continue the SSL negotiation process.
3852 */
3853 pollres = pqsecure_open_client(conn);
3854 if (pollres == PGRES_POLLING_OK)
3855 {
3856 /*
3857 * At this point we should have no data already buffered.
3858 * If we do, it was received before we performed the SSL
3859 * handshake, so it wasn't encrypted and indeed may have
3860 * been injected by a man-in-the-middle.
3861 */
3862 if (conn->inCursor != conn->inEnd)
3863 {
3864 libpq_append_conn_error(conn, "received unencrypted data after SSL response");
3865 goto error_return;
3866 }
3867
3868 /* SSL handshake done, ready to send startup packet */
3869 conn->status = CONNECTION_MADE;
3870 return PGRES_POLLING_WRITING;
3871 }
3872 if (pollres == PGRES_POLLING_FAILED)
3873 {
3874 /*
3875 * SSL handshake failed. We will retry with a plaintext
3876 * connection, if permitted by sslmode.
3877 */
3878 CONNECTION_FAILED();
3879 }
3880 /* Else, return POLLING_READING or POLLING_WRITING status */
3881 return pollres;
3882#else /* !USE_SSL */
3883 /* can't get here */
3884 goto error_return;
3885#endif /* USE_SSL */
3886 }
3887
3888 case CONNECTION_GSS_STARTUP:
3889 {
3890#ifdef ENABLE_GSS
3891 PostgresPollingStatusType pollres;
3892
3893 /*
3894 * If we haven't yet, get the postmaster's response to our
3895 * negotiation packet
3896 */
3897 if (!conn->gctx)
3898 {
3899 char gss_ok;
3900 int rdresult = pqReadData(conn);
3901
3902 if (rdresult < 0)
3903 /* pqReadData fills in error message */
3904 goto error_return;
3905 else if (rdresult == 0)
3906 /* caller failed to wait for data */
3907 return PGRES_POLLING_READING;
3908 if (pqGetc(&gss_ok, conn) < 0)
3909 /* shouldn't happen... */
3910 return PGRES_POLLING_READING;
3911
3912 if (gss_ok == 'E')
3913 {
3914 /*
3915 * Server failure of some sort, possibly protocol
3916 * version support failure. Don't bother retrieving
3917 * the error message; we should not trust it anyway as
3918 * the server has not authenticated yet.
3919 *
3920 * Note that unlike on an error response to
3921 * SSLRequest, we allow falling back to SSL or
3922 * plaintext connection here. GSS support was
3923 * introduced in PostgreSQL version 12, so an error
3924 * response might mean that we are connecting to a
3925 * pre-v12 server.
3926 */
3927 libpq_append_conn_error(conn, "server sent an error response during GSS encryption exchange");
3928 CONNECTION_FAILED();
3929 }
3930
3931 /* mark byte consumed */
3932 conn->inStart = conn->inCursor;
3933
3934 if (gss_ok == 'N')
3935 {
3936 if (conn->Pfdebug)
3937 pqTraceOutputCharResponse(conn, "GSSENCResponse",
3938 gss_ok);
3939
3940 /*
3941 * The connection is still valid, so if it's OK to
3942 * continue without GSS, we can proceed using this
3943 * connection. Otherwise return with an error.
3944 */
3945 ENCRYPTION_NEGOTIATION_FAILED(libpq_gettext("server doesn't support GSSAPI encryption, but it was required"));
3946 }
3947 else if (gss_ok != 'G')
3948 {
3949 libpq_append_conn_error(conn, "received invalid response to GSSAPI negotiation: %c",
3950 gss_ok);
3951 goto error_return;
3952 }
3953
3954 if (conn->Pfdebug)
3955 pqTraceOutputCharResponse(conn, "GSSENCResponse",
3956 gss_ok);
3957 }
3958
3959 /* Begin or continue GSSAPI negotiation */
3960 pollres = pqsecure_open_gss(conn);
3961 if (pollres == PGRES_POLLING_OK)
3962 {
3963 /*
3964 * At this point we should have no data already buffered.
3965 * If we do, it was received before we performed the GSS
3966 * handshake, so it wasn't encrypted and indeed may have
3967 * been injected by a man-in-the-middle.
3968 */
3969 if (conn->inCursor != conn->inEnd)
3970 {
3971 libpq_append_conn_error(conn, "received unencrypted data after GSSAPI encryption response");
3972 goto error_return;
3973 }
3974
3975 /* All set for startup packet */
3976 conn->status = CONNECTION_MADE;
3977 return PGRES_POLLING_WRITING;
3978 }
3979 else if (pollres == PGRES_POLLING_FAILED)
3980 {
3981 /*
3982 * GSS handshake failed. We will retry with an SSL or
3983 * plaintext connection, if permitted by the options.
3984 */
3985 CONNECTION_FAILED();
3986 }
3987 /* Else, return POLLING_READING or POLLING_WRITING status */
3988 return pollres;
3989#else /* !ENABLE_GSS */
3990 /* unreachable */
3991 goto error_return;
3992#endif /* ENABLE_GSS */
3993 }
3994
3995 /*
3996 * Handle authentication exchange: wait for postmaster messages
3997 * and respond as necessary.
3998 */
3999 case CONNECTION_AWAITING_RESPONSE:
4000 {
4001 char beresp;
4002 int msgLength;
4003 int avail;
4004 AuthRequest areq;
4005 int res;
4006 bool async;
4007
4008 /*
4009 * Scan the message from current point (note that if we find
4010 * the message is incomplete, we will return without advancing
4011 * inStart, and resume here next time).
4012 */
4013 conn->inCursor = conn->inStart;
4014
4015 /* Read type byte */
4016 if (pqGetc(&beresp, conn))
4017 {
4018 /* We'll come back when there is more data */
4019 return PGRES_POLLING_READING;
4020 }
4021
4022 /*
4023 * Validate message type: we expect only an authentication
4024 * request, NegotiateProtocolVersion, or an error here.
4025 * Anything else probably means it's not Postgres on the other
4026 * end at all.
4027 */
4028 if (beresp != PqMsg_AuthenticationRequest &&
4029 beresp != PqMsg_ErrorResponse &&
4030 beresp != PqMsg_NegotiateProtocolVersion)
4031 {
4032 libpq_append_conn_error(conn, "expected authentication request from server, but received %c",
4033 beresp);
4034 goto error_return;
4035 }
4036
4037 /* Read message length word */
4038 if (pqGetInt(&msgLength, 4, conn))
4039 {
4040 /* We'll come back when there is more data */
4041 return PGRES_POLLING_READING;
4042 }
4043
4044 /*
4045 * Try to validate message length before using it.
4046 *
4047 * Authentication requests can't be very large, although GSS
4048 * auth requests may not be that small. Same for
4049 * NegotiateProtocolVersion.
4050 *
4051 * Errors can be a little larger, but not huge. If we see a
4052 * large apparent length in an error, it means we're really
4053 * talking to a pre-3.0-protocol server; cope. (Before
4054 * version 14, the server also used the old protocol for
4055 * errors that happened before processing the startup packet.)
4056 */
4057 if (beresp == PqMsg_AuthenticationRequest &&
4058 (msgLength < 8 || msgLength > 2000))
4059 {
4060 libpq_append_conn_error(conn, "received invalid authentication request");
4061 goto error_return;
4062 }
4063 if (beresp == PqMsg_NegotiateProtocolVersion &&
4064 (msgLength < 8 || msgLength > 2000))
4065 {
4066 libpq_append_conn_error(conn, "received invalid protocol negotiation message");
4067 goto error_return;
4068 }
4069
4070#define MAX_ERRLEN 30000
4071 if (beresp == PqMsg_ErrorResponse &&
4072 (msgLength < 8 || msgLength > MAX_ERRLEN))
4073 {
4074 /* Handle error from a pre-3.0 server */
4075 conn->inCursor = conn->inStart + 1; /* reread data */
4076 if (pqGets_append(&conn->errorMessage, conn))
4077 {
4078 /*
4079 * We may not have authenticated the server yet, so
4080 * don't let the buffer grow forever.
4081 */
4082 avail = conn->inEnd - conn->inCursor;
4083 if (avail > MAX_ERRLEN)
4084 {
4085 libpq_append_conn_error(conn, "received invalid error message");
4086 goto error_return;
4087 }
4088
4089 /* We'll come back when there is more data */
4090 return PGRES_POLLING_READING;
4091 }
4092 /* OK, we read the message; mark data consumed */
4093 pqParseDone(conn, conn->inCursor);
4094
4095 /*
4096 * Before 7.2, the postmaster didn't always end its
4097 * messages with a newline, so add one if needed to
4098 * conform to libpq conventions.
4099 */
4100 if (conn->errorMessage.len == 0 ||
4101 conn->errorMessage.data[conn->errorMessage.len - 1] != '\n')
4102 {
4103 appendPQExpBufferChar(&conn->errorMessage, '\n');
4104 }
4105
4106 goto error_return;
4107 }
4108#undef MAX_ERRLEN
4109
4110 /*
4111 * Can't process if message body isn't all here yet.
4112 *
4113 * After this check passes, any further EOF during parsing
4114 * implies that the server sent a bad/truncated message.
4115 * Reading more bytes won't help in that case, so don't return
4116 * PGRES_POLLING_READING after this point.
4117 */
4118 msgLength -= 4;
4119 avail = conn->inEnd - conn->inCursor;
4120 if (avail < msgLength)
4121 {
4122 /*
4123 * Before returning, try to enlarge the input buffer if
4124 * needed to hold the whole message; see notes in
4125 * pqParseInput3.
4126 */
4127 if (pqCheckInBufferSpace(conn->inCursor + (size_t) msgLength,
4128 conn))
4129 goto error_return;
4130 /* We'll come back when there is more data */
4131 return PGRES_POLLING_READING;
4132 }
4133
4134 /* Handle errors. */
4135 if (beresp == PqMsg_ErrorResponse)
4136 {
4137 if (pqGetErrorNotice3(conn, true))
4138 {
4139 libpq_append_conn_error(conn, "received invalid error message");
4140 goto error_return;
4141 }
4142 /* OK, we read the message; mark data consumed */
4143 pqParseDone(conn, conn->inCursor);
4144
4145 /*
4146 * If error is "cannot connect now", try the next host if
4147 * any (but we don't want to consider additional addresses
4148 * for this host, nor is there much point in changing SSL
4149 * or GSS mode). This is helpful when dealing with
4150 * standby servers that might not be in hot-standby state.
4151 */
4152 if (strcmp(conn->last_sqlstate,
4153 ERRCODE_CANNOT_CONNECT_NOW) == 0)
4154 {
4155 conn->try_next_host = true;
4156 goto keep_going;
4157 }
4158
4159 /* Check to see if we should mention pgpassfile */
4160 pgpassfileWarning(conn);
4161
4162 /*
4163 * ...and whether we should mention grease. If the error
4164 * message contains the PG_PROTOCOL_GREASE number (in
4165 * major.minor, decimal, or hex format) or a complaint
4166 * about a protocol violation before we've even started an
4167 * authentication exchange, it's probably caused by a
4168 * grease interaction.
4169 */
4170 if (conn->max_pversion == PG_PROTOCOL_GREASE &&
4171 !conn->auth_req_received)
4172 {
4173 const char *sqlstate = PQresultErrorField(conn->result,
4174 PG_DIAG_SQLSTATE);
4175
4176 if ((sqlstate &&
4177 strcmp(sqlstate, ERRCODE_PROTOCOL_VIOLATION) == 0) ||
4178 (conn->errorMessage.len > 0 &&
4179 (strstr(conn->errorMessage.data, "3.9999") ||
4180 strstr(conn->errorMessage.data, "206607") ||
4181 strstr(conn->errorMessage.data, "3270F") ||
4182 strstr(conn->errorMessage.data, "3270f"))))
4183 {
4184 libpq_append_grease_info(conn);
4185 }
4186 }
4187
4188 CONNECTION_FAILED();
4189 }
4190 /* Handle NegotiateProtocolVersion */
4191 else if (beresp == PqMsg_NegotiateProtocolVersion)
4192 {
4193 if (conn->pversion_negotiated)
4194 {
4195 libpq_append_conn_error(conn, "received duplicate protocol negotiation message");
4196 goto error_return;
4197 }
4198 if (pqGetNegotiateProtocolVersion3(conn))
4199 {
4200 /* pqGetNegotiateProtocolVersion3 set error already */
4201 goto error_return;
4202 }
4203 conn->pversion_negotiated = true;
4204
4205 /* OK, we read the message; mark data consumed */
4206 pqParseDone(conn, conn->inCursor);
4207
4208 goto keep_going;
4209 }
4210
4211 /* It is an authentication request. */
4212 conn->auth_req_received = true;
4213
4214 /* Get the type of request. */
4215 if (pqGetInt((int *) &areq, 4, conn))
4216 {
4217 /* can't happen because we checked the length already */
4218 libpq_append_conn_error(conn, "received invalid authentication request");
4219 goto error_return;
4220 }
4221 msgLength -= 4;
4222
4223 /*
4224 * Process the rest of the authentication request message, and
4225 * respond to it if necessary.
4226 *
4227 * Note that conn->pghost must be non-NULL if we are going to
4228 * avoid the Kerberos code doing a hostname look-up.
4229 */
4230 res = pg_fe_sendauth(areq, msgLength, conn, &async);
4231
4232 if (async && (res == STATUS_OK))
4233 {
4234 /*
4235 * We'll come back later once we're ready to respond.
4236 * Don't consume the request yet.
4237 */
4238 conn->status = CONNECTION_AUTHENTICATING;
4239 goto keep_going;
4240 }
4241
4242 /*
4243 * OK, we have processed the message; mark data consumed. We
4244 * don't call pqParseDone here because we already traced this
4245 * message inside pg_fe_sendauth.
4246 */
4247 conn->inStart = conn->inCursor;
4248
4249 if (res != STATUS_OK)
4250 {
4251 /*
4252 * OAuth connections may perform two-step discovery, where
4253 * the first connection is a dummy.
4254 */
4255 if (conn->sasl == &pg_oauth_mech && conn->oauth_want_retry)
4256 {
4257 need_new_connection = true;
4258 goto keep_going;
4259 }
4260
4261 goto error_return;
4262 }
4263
4264 /*
4265 * Just make sure that any data sent by pg_fe_sendauth is
4266 * flushed out. Although this theoretically could block, it
4267 * really shouldn't since we don't send large auth responses.
4268 */
4269 if (pqFlush(conn))
4270 goto error_return;
4271
4272 if (areq == AUTH_REQ_OK)
4273 {
4274 /* We are done with authentication exchange */
4275 conn->status = CONNECTION_AUTH_OK;
4276
4277 /*
4278 * Set asyncStatus so that PQgetResult will think that
4279 * what comes back next is the result of a query. See
4280 * below.
4281 */
4282 conn->asyncStatus = PGASYNC_BUSY;
4283 }
4284
4285 /* Look to see if we have more data yet. */
4286 goto keep_going;
4287 }
4288
4289 case CONNECTION_AUTHENTICATING:
4290 {
4291 PostgresPollingStatusType status;
4292
4293 if (!conn->async_auth || !conn->cleanup_async_auth)
4294 {
4295 /* programmer error; should not happen */
4296 libpq_append_conn_error(conn,
4297 "internal error: async authentication has no handler");
4298 goto error_return;
4299 }
4300
4301 /* Drive some external authentication work. */
4302 status = conn->async_auth(conn);
4303
4304 if (status == PGRES_POLLING_FAILED)
4305 goto error_return;
4306
4307 if (status == PGRES_POLLING_OK)
4308 {
4309 /* Done. Tear down the async implementation. */
4310 conn->cleanup_async_auth(conn);
4311 conn->cleanup_async_auth = NULL;
4312
4313 /*
4314 * Cleanup must unset altsock, both as an indication that
4315 * it's been released, and to stop pqSocketCheck from
4316 * looking at the wrong socket after async auth is done.
4317 */
4318 if (conn->altsock != PGINVALID_SOCKET)
4319 {
4320 Assert(false);
4321 libpq_append_conn_error(conn,
4322 "internal error: async cleanup did not release polling socket");
4323 goto error_return;
4324 }
4325
4326 /*
4327 * Reenter the authentication exchange with the server. We
4328 * didn't consume the message that started external
4329 * authentication, so it'll be reprocessed as if we just
4330 * received it.
4331 */
4332 conn->status = CONNECTION_AWAITING_RESPONSE;
4333
4334 goto keep_going;
4335 }
4336
4337 /*
4338 * Caller needs to poll some more. conn->async_auth() should
4339 * have assigned an altsock to poll on.
4340 */
4341 if (conn->altsock == PGINVALID_SOCKET)
4342 {
4343 Assert(false);
4344 libpq_append_conn_error(conn,
4345 "internal error: async authentication did not set a socket for polling");
4346 goto error_return;
4347 }
4348
4349 return status;
4350 }
4351
4352 case CONNECTION_AUTH_OK:
4353 {
4354 /*
4355 * Now we expect to hear from the backend. A ReadyForQuery
4356 * message indicates that startup is successful, but we might
4357 * also get an Error message indicating failure. (Notice
4358 * messages indicating nonfatal warnings are also allowed by
4359 * the protocol, as are ParameterStatus and BackendKeyData
4360 * messages.) Easiest way to handle this is to let
4361 * PQgetResult() read the messages. We just have to fake it
4362 * out about the state of the connection, by setting
4363 * asyncStatus = PGASYNC_BUSY (done above).
4364 */
4365
4366 if (PQisBusy(conn))
4367 return PGRES_POLLING_READING;
4368
4369 res = PQgetResult(conn);
4370
4371 /*
4372 * NULL return indicating we have gone to IDLE state is
4373 * expected
4374 */
4375 if (res)
4376 {
4377 if (res->resultStatus != PGRES_FATAL_ERROR)
4378 libpq_append_conn_error(conn, "unexpected message from server during startup");
4379 else if (conn->send_appname &&
4380 (conn->appname || conn->fbappname))
4381 {
4382 /*
4383 * If we tried to send application_name, check to see
4384 * if the error is about that --- pre-9.0 servers will
4385 * reject it at this stage of the process. If so,
4386 * close the connection and retry without sending
4387 * application_name. We could possibly get a false
4388 * SQLSTATE match here and retry uselessly, but there
4389 * seems no great harm in that; we'll just get the
4390 * same error again if it's unrelated.
4391 */
4392 const char *sqlstate;
4393
4394 sqlstate = PQresultErrorField(res, PG_DIAG_SQLSTATE);
4395 if (sqlstate &&
4396 strcmp(sqlstate, ERRCODE_APPNAME_UNKNOWN) == 0)
4397 {
4398 PQclear(res);
4399 conn->send_appname = false;
4400 need_new_connection = true;
4401 goto keep_going;
4402 }
4403 }
4404
4405 /*
4406 * if the resultStatus is FATAL, then conn->errorMessage
4407 * already has a copy of the error; needn't copy it back.
4408 * But add a newline if it's not there already, since
4409 * postmaster error messages may not have one.
4410 */
4411 if (conn->errorMessage.len <= 0 ||
4412 conn->errorMessage.data[conn->errorMessage.len - 1] != '\n')
4413 appendPQExpBufferChar(&conn->errorMessage, '\n');
4414 PQclear(res);
4415 goto error_return;
4416 }
4417
4418 if (conn->max_pversion == PG_PROTOCOL_GREASE &&
4419 conn->pversion == PG_PROTOCOL_GREASE)
4420 {
4421 libpq_append_conn_error(conn, "server incorrectly accepted \"grease\" protocol version 3.9999 without negotiation");
4422 libpq_append_grease_info(conn);
4423 goto error_return;
4424 }
4425
4426 /* Almost there now ... */
4427 conn->status = CONNECTION_CHECK_TARGET;
4428 goto keep_going;
4429 }
4430
4431 case CONNECTION_CHECK_TARGET:
4432 {
4433 /*
4434 * If a read-write, read-only, primary, or standby connection
4435 * is required, see if we have one.
4436 */
4437 if (conn->target_server_type == SERVER_TYPE_READ_WRITE ||
4438 conn->target_server_type == SERVER_TYPE_READ_ONLY)
4439 {
4440 bool read_only_server;
4441
4442 /*
4443 * If the server didn't report
4444 * "default_transaction_read_only" or "in_hot_standby" at
4445 * startup, we must determine its state by sending the
4446 * query "SHOW transaction_read_only". This GUC exists in
4447 * all server versions that support 3.0 protocol.
4448 */
4449 if (conn->default_transaction_read_only == PG_BOOL_UNKNOWN ||
4450 conn->in_hot_standby == PG_BOOL_UNKNOWN)
4451 {
4452 /*
4453 * We use PQsendQueryContinue so that
4454 * conn->errorMessage does not get cleared. We need
4455 * to preserve any error messages related to previous
4456 * hosts we have tried and failed to connect to.
4457 */
4458 conn->status = CONNECTION_OK;
4459 if (!PQsendQueryContinue(conn,
4460 "SHOW transaction_read_only"))
4461 goto error_return;
4462 /* We'll return to this state when we have the answer */
4463 conn->status = CONNECTION_CHECK_WRITABLE;
4464 return PGRES_POLLING_READING;
4465 }
4466
4467 /* OK, we can make the test */
4468 read_only_server =
4469 (conn->default_transaction_read_only == PG_BOOL_YES ||
4470 conn->in_hot_standby == PG_BOOL_YES);
4471
4472 if ((conn->target_server_type == SERVER_TYPE_READ_WRITE) ?
4473 read_only_server : !read_only_server)
4474 {
4475 /* Wrong server state, reject and try the next host */
4476 if (conn->target_server_type == SERVER_TYPE_READ_WRITE)
4477 libpq_append_conn_error(conn, "session is read-only");
4478 else
4479 libpq_append_conn_error(conn, "session is not read-only");
4480
4481 /* Close connection politely. */
4482 conn->status = CONNECTION_OK;
4483 sendTerminateConn(conn);
4484
4485 /*
4486 * Try next host if any, but we don't want to consider
4487 * additional addresses for this host.
4488 */
4489 conn->try_next_host = true;
4490 goto keep_going;
4491 }
4492 }
4493 else if (conn->target_server_type == SERVER_TYPE_PRIMARY ||
4494 conn->target_server_type == SERVER_TYPE_STANDBY ||
4495 conn->target_server_type == SERVER_TYPE_PREFER_STANDBY)
4496 {
4497 /*
4498 * If the server didn't report "in_hot_standby" at
4499 * startup, we must determine its state by sending the
4500 * query "SELECT pg_catalog.pg_is_in_recovery()". Servers
4501 * before 9.0 don't have that function, but by the same
4502 * token they don't have any standby mode, so we may just
4503 * assume the result.
4504 */
4505 if (conn->sversion < 90000)
4506 conn->in_hot_standby = PG_BOOL_NO;
4507
4508 if (conn->in_hot_standby == PG_BOOL_UNKNOWN)
4509 {
4510 /*
4511 * We use PQsendQueryContinue so that
4512 * conn->errorMessage does not get cleared. We need
4513 * to preserve any error messages related to previous
4514 * hosts we have tried and failed to connect to.
4515 */
4516 conn->status = CONNECTION_OK;
4517 if (!PQsendQueryContinue(conn,
4518 "SELECT pg_catalog.pg_is_in_recovery()"))
4519 goto error_return;
4520 /* We'll return to this state when we have the answer */
4521 conn->status = CONNECTION_CHECK_STANDBY;
4522 return PGRES_POLLING_READING;
4523 }
4524
4525 /* OK, we can make the test */
4526 if ((conn->target_server_type == SERVER_TYPE_PRIMARY) ?
4527 (conn->in_hot_standby == PG_BOOL_YES) :
4528 (conn->in_hot_standby == PG_BOOL_NO))
4529 {
4530 /* Wrong server state, reject and try the next host */
4531 if (conn->target_server_type == SERVER_TYPE_PRIMARY)
4532 libpq_append_conn_error(conn, "server is in hot standby mode");
4533 else
4534 libpq_append_conn_error(conn, "server is not in hot standby mode");
4535
4536 /* Close connection politely. */
4537 conn->status = CONNECTION_OK;
4538 sendTerminateConn(conn);
4539
4540 /*
4541 * Try next host if any, but we don't want to consider
4542 * additional addresses for this host.
4543 */
4544 conn->try_next_host = true;
4545 goto keep_going;
4546 }
4547 }
4548
4549 /* Don't hold onto any OAuth tokens longer than necessary. */
4550 pqClearOAuthToken(conn);
4551
4552 /*
4553 * For non cancel requests we can release the address list
4554 * now. For cancel requests we never actually resolve
4555 * addresses and instead the addrinfo exists for the lifetime
4556 * of the connection.
4557 */
4558 if (!conn->cancelRequest)
4559 release_conn_addrinfo(conn);
4560
4561 /*
4562 * Contents of conn->errorMessage are no longer interesting
4563 * (and it seems some clients expect it to be empty after a
4564 * successful connection).
4565 */
4566 pqClearConnErrorState(conn);
4567
4568 /* We are open for business! */
4569 conn->status = CONNECTION_OK;
4570 return PGRES_POLLING_OK;
4571 }
4572
4573 case CONNECTION_CONSUME:
4574 {
4575 /*
4576 * This state just makes sure the connection is idle after
4577 * we've obtained the result of a SHOW or SELECT query. Once
4578 * we're clear, return to CONNECTION_CHECK_TARGET state to
4579 * decide what to do next. We must transiently set status =
4580 * CONNECTION_OK in order to use the result-consuming
4581 * subroutines.
4582 */
4583 conn->status = CONNECTION_OK;
4584 if (!PQconsumeInput(conn))
4585 goto error_return;
4586
4587 if (PQisBusy(conn))
4588 {
4589 conn->status = CONNECTION_CONSUME;
4590 return PGRES_POLLING_READING;
4591 }
4592
4593 /* Call PQgetResult() again until we get a NULL result */
4594 res = PQgetResult(conn);
4595 if (res != NULL)
4596 {
4597 PQclear(res);
4598 conn->status = CONNECTION_CONSUME;
4599 return PGRES_POLLING_READING;
4600 }
4601
4602 conn->status = CONNECTION_CHECK_TARGET;
4603 goto keep_going;
4604 }
4605
4606 case CONNECTION_CHECK_WRITABLE:
4607 {
4608 /*
4609 * Waiting for result of "SHOW transaction_read_only". We
4610 * must transiently set status = CONNECTION_OK in order to use
4611 * the result-consuming subroutines.
4612 */
4613 conn->status = CONNECTION_OK;
4614 if (!PQconsumeInput(conn))
4615 goto error_return;
4616
4617 if (PQisBusy(conn))
4618 {
4619 conn->status = CONNECTION_CHECK_WRITABLE;
4620 return PGRES_POLLING_READING;
4621 }
4622
4623 res = PQgetResult(conn);
4624 if (res && PQresultStatus(res) == PGRES_TUPLES_OK &&
4625 PQntuples(res) == 1)
4626 {
4627 char *val = PQgetvalue(res, 0, 0);
4628
4629 /*
4630 * "transaction_read_only = on" proves that at least one
4631 * of default_transaction_read_only and in_hot_standby is
4632 * on, but we don't actually know which. We don't care
4633 * though for the purpose of identifying a read-only
4634 * session, so satisfy the CONNECTION_CHECK_TARGET code by
4635 * claiming they are both on. On the other hand, if it's
4636 * a read-write session, they are certainly both off.
4637 */
4638 if (strncmp(val, "on", 2) == 0)
4639 {
4640 conn->default_transaction_read_only = PG_BOOL_YES;
4641 conn->in_hot_standby = PG_BOOL_YES;
4642 }
4643 else
4644 {
4645 conn->default_transaction_read_only = PG_BOOL_NO;
4646 conn->in_hot_standby = PG_BOOL_NO;
4647 }
4648 PQclear(res);
4649
4650 /* Finish reading messages before continuing */
4651 conn->status = CONNECTION_CONSUME;
4652 goto keep_going;
4653 }
4654
4655 /* Something went wrong with "SHOW transaction_read_only". */
4656 PQclear(res);
4657
4658 /* Append error report to conn->errorMessage. */
4659 libpq_append_conn_error(conn, "\"%s\" failed",
4660 "SHOW transaction_read_only");
4661
4662 /* Close connection politely. */
4663 conn->status = CONNECTION_OK;
4664 sendTerminateConn(conn);
4665
4666 /* Try next host. */
4667 conn->try_next_host = true;
4668 goto keep_going;
4669 }
4670
4671 case CONNECTION_CHECK_STANDBY:
4672 {
4673 /*
4674 * Waiting for result of "SELECT pg_is_in_recovery()". We
4675 * must transiently set status = CONNECTION_OK in order to use
4676 * the result-consuming subroutines.
4677 */
4678 conn->status = CONNECTION_OK;
4679 if (!PQconsumeInput(conn))
4680 goto error_return;
4681
4682 if (PQisBusy(conn))
4683 {
4684 conn->status = CONNECTION_CHECK_STANDBY;
4685 return PGRES_POLLING_READING;
4686 }
4687
4688 res = PQgetResult(conn);
4689 if (res && PQresultStatus(res) == PGRES_TUPLES_OK &&
4690 PQntuples(res) == 1)
4691 {
4692 char *val = PQgetvalue(res, 0, 0);
4693
4694 if (strncmp(val, "t", 1) == 0)
4695 conn->in_hot_standby = PG_BOOL_YES;
4696 else
4697 conn->in_hot_standby = PG_BOOL_NO;
4698 PQclear(res);
4699
4700 /* Finish reading messages before continuing */
4701 conn->status = CONNECTION_CONSUME;
4702 goto keep_going;
4703 }
4704
4705 /* Something went wrong with "SELECT pg_is_in_recovery()". */
4706 PQclear(res);
4707
4708 /* Append error report to conn->errorMessage. */
4709 libpq_append_conn_error(conn, "\"%s\" failed",
4710 "SELECT pg_is_in_recovery()");
4711
4712 /* Close connection politely. */
4713 conn->status = CONNECTION_OK;
4714 sendTerminateConn(conn);
4715
4716 /* Try next host. */
4717 conn->try_next_host = true;
4718 goto keep_going;
4719 }
4720
4721 default:
4722 libpq_append_conn_error(conn,
4723 "invalid connection state %d, probably indicative of memory corruption",
4724 conn->status);
4725 goto error_return;
4726 }
4727
4728 /* Unreachable */
4729
4730error_return:
4731
4732 /*
4733 * We used to close the socket at this point, but that makes it awkward
4734 * for those above us if they wish to remove this socket from their own
4735 * records (an fd_set for example). We'll just have this socket closed
4736 * when PQfinish is called (which is compulsory even after an error, since
4737 * the connection structure must be freed).
4738 */
4739 conn->status = CONNECTION_BAD;
4740 return PGRES_POLLING_FAILED;
4741}
4742
4743/*
4744 * Initialize the state machine for negotiating encryption
4745 */
4746static bool
4747init_allowed_encryption_methods(PGconn *conn)
4748{
4749 if (conn->raddr.addr.ss_family == AF_UNIX)
4750 {
4751 /* Don't request SSL or GSSAPI over Unix sockets */
4752 conn->allowed_enc_methods &= ~(ENC_SSL | ENC_GSSAPI);
4753
4754 /*
4755 * XXX: we probably should not do this. sslmode=require works
4756 * differently
4757 */
4758 if (conn->gssencmode[0] == 'r')
4759 {
4760 libpq_append_conn_error(conn,
4761 "GSSAPI encryption required but it is not supported over a local socket");
4762 conn->allowed_enc_methods = 0;
4763 conn->current_enc_method = ENC_ERROR;
4764 return false;
4765 }
4766
4767 conn->allowed_enc_methods = ENC_PLAINTEXT;
4768 conn->current_enc_method = ENC_PLAINTEXT;
4769 return true;
4770 }
4771
4772 /* initialize based on sslmode and gssencmode */
4773 conn->allowed_enc_methods = 0;
4774
4775#ifdef USE_SSL
4776 /* sslmode anything but 'disable', and GSSAPI not required */
4777 if (conn->sslmode[0] != 'd' && conn->gssencmode[0] != 'r')
4778 {
4779 conn->allowed_enc_methods |= ENC_SSL;
4780 }
4781#endif
4782
4783#ifdef ENABLE_GSS
4784 if (conn->gssencmode[0] != 'd')
4785 conn->allowed_enc_methods |= ENC_GSSAPI;
4786#endif
4787
4788 if ((conn->sslmode[0] == 'd' || conn->sslmode[0] == 'p' || conn->sslmode[0] == 'a') &&
4789 (conn->gssencmode[0] == 'd' || conn->gssencmode[0] == 'p'))
4790 {
4791 conn->allowed_enc_methods |= ENC_PLAINTEXT;
4792 }
4793
4794 return select_next_encryption_method(conn, false);
4795}
4796
4797/*
4798 * Out-of-line portion of the ENCRYPTION_NEGOTIATION_FAILED() macro in the
4799 * PQconnectPoll state machine.
4800 *
4801 * Return value:
4802 * 0: connection failed and we are out of encryption methods to try. return an error
4803 * 1: Retry with next connection method. The TCP connection is still valid and in
4804 * known state, so we can proceed with the negotiating next method without
4805 * reconnecting.
4806 * 2: Disconnect, and retry with next connection method.
4807 *
4808 * conn->current_enc_method is updated to the next method to try.
4809 */
4810#if defined(USE_SSL) || defined(ENABLE_GSS)
4811static int
4812encryption_negotiation_failed(PGconn *conn)
4813{
4814 Assert((conn->failed_enc_methods & conn->current_enc_method) == 0);
4815 conn->failed_enc_methods |= conn->current_enc_method;
4816
4817 if (select_next_encryption_method(conn, true))
4818 {
4819 /* An existing connection cannot be reused for direct SSL */
4820 if (conn->current_enc_method == ENC_SSL && conn->sslnegotiation[0] == 'd')
4821 return 2;
4822 else
4823 return 1;
4824 }
4825 else
4826 return 0;
4827}
4828#endif
4829
4830/*
4831 * Out-of-line portion of the CONNECTION_FAILED() macro
4832 *
4833 * Returns true, if we should reconnect and retry with a different encryption
4834 * method. conn->current_enc_method is updated to the next method to try.
4835 */
4836static bool
4844
4845/*
4846 * Choose the next encryption method to try. If this is a retry,
4847 * conn->failed_enc_methods has already been updated. The function sets
4848 * conn->current_enc_method to the next method to try. Returns false if no
4849 * encryption methods remain.
4850 */
4851static bool
4852select_next_encryption_method(PGconn *conn, bool have_valid_connection)
4853{
4854 int remaining_methods;
4855
4856#define SELECT_NEXT_METHOD(method) \
4857 do { \
4858 if ((remaining_methods & method) != 0) \
4859 { \
4860 conn->current_enc_method = method; \
4861 return true; \
4862 } \
4863 } while (false)
4864
4865 remaining_methods = conn->allowed_enc_methods & ~conn->failed_enc_methods;
4866
4867 /*
4868 * Try GSSAPI before SSL
4869 */
4870#ifdef ENABLE_GSS
4871 if ((remaining_methods & ENC_GSSAPI) != 0)
4872 {
4873 /*
4874 * If GSSAPI encryption is enabled, then call pg_GSS_have_cred_cache()
4875 * which will return true if we can acquire credentials (and give us a
4876 * handle to use in conn->gcred), and then send a packet to the server
4877 * asking for GSSAPI Encryption (and skip past SSL negotiation and
4878 * regular startup below).
4879 */
4880 if (!conn->gctx)
4881 {
4882 if (!pg_GSS_have_cred_cache(&conn->gcred))
4883 {
4884 conn->allowed_enc_methods &= ~ENC_GSSAPI;
4885 remaining_methods &= ~ENC_GSSAPI;
4886
4887 if (conn->gssencmode[0] == 'r')
4888 {
4889 libpq_append_conn_error(conn,
4890 "GSSAPI encryption required but no credential cache");
4891 }
4892 }
4893 }
4894 }
4895
4896 SELECT_NEXT_METHOD(ENC_GSSAPI);
4897#endif
4898
4899 /*
4900 * The order between SSL encryption and plaintext depends on sslmode. With
4901 * sslmode=allow, try plaintext connection before SSL. With
4902 * sslmode=prefer, it's the other way round. With other modes, we only try
4903 * plaintext or SSL connections so the order they're listed here doesn't
4904 * matter.
4905 */
4906 if (conn->sslmode[0] == 'a')
4907 SELECT_NEXT_METHOD(ENC_PLAINTEXT);
4908
4909 SELECT_NEXT_METHOD(ENC_SSL);
4910
4911 if (conn->sslmode[0] != 'a')
4912 SELECT_NEXT_METHOD(ENC_PLAINTEXT);
4913
4914 /* No more options */
4915 conn->current_enc_method = ENC_ERROR;
4916 return false;
4917#undef SELECT_NEXT_METHOD
4918}
4919
4920/*
4921 * internal_ping
4922 * Determine if a server is running and if we can connect to it.
4923 *
4924 * The argument is a connection that's been started, but not completed.
4925 */
4926static PGPing
4927internal_ping(PGconn *conn)
4928{
4929 /* Say "no attempt" if we never got to PQconnectPoll */
4930 if (!conn || !conn->options_valid)
4931 return PQPING_NO_ATTEMPT;
4932
4933 /* Attempt to complete the connection */
4934 if (conn->status != CONNECTION_BAD)
4935 (void) pqConnectDBComplete(conn);
4936
4937 /* Definitely OK if we succeeded */
4938 if (conn->status != CONNECTION_BAD)
4939 return PQPING_OK;
4940
4941 /*
4942 * Here begins the interesting part of "ping": determine the cause of the
4943 * failure in sufficient detail to decide what to return. We do not want
4944 * to report that the server is not up just because we didn't have a valid
4945 * password, for example. In fact, any sort of authentication request
4946 * implies the server is up. (We need this check since the libpq side of
4947 * things might have pulled the plug on the connection before getting an
4948 * error as such from the postmaster.)
4949 */
4950 if (conn->auth_req_received)
4951 return PQPING_OK;
4952
4953 /*
4954 * If we failed to get any ERROR response from the postmaster, report
4955 * PQPING_NO_RESPONSE. This result could be somewhat misleading for a
4956 * pre-7.4 server, since it won't send back a SQLSTATE, but those are long
4957 * out of support. Another corner case where the server could return a
4958 * failure without a SQLSTATE is fork failure, but PQPING_NO_RESPONSE
4959 * isn't totally unreasonable for that anyway. We expect that every other
4960 * failure case in a modern server will produce a report with a SQLSTATE.
4961 *
4962 * NOTE: whenever we get around to making libpq generate SQLSTATEs for
4963 * client-side errors, we should either not store those into
4964 * last_sqlstate, or add an extra flag so we can tell client-side errors
4965 * apart from server-side ones.
4966 */
4967 if (strlen(conn->last_sqlstate) != 5)
4968 return PQPING_NO_RESPONSE;
4969
4970 /*
4971 * Report PQPING_REJECT if server says it's not accepting connections.
4972 */
4973 if (strcmp(conn->last_sqlstate, ERRCODE_CANNOT_CONNECT_NOW) == 0)
4974 return PQPING_REJECT;
4975
4976 /*
4977 * Any other SQLSTATE can be taken to indicate that the server is up.
4978 * Presumably it didn't like our username, password, or database name; or
4979 * perhaps it had some transient failure, but that should not be taken as
4980 * meaning "it's down".
4981 */
4982 return PQPING_OK;
4983}
4984
4985
4986/*
4987 * pqMakeEmptyPGconn
4988 * - create a PGconn data structure with (as yet) no interesting data
4989 */
4990PGconn *
4991pqMakeEmptyPGconn(void)
4992{
4993 PGconn *conn;
4994
4995#ifdef WIN32
4996
4997 /*
4998 * Make sure socket support is up and running in this process.
4999 *
5000 * Note: the Windows documentation says that we should eventually do a
5001 * matching WSACleanup() call, but experience suggests that that is at
5002 * least as likely to cause problems as fix them. So we don't.
5003 */
5004 static bool wsastartup_done = false;
5005
5006 if (!wsastartup_done)
5007 {
5008 WSADATA wsaData;
5009
5010 if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0)
5011 return NULL;
5012 wsastartup_done = true;
5013 }
5014
5015 /* Forget any earlier error */
5016 WSASetLastError(0);
5017#endif /* WIN32 */
5018
5019 conn = (PGconn *) malloc(sizeof(PGconn));
5020 if (conn == NULL)
5021 return conn;
5022
5023 /* Zero all pointers and booleans */
5024 MemSet(conn, 0, sizeof(PGconn));
5025
5026 /* install default notice hooks */
5027 conn->noticeHooks.noticeRec = defaultNoticeReceiver;
5028 conn->noticeHooks.noticeProc = defaultNoticeProcessor;
5029
5030 conn->status = CONNECTION_BAD;
5031 conn->asyncStatus = PGASYNC_IDLE;
5032 conn->pipelineStatus = PQ_PIPELINE_OFF;
5033 conn->xactStatus = PQTRANS_IDLE;
5034 conn->options_valid = false;
5035 conn->nonblocking = false;
5036 conn->client_encoding = PG_SQL_ASCII;
5037 conn->std_strings = false; /* unless server says differently */
5038 conn->default_transaction_read_only = PG_BOOL_UNKNOWN;
5039 conn->in_hot_standby = PG_BOOL_UNKNOWN;
5040 conn->scram_sha_256_iterations = SCRAM_SHA_256_DEFAULT_ITERATIONS;
5041 conn->verbosity = PQERRORS_DEFAULT;
5042 conn->show_context = PQSHOW_CONTEXT_ERRORS;
5043 conn->sock = PGINVALID_SOCKET;
5044 conn->altsock = PGINVALID_SOCKET;
5045 conn->Pfdebug = NULL;
5046
5047 /*
5048 * We try to send at least 8K at a time, which is the usual size of pipe
5049 * buffers on Unix systems. That way, when we are sending a large amount
5050 * of data, we avoid incurring extra kernel context swaps for partial
5051 * bufferloads. The output buffer is initially made 16K in size, and we
5052 * try to dump it after accumulating 8K.
5053 *
5054 * With the same goal of minimizing context swaps, the input buffer will
5055 * be enlarged anytime it has less than 8K free, so we initially allocate
5056 * twice that.
5057 */
5058 conn->inBufSize = 16 * 1024;
5059 conn->inBuffer = (char *) malloc(conn->inBufSize);
5060 conn->outBufSize = 16 * 1024;
5061 conn->outBuffer = (char *) malloc(conn->outBufSize);
5062 conn->rowBufLen = 32;
5063 conn->rowBuf = (PGdataValue *) malloc(conn->rowBufLen * sizeof(PGdataValue));
5064 initPQExpBuffer(&conn->errorMessage);
5065 initPQExpBuffer(&conn->workBuffer);
5066
5067 if (conn->inBuffer == NULL ||
5068 conn->outBuffer == NULL ||
5069 conn->rowBuf == NULL ||
5070 PQExpBufferBroken(&conn->errorMessage) ||
5071 PQExpBufferBroken(&conn->workBuffer))
5072 {
5073 /* out of memory already :-( */
5074 freePGconn(conn);
5075 conn = NULL;
5076 }
5077
5078 return conn;
5079}
5080
5081/*
5082 * freePGconn
5083 * - free an idle (closed) PGconn data structure
5084 *
5085 * NOTE: this should not overlap any functionality with pqClosePGconn().
5086 * Clearing/resetting of transient state belongs there; what we do here is
5087 * release data that is to be held for the life of the PGconn structure.
5088 * If a value ought to be cleared/freed during PQreset(), do it there not here.
5089 */
5090static void
5091freePGconn(PGconn *conn)
5092{
5093 /* let any event procs clean up their state data */
5094 for (int i = 0; i < conn->nEvents; i++)
5095 {
5096 PGEventConnDestroy evt;
5097
5098 evt.conn = conn;
5099 (void) conn->events[i].proc(PGEVT_CONNDESTROY, &evt,
5100 conn->events[i].passThrough);
5101 free(conn->events[i].name);
5102 }
5103
5104 /* free everything not freed in pqClosePGconn */
5105 free(conn->pghost);
5106 free(conn->pghostaddr);
5107 free(conn->pgport);
5108 free(conn->connect_timeout);
5109 free(conn->pgtcp_user_timeout);
5110 free(conn->client_encoding_initial);
5111 free(conn->pgoptions);
5112 free(conn->appname);
5113 free(conn->fbappname);
5114 free(conn->dbName);
5115 free(conn->replication);
5116 free(conn->pgservice);
5117 free(conn->pgservicefile);
5118 free(conn->pguser);
5119 if (conn->pgpass)
5120 {
5121 explicit_bzero(conn->pgpass, strlen(conn->pgpass));
5122 free(conn->pgpass);
5123 }
5124 free(conn->pgpassfile);
5125 free(conn->channel_binding);
5126 free(conn->keepalives);
5127 free(conn->keepalives_idle);
5128 free(conn->keepalives_interval);
5129 free(conn->keepalives_count);
5130 free(conn->sslmode);
5131 free(conn->sslnegotiation);
5132 free(conn->sslcompression);
5133 free(conn->sslkey);
5134 free(conn->sslcert);
5135 if (conn->sslpassword)
5136 {
5137 explicit_bzero(conn->sslpassword, strlen(conn->sslpassword));
5138 free(conn->sslpassword);
5139 }
5140 free(conn->sslcertmode);
5141 free(conn->sslrootcert);
5142 free(conn->sslcrl);
5143 free(conn->sslcrldir);
5144 free(conn->sslsni);
5145 free(conn->requirepeer);
5146 free(conn->gssencmode);
5147 free(conn->krbsrvname);
5148 free(conn->gsslib);
5149 free(conn->gssdelegation);
5150 free(conn->min_protocol_version);
5151 free(conn->max_protocol_version);
5152 free(conn->ssl_min_protocol_version);
5153 free(conn->ssl_max_protocol_version);
5154 free(conn->target_session_attrs);
5155 free(conn->require_auth);
5156 free(conn->load_balance_hosts);
5157 free(conn->scram_client_key);
5158 free(conn->scram_server_key);
5159 free(conn->sslkeylogfile);
5160 free(conn->oauth_issuer);
5161 free(conn->oauth_issuer_id);
5162 free(conn->oauth_discovery_uri);
5163 free(conn->oauth_client_id);
5164 free(conn->oauth_client_secret);
5165 free(conn->oauth_ca_file);
5166 free(conn->oauth_scope);
5167 /* Note that conn->Pfdebug is not ours to close or free */
5168 free(conn->events);
5169 pqReleaseConnHosts(conn);
5170 free(conn->connip);
5171 release_conn_addrinfo(conn);
5172 free(conn->scram_client_key_binary);
5173 free(conn->scram_server_key_binary);
5174 /* if this is a cancel connection, be_cancel_key may still be allocated */
5175 free(conn->be_cancel_key);
5176 free(conn->inBuffer);
5177 free(conn->outBuffer);
5178 free(conn->rowBuf);
5179 termPQExpBuffer(&conn->errorMessage);
5180 termPQExpBuffer(&conn->workBuffer);
5181
5182 free(conn);
5183}
5184
5185/*
5186 * pqReleaseConnHosts
5187 * - Free the host list in the PGconn.
5188 */
5189void
5190pqReleaseConnHosts(PGconn *conn)
5191{
5192 if (conn->connhost)
5193 {
5194 for (int i = 0; i < conn->nconnhost; ++i)
5195 {
5196 free(conn->connhost[i].host);
5197 free(conn->connhost[i].hostaddr);
5198 free(conn->connhost[i].port);
5199 if (conn->connhost[i].password != NULL)
5200 {
5201 explicit_bzero(conn->connhost[i].password,
5202 strlen(conn->connhost[i].password));
5203 free(conn->connhost[i].password);
5204 }
5205 }
5206 free(conn->connhost);
5207 conn->connhost = NULL;
5208 }
5209}
5210
5211/*
5212 * store_conn_addrinfo
5213 * - copy addrinfo to PGconn object
5214 *
5215 * Copies the addrinfos from addrlist to the PGconn object such that the
5216 * addrinfos can be manipulated by libpq. Returns a positive integer on
5217 * failure, otherwise zero.
5218 */
5219static int
5220store_conn_addrinfo(PGconn *conn, struct addrinfo *addrlist)
5221{
5222 struct addrinfo *ai = addrlist;
5223
5224 conn->whichaddr = 0;
5225
5226 conn->naddr = 0;
5227 while (ai)
5228 {
5229 ai = ai->ai_next;
5230 conn->naddr++;
5231 }
5232
5233 conn->addr = calloc(conn->naddr, sizeof(AddrInfo));
5234 if (conn->addr == NULL)
5235 {
5236 libpq_append_conn_error(conn, "out of memory");
5237 return 1;
5238 }
5239
5240 ai = addrlist;
5241 for (int i = 0; i < conn->naddr; i++)
5242 {
5243 conn->addr[i].family = ai->ai_family;
5244
5245 memcpy(&conn->addr[i].addr.addr, ai->ai_addr,
5246 ai->ai_addrlen);
5247 conn->addr[i].addr.salen = ai->ai_addrlen;
5248 ai = ai->ai_next;
5249 }
5250
5251 return 0;
5252}
5253
5254/*
5255 * release_conn_addrinfo
5256 * - Free any addrinfo list in the PGconn.
5257 */
5258static void
5259release_conn_addrinfo(PGconn *conn)
5260{
5261 if (conn->addr)
5262 {
5263 free(conn->addr);
5264 conn->addr = NULL;
5265 }
5266}
5267
5268/*
5269 * sendTerminateConn
5270 * - Send a terminate message to backend.
5271 */
5272static void
5273sendTerminateConn(PGconn *conn)
5274{
5275 /*
5276 * The Postgres cancellation protocol does not have a notion of a
5277 * Terminate message, so don't send one.
5278 */
5279 if (conn->cancelRequest)
5280 return;
5281
5282 /*
5283 * Note that the protocol doesn't allow us to send Terminate messages
5284 * during the startup phase.
5285 */
5286 if (conn->sock != PGINVALID_SOCKET && conn->status == CONNECTION_OK)
5287 {
5288 /*
5289 * Try to send "close connection" message to backend. Ignore any
5290 * error.
5291 */
5292 pqPutMsgStart(PqMsg_Terminate, conn);
5293 pqPutMsgEnd(conn);
5294 (void) pqFlush(conn);
5295 }
5296}
5297
5298/*
5299 * pqClosePGconn
5300 * - properly close a connection to the backend
5301 *
5302 * This should reset or release all transient state, but NOT the connection
5303 * parameters. On exit, the PGconn should be in condition to start a fresh
5304 * connection with the same parameters (see PQreset()).
5305 */
5306void
5307pqClosePGconn(PGconn *conn)
5308{
5309 /*
5310 * If possible, send Terminate message to close the connection politely.
5311 */
5312 sendTerminateConn(conn);
5313
5314 /*
5315 * Must reset the blocking status so a possible reconnect will work.
5316 *
5317 * Don't call PQsetnonblocking() because it will fail if it's unable to
5318 * flush the connection.
5319 */
5320 conn->nonblocking = false;
5321
5322 /*
5323 * Close the connection, reset all transient state, flush I/O buffers.
5324 * Note that this includes clearing conn's error state; we're no longer
5325 * interested in any failures associated with the old connection, and we
5326 * want a clean slate for any new connection attempt.
5327 */
5328 pqDropConnection(conn, true);
5329 conn->status = CONNECTION_BAD; /* Well, not really _bad_ - just absent */
5330 conn->asyncStatus = PGASYNC_IDLE;
5331 conn->xactStatus = PQTRANS_IDLE;
5332 conn->pipelineStatus = PQ_PIPELINE_OFF;
5333 pqClearOAuthToken(conn);
5334 pqClearAsyncResult(conn); /* deallocate result */
5335 pqClearConnErrorState(conn);
5336
5337 /*
5338 * Release addrinfo, but since cancel requests never change their addrinfo
5339 * we don't do that. Otherwise we would have to rebuild it during a
5340 * PQcancelReset.
5341 */
5342 if (!conn->cancelRequest)
5343 release_conn_addrinfo(conn);
5344
5345 /* Reset all state obtained from server, too */
5346 pqDropServerData(conn);
5347}
5348
5349/*
5350 * PQfinish: properly close a connection to the backend. Also frees
5351 * the PGconn data structure so it shouldn't be re-used after this.
5352 */
5353void
5354PQfinish(PGconn *conn)
5355{
5356 if (conn)
5357 {
5358 pqClosePGconn(conn);
5359 freePGconn(conn);
5360 }
5361}
5362
5363/*
5364 * PQreset: resets the connection to the backend by closing the
5365 * existing connection and creating a new one.
5366 */
5367void
5368PQreset(PGconn *conn)
5369{
5370 if (conn)
5371 {
5372 pqClosePGconn(conn);
5373
5374 if (pqConnectDBStart(conn) && pqConnectDBComplete(conn))
5375 {
5376 /*
5377 * Notify event procs of successful reset.
5378 */
5379 int i;
5380
5381 for (i = 0; i < conn->nEvents; i++)
5382 {
5383 PGEventConnReset evt;
5384
5385 evt.conn = conn;
5386 (void) conn->events[i].proc(PGEVT_CONNRESET, &evt,
5387 conn->events[i].passThrough);
5388 }
5389 }
5390 }
5391}
5392
5393
5394/*
5395 * PQresetStart:
5396 * resets the connection to the backend
5397 * closes the existing connection and makes a new one
5398 * Returns 1 on success, 0 on failure.
5399 */
5400int
5401PQresetStart(PGconn *conn)
5402{
5403 if (conn)
5404 {
5405 pqClosePGconn(conn);
5406
5407 return pqConnectDBStart(conn);
5408 }
5409
5410 return 0;
5411}
5412
5413
5414/*
5415 * PQresetPoll:
5416 * resets the connection to the backend
5417 * closes the existing connection and makes a new one
5418 */
5419PostgresPollingStatusType
5420PQresetPoll(PGconn *conn)
5421{
5422 if (conn)
5423 {
5424 PostgresPollingStatusType status = PQconnectPoll(conn);
5425
5426 if (status == PGRES_POLLING_OK)
5427 {
5428 /*
5429 * Notify event procs of successful reset.
5430 */
5431 int i;
5432
5433 for (i = 0; i < conn->nEvents; i++)
5434 {
5435 PGEventConnReset evt;
5436
5437 evt.conn = conn;
5438 (void) conn->events[i].proc(PGEVT_CONNRESET, &evt,
5439 conn->events[i].passThrough);
5440 }
5441 }
5442
5443 return status;
5444 }
5445
5446 return PGRES_POLLING_FAILED;
5447}
5448
5449/*
5450 * pqPacketSend() -- convenience routine to send a message to server.
5451 *
5452 * pack_type: the single-byte message type code. (Pass zero for startup
5453 * packets, which have no message type code.)
5454 *
5455 * buf, buf_len: contents of message. The given length includes only what
5456 * is in buf; the message type and message length fields are added here.
5457 *
5458 * RETURNS: STATUS_ERROR if the write fails, STATUS_OK otherwise.
5459 * SIDE_EFFECTS: may block.
5460 */
5461int
5462pqPacketSend(PGconn *conn, char pack_type,
5463 const void *buf, size_t buf_len)
5464{
5465 /* Start the message. */
5466 if (pqPutMsgStart(pack_type, conn))
5467 return STATUS_ERROR;
5468
5469 /* Send the message body. */
5470 if (pqPutnchar(buf, buf_len, conn))
5471 return STATUS_ERROR;
5472
5473 /* Finish the message. */
5474 if (pqPutMsgEnd(conn))
5475 return STATUS_ERROR;
5476
5477 /* Flush to ensure backend gets it. */
5478 if (pqFlush(conn))
5479 return STATUS_ERROR;
5480
5481 return STATUS_OK;
5482}
5483
5484#ifdef USE_LDAP
5485
5486#define LDAP_URL "ldap://"
5487#define LDAP_DEF_PORT 389
5488#define PGLDAP_TIMEOUT 2
5489
5490#define ld_is_sp_tab(x) ((x) == ' ' || (x) == '\t')
5491#define ld_is_nl_cr(x) ((x) == '\r' || (x) == '\n')
5492
5493
5494/*
5495 * ldapServiceLookup
5496 *
5497 * Search the LDAP URL passed as first argument, treat the result as a
5498 * string of connection options that are parsed and added to the array of
5499 * options passed as second argument.
5500 *
5501 * LDAP URLs must conform to RFC 1959 without escape sequences.
5502 * ldap://host:port/dn?attributes?scope?filter?extensions
5503 *
5504 * Returns
5505 * 0 if the lookup was successful,
5506 * 1 if the connection to the LDAP server could be established but
5507 * the search was unsuccessful,
5508 * 2 if a connection could not be established, and
5509 * 3 if a fatal error occurred.
5510 *
5511 * An error message is appended to *errorMessage for return codes 1 and 3.
5512 */
5513static int
5514ldapServiceLookup(const char *purl, PQconninfoOption *options,
5515 PQExpBuffer errorMessage)
5516{
5517 int port = LDAP_DEF_PORT,
5518 scope,
5519 rc,
5520 size,
5521 state,
5522 oldstate,
5523 i;
5524#ifndef WIN32
5525 int msgid;
5526#endif
5527 bool found_keyword;
5528 char *url,
5529 *hostname,
5530 *portstr,
5531 *endptr,
5532 *dn,
5533 *scopestr,
5534 *filter,
5535 *result,
5536 *p,
5537 *p1 = NULL,
5538 *optname = NULL,
5539 *optval = NULL;
5540 char *attrs[2] = {NULL, NULL};
5541 LDAP *ld = NULL;
5542 LDAPMessage *res,
5543 *entry;
5544 struct berval **values;
5545 LDAP_TIMEVAL time = {PGLDAP_TIMEOUT, 0};
5546 int ldapversion = LDAP_VERSION3;
5547
5548 if ((url = strdup(purl)) == NULL)
5549 {
5550 libpq_append_error(errorMessage, "out of memory");
5551 return 3;
5552 }
5553
5554 /*
5555 * Parse URL components, check for correctness. Basically, url has '\0'
5556 * placed at component boundaries and variables are pointed at each
5557 * component.
5558 */
5559
5560 if (pg_strncasecmp(url, LDAP_URL, strlen(LDAP_URL)) != 0)
5561 {
5562 libpq_append_error(errorMessage,
5563 "invalid LDAP URL \"%s\": scheme must be ldap://", purl);
5564 free(url);
5565 return 3;
5566 }
5567
5568 /* hostname */
5569 hostname = url + strlen(LDAP_URL);
5570 if (*hostname == '/') /* no hostname? */
5571 hostname = DefaultHost; /* the default */
5572
5573 /* dn, "distinguished name" */
5574 p = strchr(url + strlen(LDAP_URL), '/');
5575 if (p == NULL || *(p + 1) == '\0' || *(p + 1) == '?')
5576 {
5577 libpq_append_error(errorMessage,
5578 "invalid LDAP URL \"%s\": missing distinguished name",
5579 purl);
5580 free(url);
5581 return 3;
5582 }
5583 *p = '\0'; /* terminate hostname */
5584 dn = p + 1;
5585
5586 /* attribute */
5587 if ((p = strchr(dn, '?')) == NULL || *(p + 1) == '\0' || *(p + 1) == '?')
5588 {
5589 libpq_append_error(errorMessage,
5590 "invalid LDAP URL \"%s\": must have exactly one attribute",
5591 purl);
5592 free(url);
5593 return 3;
5594 }
5595 *p = '\0';
5596 attrs[0] = p + 1;
5597
5598 /* scope */
5599 if ((p = strchr(attrs[0], '?')) == NULL || *(p + 1) == '\0' || *(p + 1) == '?')
5600 {
5601 libpq_append_error(errorMessage,
5602 "invalid LDAP URL \"%s\": must have search scope (base/one/sub)",
5603 purl);
5604 free(url);
5605 return 3;
5606 }
5607 *p = '\0';
5608 scopestr = p + 1;
5609
5610 /* filter */
5611 if ((p = strchr(scopestr, '?')) == NULL || *(p + 1) == '\0' || *(p + 1) == '?')
5612 {
5613 libpq_append_error(errorMessage,
5614 "invalid LDAP URL \"%s\": no filter",
5615 purl);
5616 free(url);
5617 return 3;
5618 }
5619 *p = '\0';
5620 filter = p + 1;
5621 if ((p = strchr(filter, '?')) != NULL)
5622 *p = '\0';
5623
5624 /* port number? */
5625 if ((p1 = strchr(hostname, ':')) != NULL)
5626 {
5627 long lport;
5628
5629 *p1 = '\0';
5630 portstr = p1 + 1;
5631 errno = 0;
5632 lport = strtol(portstr, &endptr, 10);
5633 if (*portstr == '\0' || *endptr != '\0' || errno || lport < 0 || lport > 65535)
5634 {
5635 libpq_append_error(errorMessage,
5636 "invalid LDAP URL \"%s\": invalid port number",
5637 purl);
5638 free(url);
5639 return 3;
5640 }
5641 port = (int) lport;
5642 }
5643
5644 /* Allow only one attribute */
5645 if (strchr(attrs[0], ',') != NULL)
5646 {
5647 libpq_append_error(errorMessage,
5648 "invalid LDAP URL \"%s\": must have exactly one attribute",
5649 purl);
5650 free(url);
5651 return 3;
5652 }
5653
5654 /* set scope */
5655 if (pg_strcasecmp(scopestr, "base") == 0)
5656 scope = LDAP_SCOPE_BASE;
5657 else if (pg_strcasecmp(scopestr, "one") == 0)
5658 scope = LDAP_SCOPE_ONELEVEL;
5659 else if (pg_strcasecmp(scopestr, "sub") == 0)
5660 scope = LDAP_SCOPE_SUBTREE;
5661 else
5662 {
5663 libpq_append_error(errorMessage,
5664 "invalid LDAP URL \"%s\": must have search scope (base/one/sub)",
5665 purl);
5666 free(url);
5667 return 3;
5668 }
5669
5670 /* initialize LDAP structure */
5671 if ((ld = ldap_init(hostname, port)) == NULL)
5672 {
5673 libpq_append_error(errorMessage, "could not create LDAP structure");
5674 free(url);
5675 return 3;
5676 }
5677
5678 if ((rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldapversion)) != LDAP_SUCCESS)
5679 {
5680 libpq_append_error(errorMessage, "could not set LDAP protocol version: %s",
5681 ldap_err2string(rc));
5682 free(url);
5683 ldap_unbind(ld);
5684 return 3;
5685 }
5686
5687 /*
5688 * Perform an explicit anonymous bind.
5689 *
5690 * LDAP does not require that an anonymous bind is performed explicitly,
5691 * but we want to distinguish between the case where LDAP bind does not
5692 * succeed within PGLDAP_TIMEOUT seconds (return 2 to continue parsing the
5693 * service control file) and the case where querying the LDAP server fails
5694 * (return 1 to end parsing).
5695 *
5696 * Unfortunately there is no way of setting a timeout that works for both
5697 * Windows and OpenLDAP.
5698 */
5699#ifdef WIN32
5700 /* the nonstandard ldap_connect function performs an anonymous bind */
5701 if (ldap_connect(ld, &time) != LDAP_SUCCESS)
5702 {
5703 /* error or timeout in ldap_connect */
5704 free(url);
5705 ldap_unbind(ld);
5706 return 2;
5707 }
5708#else /* !WIN32 */
5709 /* in OpenLDAP, use the LDAP_OPT_NETWORK_TIMEOUT option */
5710 if (ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, &time) != LDAP_SUCCESS)
5711 {
5712 free(url);
5713 ldap_unbind(ld);
5714 return 3;
5715 }
5716
5717 /* anonymous bind */
5718 if ((msgid = ldap_simple_bind(ld, NULL, NULL)) == -1)
5719 {
5720 /* error or network timeout */
5721 free(url);
5722 ldap_unbind(ld);
5723 return 2;
5724 }
5725
5726 /* wait some time for the connection to succeed */
5727 res = NULL;
5728 if ((rc = ldap_result(ld, msgid, LDAP_MSG_ALL, &time, &res)) == -1 ||
5729 res == NULL)
5730 {
5731 /* error or timeout */
5732 if (res != NULL)
5733 ldap_msgfree(res);
5734 free(url);
5735 ldap_unbind(ld);
5736 return 2;
5737 }
5738 ldap_msgfree(res);
5739
5740 /* reset timeout */
5741 time.tv_sec = -1;
5742 if (ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, &time) != LDAP_SUCCESS)
5743 {
5744 free(url);
5745 ldap_unbind(ld);
5746 return 3;
5747 }
5748#endif /* WIN32 */
5749
5750 /* search */
5751 res = NULL;
5752 if ((rc = ldap_search_st(ld, dn, scope, filter, attrs, 0, &time, &res))
5753 != LDAP_SUCCESS)
5754 {
5755 if (res != NULL)
5756 ldap_msgfree(res);
5757 libpq_append_error(errorMessage, "lookup on LDAP server failed: %s", ldap_err2string(rc));
5758 ldap_unbind(ld);
5759 free(url);
5760 return 1;
5761 }
5762
5763 /* complain if there was not exactly one result */
5764 if ((rc = ldap_count_entries(ld, res)) != 1)
5765 {
5766 if (rc > 1)
5767 libpq_append_error(errorMessage, "more than one entry found on LDAP lookup");
5768 else
5769 libpq_append_error(errorMessage, "no entry found on LDAP lookup");
5770 ldap_msgfree(res);
5771 ldap_unbind(ld);
5772 free(url);
5773 return 1;
5774 }
5775
5776 /* get entry */
5777 if ((entry = ldap_first_entry(ld, res)) == NULL)
5778 {
5779 /* should never happen */
5780 libpq_append_error(errorMessage, "no entry found on LDAP lookup");
5781 ldap_msgfree(res);
5782 ldap_unbind(ld);
5783 free(url);
5784 return 1;
5785 }
5786
5787 /* get values */
5788 if ((values = ldap_get_values_len(ld, entry, attrs[0])) == NULL)
5789 {
5790 libpq_append_error(errorMessage, "attribute has no values on LDAP lookup");
5791 ldap_msgfree(res);
5792 ldap_unbind(ld);
5793 free(url);
5794 return 1;
5795 }
5796
5797 ldap_msgfree(res);
5798 free(url);
5799
5800 if (values[0] == NULL)
5801 {
5802 libpq_append_error(errorMessage, "attribute has no values on LDAP lookup");
5803 ldap_value_free_len(values);
5804 ldap_unbind(ld);
5805 return 1;
5806 }
5807
5808 /* concatenate values into a single string with newline terminators */
5809 size = 1; /* for the trailing null */
5810 for (i = 0; values[i] != NULL; i++)
5811 {
5812 if (values[i]->bv_len >= INT_MAX ||
5813 size > (INT_MAX - (values[i]->bv_len + 1)))
5814 {
5815 libpq_append_error(errorMessage,
5816 "connection info string size exceeds the maximum allowed (%d)",
5817 INT_MAX);
5818 ldap_value_free_len(values);
5819 ldap_unbind(ld);
5820 return 3;
5821 }
5822
5823 size += values[i]->bv_len + 1;
5824 }
5825
5826 if ((result = malloc(size)) == NULL)
5827 {
5828 libpq_append_error(errorMessage, "out of memory");
5829 ldap_value_free_len(values);
5830 ldap_unbind(ld);
5831 return 3;
5832 }
5833 p = result;
5834 for (i = 0; values[i] != NULL; i++)
5835 {
5836 memcpy(p, values[i]->bv_val, values[i]->bv_len);
5837 p += values[i]->bv_len;
5838 *(p++) = '\n';
5839 }
5840 *p = '\0';
5841
5842 ldap_value_free_len(values);
5843 ldap_unbind(ld);
5844
5845 /* parse result string */
5846 oldstate = state = 0;
5847 for (p = result; *p != '\0'; ++p)
5848 {
5849 switch (state)
5850 {
5851 case 0: /* between entries */
5852 if (!ld_is_sp_tab(*p) && !ld_is_nl_cr(*p))
5853 {
5854 optname = p;
5855 state = 1;
5856 }
5857 break;
5858 case 1: /* in option name */
5859 if (ld_is_sp_tab(*p))
5860 {
5861 *p = '\0';
5862 state = 2;
5863 }
5864 else if (ld_is_nl_cr(*p))
5865 {
5866 libpq_append_error(errorMessage,
5867 "missing \"=\" after \"%s\" in connection info string",
5868 optname);
5869 free(result);
5870 return 3;
5871 }
5872 else if (*p == '=')
5873 {
5874 *p = '\0';
5875 state = 3;
5876 }
5877 break;
5878 case 2: /* after option name */
5879 if (*p == '=')
5880 {
5881 state = 3;
5882 }
5883 else if (!ld_is_sp_tab(*p))
5884 {
5885 libpq_append_error(errorMessage,
5886 "missing \"=\" after \"%s\" in connection info string",
5887 optname);
5888 free(result);
5889 return 3;
5890 }
5891 break;
5892 case 3: /* before option value */
5893 if (*p == '\'')
5894 {
5895 optval = p + 1;
5896 p1 = p + 1;
5897 state = 5;
5898 }
5899 else if (ld_is_nl_cr(*p))
5900 {
5901 optval = optname + strlen(optname); /* empty */
5902 state = 0;
5903 }
5904 else if (!ld_is_sp_tab(*p))
5905 {
5906 optval = p;
5907 state = 4;
5908 }
5909 break;
5910 case 4: /* in unquoted option value */
5911 if (ld_is_sp_tab(*p) || ld_is_nl_cr(*p))
5912 {
5913 *p = '\0';
5914 state = 0;
5915 }
5916 break;
5917 case 5: /* in quoted option value */
5918 if (*p == '\'')
5919 {
5920 *p1 = '\0';
5921 state = 0;
5922 }
5923 else if (*p == '\\')
5924 state = 6;
5925 else
5926 *(p1++) = *p;
5927 break;
5928 case 6: /* in quoted option value after escape */
5929 *(p1++) = *p;
5930 state = 5;
5931 break;
5932 }
5933
5934 if (state == 0 && oldstate != 0)
5935 {
5936 found_keyword = false;
5937 for (i = 0; options[i].keyword; i++)
5938 {
5939 if (strcmp(options[i].keyword, optname) == 0)
5940 {
5941 if (options[i].val == NULL)
5942 {
5943 options[i].val = strdup(optval);
5944 if (!options[i].val)
5945 {
5946 libpq_append_error(errorMessage, "out of memory");
5947 free(result);
5948 return 3;
5949 }
5950 }
5951 found_keyword = true;
5952 break;
5953 }
5954 }
5955 if (!found_keyword)
5956 {
5957 libpq_append_error(errorMessage, "invalid connection option \"%s\"", optname);
5958 free(result);
5959 return 1;
5960 }
5961 optname = NULL;
5962 optval = NULL;
5963 }
5964 oldstate = state;
5965 }
5966
5967 free(result);
5968
5969 if (state == 5 || state == 6)
5970 {
5971 libpq_append_error(errorMessage,
5972 "unterminated quoted string in connection info string");
5973 return 3;
5974 }
5975
5976 return 0;
5977}
5978
5979#endif /* USE_LDAP */
5980
5981/*
5982 * parseServiceInfo: if a service name has been given, look it up and absorb
5983 * connection options from it into *options.
5984 *
5985 * Returns 0 on success, nonzero on failure. On failure, if errorMessage
5986 * isn't null, also store an error message there. (Note: the only reason
5987 * this function and related ones don't dump core on errorMessage == NULL
5988 * is the undocumented fact that appendPQExpBuffer does nothing when passed
5989 * a null PQExpBuffer pointer.)
5990 */
5991static int
5992parseServiceInfo(PQconninfoOption *options, PQExpBuffer errorMessage)
5993{
5994 const char *service = conninfo_getval(options, "service");
5995 const char *service_fname = conninfo_getval(options, "servicefile");
5996 char serviceFile[MAXPGPATH];
5997 char *env;
5998 bool group_found = false;
5999 int status;
6000 struct stat stat_buf;
6001
6002 /*
6003 * We have to special-case the environment variable PGSERVICE here, since
6004 * this is and should be called before inserting environment defaults for
6005 * other connection options.
6006 */
6007 if (service == NULL)
6008 service = getenv("PGSERVICE");
6009
6010 /* If no service name given, nothing to do */
6011 if (service == NULL)
6012 return 0;
6013
6014 /*
6015 * First, try the "servicefile" option in connection string. Then, try
6016 * the PGSERVICEFILE environment variable. Finally, check
6017 * ~/.pg_service.conf (if that exists).
6018 */
6019 if (service_fname != NULL)
6020 strlcpy(serviceFile, service_fname, sizeof(serviceFile));
6021 else if ((env = getenv("PGSERVICEFILE")) != NULL)
6022 strlcpy(serviceFile, env, sizeof(serviceFile));
6023 else
6024 {
6025 char homedir[MAXPGPATH];
6026
6027 if (!pqGetHomeDirectory(homedir, sizeof(homedir)))
6028 goto next_file;
6029 snprintf(serviceFile, MAXPGPATH, "%s/%s", homedir, ".pg_service.conf");
6030 if (stat(serviceFile, &stat_buf) != 0)
6031 goto next_file;
6032 }
6033
6034 status = parseServiceFile(serviceFile, service, options, errorMessage, &group_found);
6035 if (group_found || status != 0)
6036 return status;
6037
6038next_file:
6039
6040 /*
6041 * This could be used by any application so we can't use the binary
6042 * location to find our config files.
6043 */
6044 snprintf(serviceFile, MAXPGPATH, "%s/pg_service.conf",
6045 getenv("PGSYSCONFDIR") ? getenv("PGSYSCONFDIR") : SYSCONFDIR);
6046 if (stat(serviceFile, &stat_buf) != 0)
6047 goto last_file;
6048
6049 status = parseServiceFile(serviceFile, service, options, errorMessage, &group_found);
6050 if (status != 0)
6051 return status;
6052
6053last_file:
6054 if (!group_found)
6055 {
6056 libpq_append_error(errorMessage, "definition of service \"%s\" not found", service);
6057 return 3;
6058 }
6059
6060 return 0;
6061}
6062
6063static int
6064parseServiceFile(const char *serviceFile,
6065 const char *service,
6066 PQconninfoOption *options,
6067 PQExpBuffer errorMessage,
6068 bool *group_found)
6069{
6070 int result = 0,
6071 linenr = 0,
6072 i;
6073 FILE *f;
6074 char *line;
6075 char buf[1024];
6076
6077 *group_found = false;
6078
6079 f = fopen(serviceFile, "r");
6080 if (f == NULL)
6081 {
6082 libpq_append_error(errorMessage, "service file \"%s\" not found", serviceFile);
6083 return 1;
6084 }
6085
6086 while ((line = fgets(buf, sizeof(buf), f)) != NULL)
6087 {
6088 int len;
6089
6090 linenr++;
6091
6092 if (strlen(line) >= sizeof(buf) - 1)
6093 {
6094 libpq_append_error(errorMessage,
6095 "line %d too long in service file \"%s\"",
6096 linenr,
6097 serviceFile);
6098 result = 2;
6099 goto exit;
6100 }
6101
6102 /* ignore whitespace at end of line, especially the newline */
6103 len = strlen(line);
6104 while (len > 0 && isspace((unsigned char) line[len - 1]))
6105 line[--len] = '\0';
6106
6107 /* ignore leading whitespace too */
6108 while (*line && isspace((unsigned char) line[0]))
6109 line++;
6110
6111 /* ignore comments and empty lines */
6112 if (line[0] == '\0' || line[0] == '#')
6113 continue;
6114
6115 /* Check for right groupname */
6116 if (line[0] == '[')
6117 {
6118 if (*group_found)
6119 {
6120 /* end of desired group reached; return success */
6121 goto exit;
6122 }
6123
6124 if (strncmp(line + 1, service, strlen(service)) == 0 &&
6125 line[strlen(service) + 1] == ']')
6126 *group_found = true;
6127 else
6128 *group_found = false;
6129 }
6130 else
6131 {
6132 if (*group_found)
6133 {
6134 /*
6135 * Finally, we are in the right group and can parse the line
6136 */
6137 char *key,
6138 *val;
6139 bool found_keyword;
6140
6141#ifdef USE_LDAP
6142 if (strncmp(line, "ldap", 4) == 0)
6143 {
6144 int rc = ldapServiceLookup(line, options, errorMessage);
6145
6146 /* if rc = 2, go on reading for fallback */
6147 switch (rc)
6148 {
6149 case 0:
6150 goto exit;
6151 case 1:
6152 case 3:
6153 result = 3;
6154 goto exit;
6155 case 2:
6156 continue;
6157 }
6158 }
6159#endif
6160
6161 key = line;
6162 val = strchr(line, '=');
6163 if (val == NULL)
6164 {
6165 libpq_append_error(errorMessage,
6166 "syntax error in service file \"%s\", line %d",
6167 serviceFile,
6168 linenr);
6169 result = 3;
6170 goto exit;
6171 }
6172 *val++ = '\0';
6173
6174 if (strcmp(key, "service") == 0)
6175 {
6176 libpq_append_error(errorMessage,
6177 "nested \"service\" specifications not supported in service file \"%s\", line %d",
6178 serviceFile,
6179 linenr);
6180 result = 3;
6181 goto exit;
6182 }
6183
6184 if (strcmp(key, "servicefile") == 0)
6185 {
6186 libpq_append_error(errorMessage,
6187 "nested \"servicefile\" specifications not supported in service file \"%s\", line %d",
6188 serviceFile,
6189 linenr);
6190 result = 3;
6191 goto exit;
6192 }
6193
6194 /*
6195 * Set the parameter --- but don't override any previous
6196 * explicit setting.
6197 */
6198 found_keyword = false;
6199 for (i = 0; options[i].keyword; i++)
6200 {
6201 if (strcmp(options[i].keyword, key) == 0)
6202 {
6203 if (options[i].val == NULL)
6204 options[i].val = strdup(val);
6205 if (!options[i].val)
6206 {
6207 libpq_append_error(errorMessage, "out of memory");
6208 result = 3;
6209 goto exit;
6210 }
6211 found_keyword = true;
6212 break;
6213 }
6214 }
6215
6216 if (!found_keyword)
6217 {
6218 libpq_append_error(errorMessage,
6219 "syntax error in service file \"%s\", line %d",
6220 serviceFile,
6221 linenr);
6222 result = 3;
6223 goto exit;
6224 }
6225 }
6226 }
6227 }
6228
6229exit:
6230
6231 /*
6232 * If a service has been successfully found, set the "servicefile" option
6233 * if not already set. This matters when we use a default service file or
6234 * PGSERVICEFILE, where we want to be able track the value.
6235 */
6236 if (*group_found && result == 0)
6237 {
6238 for (i = 0; options[i].keyword; i++)
6239 {
6240 if (strcmp(options[i].keyword, "servicefile") != 0)
6241 continue;
6242
6243 /* If value is already set, nothing to do */
6244 if (options[i].val != NULL)
6245 break;
6246
6247 options[i].val = strdup(serviceFile);
6248 if (options[i].val == NULL)
6249 {
6250 libpq_append_error(errorMessage, "out of memory");
6251 result = 3;
6252 }
6253 break;
6254 }
6255 }
6256
6257 fclose(f);
6258
6259 return result;
6260}
6261
6262
6263/*
6264 * PQconninfoParse
6265 *
6266 * Parse a string like PQconnectdb() would do and return the
6267 * resulting connection options array. NULL is returned on failure.
6268 * The result contains only options specified directly in the string,
6269 * not any possible default values.
6270 *
6271 * If errmsg isn't NULL, *errmsg is set to NULL on success, or a malloc'd
6272 * string on failure (use PQfreemem to free it). In out-of-memory conditions
6273 * both *errmsg and the result could be NULL.
6274 *
6275 * NOTE: the returned array is dynamically allocated and should
6276 * be freed when no longer needed via PQconninfoFree().
6277 */
6278PQconninfoOption *
6279PQconninfoParse(const char *conninfo, char **errmsg)
6280{
6281 PQExpBufferData errorBuf;
6282 PQconninfoOption *connOptions;
6283
6284 if (errmsg)
6285 *errmsg = NULL; /* default */
6286 initPQExpBuffer(&errorBuf);
6287 if (PQExpBufferDataBroken(errorBuf))
6288 return NULL; /* out of memory already :-( */
6289 connOptions = parse_connection_string(conninfo, &errorBuf, false);
6290 if (connOptions == NULL && errmsg)
6291 *errmsg = errorBuf.data;
6292 else
6293 termPQExpBuffer(&errorBuf);
6294 return connOptions;
6295}
6296
6297/*
6298 * Build a working copy of the constant PQconninfoOptions array.
6299 */
6300static PQconninfoOption *
6301conninfo_init(PQExpBuffer errorMessage)
6302{
6303 PQconninfoOption *options;
6304 PQconninfoOption *opt_dest;
6305 const internalPQconninfoOption *cur_opt;
6306
6307 /*
6308 * Get enough memory for all options in PQconninfoOptions, even if some
6309 * end up being filtered out.
6310 */
6311 options = (PQconninfoOption *) malloc(sizeof(PQconninfoOption) * sizeof(PQconninfoOptions) / sizeof(PQconninfoOptions[0]));
6312 if (options == NULL)
6313 {
6314 libpq_append_error(errorMessage, "out of memory");
6315 return NULL;
6316 }
6317 opt_dest = options;
6318
6319 for (cur_opt = PQconninfoOptions; cur_opt->keyword; cur_opt++)
6320 {
6321 /* Only copy the public part of the struct, not the full internal */
6322 memcpy(opt_dest, cur_opt, sizeof(PQconninfoOption));
6323 opt_dest++;
6324 }
6325 MemSet(opt_dest, 0, sizeof(PQconninfoOption));
6326
6327 return options;
6328}
6329
6330/*
6331 * Connection string parser
6332 *
6333 * Returns a malloc'd PQconninfoOption array, if parsing is successful.
6334 * Otherwise, NULL is returned and an error message is added to errorMessage.
6335 *
6336 * If use_defaults is true, default values are filled in (from a service file,
6337 * environment variables, etc).
6338 */
6339static PQconninfoOption *
6340parse_connection_string(const char *connstr, PQExpBuffer errorMessage,
6341 bool use_defaults)
6342{
6343 /* Parse as URI if connection string matches URI prefix */
6344 if (uri_prefix_length(connstr) != 0)
6345 return conninfo_uri_parse(connstr, errorMessage, use_defaults);
6346
6347 /* Parse as default otherwise */
6348 return conninfo_parse(connstr, errorMessage, use_defaults);
6349}
6350
6351/*
6352 * Checks if connection string starts with either of the valid URI prefix
6353 * designators.
6354 *
6355 * Returns the URI prefix length, 0 if the string doesn't contain a URI prefix.
6356 *
6357 * XXX this is duplicated in psql/common.c.
6358 */
6359static int
6360uri_prefix_length(const char *connstr)
6361{
6362 if (strncmp(connstr, uri_designator,
6363 sizeof(uri_designator) - 1) == 0)
6364 return sizeof(uri_designator) - 1;
6365
6366 if (strncmp(connstr, short_uri_designator,
6367 sizeof(short_uri_designator) - 1) == 0)
6368 return sizeof(short_uri_designator) - 1;
6369
6370 return 0;
6371}
6372
6373/*
6374 * Recognized connection string either starts with a valid URI prefix or
6375 * contains a "=" in it.
6376 *
6377 * Must be consistent with parse_connection_string: anything for which this
6378 * returns true should at least look like it's parseable by that routine.
6379 *
6380 * XXX this is duplicated in psql/common.c
6381 */
6382static bool
6383recognized_connection_string(const char *connstr)
6384{
6385 return uri_prefix_length(connstr) != 0 || strchr(connstr, '=') != NULL;
6386}
6387
6388/*
6389 * Subroutine for parse_connection_string
6390 *
6391 * Deal with a string containing key=value pairs.
6392 */
6393static PQconninfoOption *
6394conninfo_parse(const char *conninfo, PQExpBuffer errorMessage,
6395 bool use_defaults)
6396{
6397 char *pname;
6398 char *pval;
6399 char *buf;
6400 char *cp;
6401 char *cp2;
6402 PQconninfoOption *options;
6403
6404 /* Make a working copy of PQconninfoOptions */
6405 options = conninfo_init(errorMessage);
6406 if (options == NULL)
6407 return NULL;
6408
6409 /* Need a modifiable copy of the input string */
6410 if ((buf = strdup(conninfo)) == NULL)
6411 {
6412 libpq_append_error(errorMessage, "out of memory");
6413 PQconninfoFree(options);
6414 return NULL;
6415 }
6416 cp = buf;
6417
6418 while (*cp)
6419 {
6420 /* Skip blanks before the parameter name */
6421 if (isspace((unsigned char) *cp))
6422 {
6423 cp++;
6424 continue;
6425 }
6426
6427 /* Get the parameter name */
6428 pname = cp;
6429 while (*cp)
6430 {
6431 if (*cp == '=')
6432 break;
6433 if (isspace((unsigned char) *cp))
6434 {
6435 *cp++ = '\0';
6436 while (*cp)
6437 {
6438 if (!isspace((unsigned char) *cp))
6439 break;
6440 cp++;
6441 }
6442 break;
6443 }
6444 cp++;
6445 }
6446
6447 /* Check that there is a following '=' */
6448 if (*cp != '=')
6449 {
6450 libpq_append_error(errorMessage,
6451 "missing \"=\" after \"%s\" in connection info string",
6452 pname);
6453 PQconninfoFree(options);
6454 free(buf);
6455 return NULL;
6456 }
6457 *cp++ = '\0';
6458
6459 /* Skip blanks after the '=' */
6460 while (*cp)
6461 {
6462 if (!isspace((unsigned char) *cp))
6463 break;
6464 cp++;
6465 }
6466
6467 /* Get the parameter value */
6468 pval = cp;
6469
6470 if (*cp != '\'')
6471 {
6472 cp2 = pval;
6473 while (*cp)
6474 {
6475 if (isspace((unsigned char) *cp))
6476 {
6477 *cp++ = '\0';
6478 break;
6479 }
6480 if (*cp == '\\')
6481 {
6482 cp++;
6483 if (*cp != '\0')
6484 *cp2++ = *cp++;
6485 }
6486 else
6487 *cp2++ = *cp++;
6488 }
6489 *cp2 = '\0';
6490 }
6491 else
6492 {
6493 cp2 = pval;
6494 cp++;
6495 for (;;)
6496 {
6497 if (*cp == '\0')
6498 {
6499 libpq_append_error(errorMessage, "unterminated quoted string in connection info string");
6500 PQconninfoFree(options);
6501 free(buf);
6502 return NULL;
6503 }
6504 if (*cp == '\\')
6505 {
6506 cp++;
6507 if (*cp != '\0')
6508 *cp2++ = *cp++;
6509 continue;
6510 }
6511 if (*cp == '\'')
6512 {
6513 *cp2 = '\0';
6514 cp++;
6515 break;
6516 }
6517 *cp2++ = *cp++;
6518 }
6519 }
6520
6521 /*
6522 * Now that we have the name and the value, store the record.
6523 */
6524 if (!conninfo_storeval(options, pname, pval, errorMessage, false, false))
6525 {
6526 PQconninfoFree(options);
6527 free(buf);
6528 return NULL;
6529 }
6530 }
6531
6532 /* Done with the modifiable input string */
6533 free(buf);
6534
6535 /*
6536 * Add in defaults if the caller wants that.
6537 */
6538 if (use_defaults)
6539 {
6540 if (!conninfo_add_defaults(options, errorMessage))
6541 {
6542 PQconninfoFree(options);
6543 return NULL;
6544 }
6545 }
6546
6547 return options;
6548}
6549
6550/*
6551 * Conninfo array parser routine
6552 *
6553 * If successful, a malloc'd PQconninfoOption array is returned.
6554 * If not successful, NULL is returned and an error message is
6555 * appended to errorMessage.
6556 * Defaults are supplied (from a service file, environment variables, etc)
6557 * for unspecified options, but only if use_defaults is true.
6558 *
6559 * If expand_dbname is non-zero, and the value passed for the first occurrence
6560 * of "dbname" keyword is a connection string (as indicated by
6561 * recognized_connection_string) then parse and process it, overriding any
6562 * previously processed conflicting keywords. Subsequent keywords will take
6563 * precedence, however. In-tree programs generally specify expand_dbname=true,
6564 * so command-line arguments naming a database can use a connection string.
6565 * Some code acquires arbitrary database names from known-literal sources like
6566 * PQdb(), PQconninfoParse() and pg_database.datname. When connecting to such
6567 * a database, in-tree code first wraps the name in a connection string.
6568 */
6569static PQconninfoOption *
6570conninfo_array_parse(const char *const *keywords, const char *const *values,
6571 PQExpBuffer errorMessage, bool use_defaults,
6572 int expand_dbname)
6573{
6574 PQconninfoOption *options;
6575 PQconninfoOption *dbname_options = NULL;
6576 PQconninfoOption *option;
6577 int i = 0;
6578
6579 /*
6580 * If expand_dbname is non-zero, check keyword "dbname" to see if val is
6581 * actually a recognized connection string.
6582 */
6583 while (expand_dbname && keywords[i])
6584 {
6585 const char *pname = keywords[i];
6586 const char *pvalue = values[i];
6587
6588 /* first find "dbname" if any */
6589 if (strcmp(pname, "dbname") == 0 && pvalue)
6590 {
6591 /*
6592 * If value is a connection string, parse it, but do not use
6593 * defaults here -- those get picked up later. We only want to
6594 * override for those parameters actually passed.
6595 */
6596 if (recognized_connection_string(pvalue))
6597 {
6598 dbname_options = parse_connection_string(pvalue, errorMessage, false);
6599 if (dbname_options == NULL)
6600 return NULL;
6601 }
6602 break;
6603 }
6604 ++i;
6605 }
6606
6607 /* Make a working copy of PQconninfoOptions */
6608 options = conninfo_init(errorMessage);
6609 if (options == NULL)
6610 {
6611 PQconninfoFree(dbname_options);
6612 return NULL;
6613 }
6614
6615 /* Parse the keywords/values arrays */
6616 i = 0;
6617 while (keywords[i])
6618 {
6619 const char *pname = keywords[i];
6620 const char *pvalue = values[i];
6621
6622 if (pvalue != NULL && pvalue[0] != '\0')
6623 {
6624 /* Search for the param record */
6625 for (option = options; option->keyword != NULL; option++)
6626 {
6627 if (strcmp(option->keyword, pname) == 0)
6628 break;
6629 }
6630
6631 /* Check for invalid connection option */
6632 if (option->keyword == NULL)
6633 {
6634 libpq_append_error(errorMessage, "invalid connection option \"%s\"", pname);
6635 PQconninfoFree(options);
6636 PQconninfoFree(dbname_options);
6637 return NULL;
6638 }
6639
6640 /*
6641 * If we are on the first dbname parameter, and we have a parsed
6642 * connection string, copy those parameters across, overriding any
6643 * existing previous settings.
6644 */
6645 if (strcmp(pname, "dbname") == 0 && dbname_options)
6646 {
6647 PQconninfoOption *str_option;
6648
6649 for (str_option = dbname_options; str_option->keyword != NULL; str_option++)
6650 {
6651 if (str_option->val != NULL)
6652 {
6653 int k;
6654
6655 for (k = 0; options[k].keyword; k++)
6656 {
6657 if (strcmp(options[k].keyword, str_option->keyword) == 0)
6658 {
6659 free(options[k].val);
6660 options[k].val = strdup(str_option->val);
6661 if (!options[k].val)
6662 {
6663 libpq_append_error(errorMessage, "out of memory");
6664 PQconninfoFree(options);
6665 PQconninfoFree(dbname_options);
6666 return NULL;
6667 }
6668 break;
6669 }
6670 }
6671 }
6672 }
6673
6674 /*
6675 * Forget the parsed connection string, so that any subsequent
6676 * dbname parameters will not be expanded.
6677 */
6678 PQconninfoFree(dbname_options);
6679 dbname_options = NULL;
6680 }
6681 else
6682 {
6683 /*
6684 * Store the value, overriding previous settings
6685 */
6686 free(option->val);
6687 option->val = strdup(pvalue);
6688 if (!option->val)
6689 {
6690 libpq_append_error(errorMessage, "out of memory");
6691 PQconninfoFree(options);
6692 PQconninfoFree(dbname_options);
6693 return NULL;
6694 }
6695 }
6696 }
6697 ++i;
6698 }
6699 PQconninfoFree(dbname_options);
6700
6701 /*
6702 * Add in defaults if the caller wants that.
6703 */
6704 if (use_defaults)
6705 {
6706 if (!conninfo_add_defaults(options, errorMessage))
6707 {
6708 PQconninfoFree(options);
6709 return NULL;
6710 }
6711 }
6712
6713 return options;
6714}
6715
6716/*
6717 * Add the default values for any unspecified options to the connection
6718 * options array.
6719 *
6720 * Defaults are obtained from a service file, environment variables, etc.
6721 *
6722 * Returns true if successful, otherwise false; errorMessage, if supplied,
6723 * is filled in upon failure. Note that failure to locate a default value
6724 * is not an error condition here --- we just leave the option's value as
6725 * NULL.
6726 */
6727static bool
6728conninfo_add_defaults(PQconninfoOption *options, PQExpBuffer errorMessage)
6729{
6730 PQconninfoOption *option;
6731 PQconninfoOption *sslmode_default = NULL,
6732 *sslrootcert = NULL;
6733 char *tmp;
6734
6735 /*
6736 * If there's a service spec, use it to obtain any not-explicitly-given
6737 * parameters. Ignore error if no error message buffer is passed because
6738 * there is no way to pass back the failure message.
6739 */
6740 if (parseServiceInfo(options, errorMessage) != 0 && errorMessage)
6741 return false;
6742
6743 /*
6744 * Get the fallback resources for parameters not specified in the conninfo
6745 * string nor the service.
6746 */
6747 for (option = options; option->keyword != NULL; option++)
6748 {
6749 if (strcmp(option->keyword, "sslrootcert") == 0)
6750 sslrootcert = option; /* save for later */
6751
6752 if (option->val != NULL)
6753 continue; /* Value was in conninfo or service */
6754
6755 /*
6756 * Try to get the environment variable fallback
6757 */
6758 if (option->envvar != NULL)
6759 {
6760 if ((tmp = getenv(option->envvar)) != NULL)
6761 {
6762 option->val = strdup(tmp);
6763 if (!option->val)
6764 {
6765 if (errorMessage)
6766 libpq_append_error(errorMessage, "out of memory");
6767 return false;
6768 }
6769 continue;
6770 }
6771 }
6772
6773 /*
6774 * Interpret the deprecated PGREQUIRESSL environment variable. Per
6775 * tradition, translate values starting with "1" to sslmode=require,
6776 * and ignore other values. Given both PGREQUIRESSL=1 and PGSSLMODE,
6777 * PGSSLMODE takes precedence; the opposite was true before v9.3.
6778 */
6779 if (strcmp(option->keyword, "sslmode") == 0)
6780 {
6781 const char *requiresslenv = getenv("PGREQUIRESSL");
6782
6783 if (requiresslenv != NULL && requiresslenv[0] == '1')
6784 {
6785 option->val = strdup("require");
6786 if (!option->val)
6787 {
6788 if (errorMessage)
6789 libpq_append_error(errorMessage, "out of memory");
6790 return false;
6791 }
6792 continue;
6793 }
6794
6795 /*
6796 * sslmode is not specified. Let it be filled in with the compiled
6797 * default for now, but if sslrootcert=system, we'll override the
6798 * default later before returning.
6799 */
6800 sslmode_default = option;
6801 }
6802
6803 /*
6804 * No environment variable specified or the variable isn't set - try
6805 * compiled-in default
6806 */
6807 if (option->compiled != NULL)
6808 {
6809 option->val = strdup(option->compiled);
6810 if (!option->val)
6811 {
6812 if (errorMessage)
6813 libpq_append_error(errorMessage, "out of memory");
6814 return false;
6815 }
6816 continue;
6817 }
6818
6819 /*
6820 * Special handling for "user" option. Note that if pg_fe_getauthname
6821 * fails, we just leave the value as NULL; there's no need for this to
6822 * be an error condition if the caller provides a user name. The only
6823 * reason we do this now at all is so that callers of PQconndefaults
6824 * will see a correct default (barring error, of course).
6825 */
6826 if (strcmp(option->keyword, "user") == 0)
6827 {
6828 option->val = pg_fe_getauthname(NULL);
6829 continue;
6830 }
6831 }
6832
6833 /*
6834 * Special handling for sslrootcert=system with no sslmode explicitly
6835 * defined. In this case we want to strengthen the default sslmode to
6836 * verify-full.
6837 */
6838 if (sslmode_default && sslrootcert)
6839 {
6840 if (sslrootcert->val && strcmp(sslrootcert->val, "system") == 0)
6841 {
6842 free(sslmode_default->val);
6843
6844 sslmode_default->val = strdup("verify-full");
6845 if (!sslmode_default->val)
6846 {
6847 if (errorMessage)
6848 libpq_append_error(errorMessage, "out of memory");
6849 return false;
6850 }
6851 }
6852 }
6853
6854 return true;
6855}
6856
6857/*
6858 * Subroutine for parse_connection_string
6859 *
6860 * Deal with a URI connection string.
6861 */
6862static PQconninfoOption *
6863conninfo_uri_parse(const char *uri, PQExpBuffer errorMessage,
6864 bool use_defaults)
6865{
6866 PQconninfoOption *options;
6867
6868 /* Make a working copy of PQconninfoOptions */
6869 options = conninfo_init(errorMessage);
6870 if (options == NULL)
6871 return NULL;
6872
6873 if (!conninfo_uri_parse_options(options, uri, errorMessage))
6874 {
6875 PQconninfoFree(options);
6876 return NULL;
6877 }
6878
6879 /*
6880 * Add in defaults if the caller wants that.
6881 */
6882 if (use_defaults)
6883 {
6884 if (!conninfo_add_defaults(options, errorMessage))
6885 {
6886 PQconninfoFree(options);
6887 return NULL;
6888 }
6889 }
6890
6891 return options;
6892}
6893
6894/*
6895 * conninfo_uri_parse_options
6896 * Actual URI parser.
6897 *
6898 * If successful, returns true while the options array is filled with parsed
6899 * options from the URI.
6900 * If not successful, returns false and fills errorMessage accordingly.
6901 *
6902 * Parses the connection URI string in 'uri' according to the URI syntax (RFC
6903 * 3986):
6904 *
6905 * postgresql://[user[:password]@][netloc][:port][/dbname][?param1=value1&...]
6906 *
6907 * where "netloc" is a hostname, an IPv4 address, or an IPv6 address surrounded
6908 * by literal square brackets. As an extension, we also allow multiple
6909 * netloc[:port] specifications, separated by commas:
6910 *
6911 * postgresql://[user[:password]@][netloc][:port][,...][/dbname][?param1=value1&...]
6912 *
6913 * Any of the URI parts might use percent-encoding (%xy).
6914 */
6915static bool
6916conninfo_uri_parse_options(PQconninfoOption *options, const char *uri,
6917 PQExpBuffer errorMessage)
6918{
6919 int prefix_len;
6920 char *p;
6921 char *buf = NULL;
6922 char *start;
6923 char prevchar = '\0';
6924 char *user = NULL;
6925 char *host = NULL;
6926 bool retval = false;
6927 PQExpBufferData hostbuf;
6928 PQExpBufferData portbuf;
6929
6930 initPQExpBuffer(&hostbuf);
6931 initPQExpBuffer(&portbuf);
6932 if (PQExpBufferDataBroken(hostbuf) || PQExpBufferDataBroken(portbuf))
6933 {
6934 libpq_append_error(errorMessage, "out of memory");
6935 goto cleanup;
6936 }
6937
6938 /* need a modifiable copy of the input URI */
6939 buf = strdup(uri);
6940 if (buf == NULL)
6941 {
6942 libpq_append_error(errorMessage, "out of memory");
6943 goto cleanup;
6944 }
6945 start = buf;
6946
6947 /* Skip the URI prefix */
6948 prefix_len = uri_prefix_length(uri);
6949 if (prefix_len == 0)
6950 {
6951 /* Should never happen */
6952 libpq_append_error(errorMessage,
6953 "invalid URI propagated to internal parser routine: \"%s\"",
6954 uri);
6955 goto cleanup;
6956 }
6957 start += prefix_len;
6958 p = start;
6959
6960 /* Look ahead for possible user credentials designator */
6961 while (*p && *p != '@' && *p != '/')
6962 ++p;
6963 if (*p == '@')
6964 {
6965 /*
6966 * Found username/password designator, so URI should be of the form
6967 * "scheme://user[:password]@[netloc]".
6968 */
6969 user = start;
6970
6971 p = user;
6972 while (*p != ':' && *p != '@')
6973 ++p;
6974
6975 /* Save last char and cut off at end of user name */
6976 prevchar = *p;
6977 *p = '\0';
6978
6979 if (*user &&
6980 !conninfo_storeval(options, "user", user,
6981 errorMessage, false, true))
6982 goto cleanup;
6983
6984 if (prevchar == ':')
6985 {
6986 const char *password = p + 1;
6987
6988 while (*p != '@')
6989 ++p;
6990 *p = '\0';
6991
6992 if (*password &&
6993 !conninfo_storeval(options, "password", password,
6994 errorMessage, false, true))
6995 goto cleanup;
6996 }
6997
6998 /* Advance past end of parsed user name or password token */
6999 ++p;
7000 }
7001 else
7002 {
7003 /*
7004 * No username/password designator found. Reset to start of URI.
7005 */
7006 p = start;
7007 }
7008
7009 /*
7010 * There may be multiple netloc[:port] pairs, each separated from the next
7011 * by a comma. When we initially enter this loop, "p" has been
7012 * incremented past optional URI credential information at this point and
7013 * now points at the "netloc" part of the URI. On subsequent loop
7014 * iterations, "p" has been incremented past the comma separator and now
7015 * points at the start of the next "netloc".
7016 */
7017 for (;;)
7018 {
7019 /*
7020 * Look for IPv6 address.
7021 */
7022 if (*p == '[')
7023 {
7024 host = ++p;
7025 while (*p && *p != ']')
7026 ++p;
7027 if (!*p)
7028 {
7029 libpq_append_error(errorMessage,
7030 "end of string reached when looking for matching \"]\" in IPv6 host address in URI: \"%s\"",
7031 uri);
7032 goto cleanup;
7033 }
7034 if (p == host)
7035 {
7036 libpq_append_error(errorMessage,
7037 "IPv6 host address may not be empty in URI: \"%s\"",
7038 uri);
7039 goto cleanup;
7040 }
7041
7042 /* Cut off the bracket and advance */
7043 *(p++) = '\0';
7044
7045 /*
7046 * The address may be followed by a port specifier or a slash or a
7047 * query or a separator comma.
7048 */
7049 if (*p && *p != ':' && *p != '/' && *p != '?' && *p != ',')
7050 {
7051 libpq_append_error(errorMessage,
7052 "unexpected character \"%c\" at position %d in URI (expected \":\" or \"/\"): \"%s\"",
7053 *p, (int) (p - buf + 1), uri);
7054 goto cleanup;
7055 }
7056 }
7057 else
7058 {
7059 /* not an IPv6 address: DNS-named or IPv4 netloc */
7060 host = p;
7061
7062 /*
7063 * Look for port specifier (colon) or end of host specifier
7064 * (slash) or query (question mark) or host separator (comma).
7065 */
7066 while (*p && *p != ':' && *p != '/' && *p != '?' && *p != ',')
7067 ++p;
7068 }
7069
7070 /* Save the hostname terminator before we null it */
7071 prevchar = *p;
7072 *p = '\0';
7073
7074 appendPQExpBufferStr(&hostbuf, host);
7075
7076 if (prevchar == ':')
7077 {
7078 const char *port = ++p; /* advance past host terminator */
7079
7080 while (*p && *p != '/' && *p != '?' && *p != ',')
7081 ++p;
7082
7083 prevchar = *p;
7084 *p = '\0';
7085
7086 appendPQExpBufferStr(&portbuf, port);
7087 }
7088
7089 if (prevchar != ',')
7090 break;
7091 ++p; /* advance past comma separator */
7092 appendPQExpBufferChar(&hostbuf, ',');
7093 appendPQExpBufferChar(&portbuf, ',');
7094 }
7095
7096 /* Save final values for host and port. */
7097 if (PQExpBufferDataBroken(hostbuf) || PQExpBufferDataBroken(portbuf))
7098 goto cleanup;
7099 if (hostbuf.data[0] &&
7100 !conninfo_storeval(options, "host", hostbuf.data,
7101 errorMessage, false, true))
7102 goto cleanup;
7103 if (portbuf.data[0] &&
7104 !conninfo_storeval(options, "port", portbuf.data,
7105 errorMessage, false, true))
7106 goto cleanup;
7107
7108 if (prevchar && prevchar != '?')
7109 {
7110 const char *dbname = ++p; /* advance past host terminator */
7111
7112 /* Look for query parameters */
7113 while (*p && *p != '?')
7114 ++p;
7115
7116 prevchar = *p;
7117 *p = '\0';
7118
7119 /*
7120 * Avoid setting dbname to an empty string, as it forces the default
7121 * value (username) and ignores $PGDATABASE, as opposed to not setting
7122 * it at all.
7123 */
7124 if (*dbname &&
7125 !conninfo_storeval(options, "dbname", dbname,
7126 errorMessage, false, true))
7127 goto cleanup;
7128 }
7129
7130 if (prevchar)
7131 {
7132 ++p; /* advance past terminator */
7133
7134 if (!conninfo_uri_parse_params(p, options, errorMessage))
7135 goto cleanup;
7136 }
7137
7138 /* everything parsed okay */
7139 retval = true;
7140
7141cleanup:
7142 termPQExpBuffer(&hostbuf);
7143 termPQExpBuffer(&portbuf);
7144 free(buf);
7145 return retval;
7146}
7147
7148/*
7149 * Connection URI parameters parser routine
7150 *
7151 * If successful, returns true while connOptions is filled with parsed
7152 * parameters. Otherwise, returns false and fills errorMessage appropriately.
7153 *
7154 * Destructively modifies 'params' buffer.
7155 */
7156static bool
7157conninfo_uri_parse_params(char *params,
7158 PQconninfoOption *connOptions,
7159 PQExpBuffer errorMessage)
7160{
7161 while (*params)
7162 {
7163 char *keyword = params;
7164 char *value = NULL;
7165 char *p = params;
7166 bool malloced = false;
7167 int oldmsglen;
7168
7169 /*
7170 * Scan the params string for '=' and '&', marking the end of keyword
7171 * and value respectively.
7172 */
7173 for (;;)
7174 {
7175 if (*p == '=')
7176 {
7177 /* Was there '=' already? */
7178 if (value != NULL)
7179 {
7180 libpq_append_error(errorMessage,
7181 "extra key/value separator \"=\" in URI query parameter: \"%s\"",
7182 keyword);
7183 return false;
7184 }
7185 /* Cut off keyword, advance to value */
7186 *p++ = '\0';
7187 value = p;
7188 }
7189 else if (*p == '&' || *p == '\0')
7190 {
7191 /*
7192 * If not at the end, cut off value and advance; leave p
7193 * pointing to start of the next parameter, if any.
7194 */
7195 if (*p != '\0')
7196 *p++ = '\0';
7197 /* Was there '=' at all? */
7198 if (value == NULL)
7199 {
7200 libpq_append_error(errorMessage,
7201 "missing key/value separator \"=\" in URI query parameter: \"%s\"",
7202 keyword);
7203 return false;
7204 }
7205 /* Got keyword and value, go process them. */
7206 break;
7207 }
7208 else
7209 ++p; /* Advance over all other bytes. */
7210 }
7211
7212 keyword = conninfo_uri_decode(keyword, errorMessage);
7213 if (keyword == NULL)
7214 {
7215 /* conninfo_uri_decode already set an error message */
7216 return false;
7217 }
7218 value = conninfo_uri_decode(value, errorMessage);
7219 if (value == NULL)
7220 {
7221 /* conninfo_uri_decode already set an error message */
7222 free(keyword);
7223 return false;
7224 }
7225 malloced = true;
7226
7227 /*
7228 * Special keyword handling for improved JDBC compatibility.
7229 */
7230 if (strcmp(keyword, "ssl") == 0 &&
7231 strcmp(value, "true") == 0)
7232 {
7233 free(keyword);
7234 free(value);
7235 malloced = false;
7236
7237 keyword = "sslmode";
7238 value = "require";
7239 }
7240
7241 /*
7242 * Store the value if the corresponding option exists; ignore
7243 * otherwise. At this point both keyword and value are not
7244 * URI-encoded.
7245 */
7246 oldmsglen = errorMessage->len;
7247 if (!conninfo_storeval(connOptions, keyword, value,
7248 errorMessage, true, false))
7249 {
7250 /* Insert generic message if conninfo_storeval didn't give one. */
7251 if (errorMessage->len == oldmsglen)
7252 libpq_append_error(errorMessage,
7253 "invalid URI query parameter: \"%s\"",
7254 keyword);
7255 /* And fail. */
7256 if (malloced)
7257 {
7258 free(keyword);
7259 free(value);
7260 }
7261 return false;
7262 }
7263
7264 if (malloced)
7265 {
7266 free(keyword);
7267 free(value);
7268 }
7269
7270 /* Proceed to next key=value pair, if any */
7271 params = p;
7272 }
7273
7274 return true;
7275}
7276
7277/*
7278 * Connection URI decoder routine
7279 *
7280 * If successful, returns the malloc'd decoded string.
7281 * If not successful, returns NULL and fills errorMessage accordingly.
7282 *
7283 * The string is decoded by replacing any percent-encoded tokens with
7284 * corresponding characters, while preserving any non-encoded characters. A
7285 * percent-encoded token is a character triplet: a percent sign, followed by a
7286 * pair of hexadecimal digits (0-9A-F), where lower- and upper-case letters are
7287 * treated identically.
7288 */
7289static char *
7290conninfo_uri_decode(const char *str, PQExpBuffer errorMessage)
7291{
7292 char *buf; /* result */
7293 char *p; /* output location */
7294 const char *q = str; /* input location */
7295
7296 buf = malloc(strlen(str) + 1);
7297 if (buf == NULL)
7298 {
7299 libpq_append_error(errorMessage, "out of memory");
7300 return NULL;
7301 }
7302 p = buf;
7303
7304 /* skip leading whitespaces */
7305 for (const char *s = q; *s == ' '; s++)
7306 {
7307 q++;
7308 continue;
7309 }
7310
7311 for (;;)
7312 {
7313 if (*q != '%')
7314 {
7315 /* if found a whitespace or NUL, the string ends */
7316 if (*q == ' ' || *q == '\0')
7317 goto end;
7318
7319 /* copy character */
7320 *(p++) = *(q++);
7321 }
7322 else
7323 {
7324 int hi;
7325 int lo;
7326 int c;
7327
7328 ++q; /* skip the percent sign itself */
7329
7330 /*
7331 * Possible EOL will be caught by the first call to
7332 * get_hexdigit(), so we never dereference an invalid q pointer.
7333 */
7334 if (!(get_hexdigit(*q++, &hi) && get_hexdigit(*q++, &lo)))
7335 {
7336 libpq_append_error(errorMessage,
7337 "invalid percent-encoded token: \"%s\"",
7338 str);
7339 free(buf);
7340 return NULL;
7341 }
7342
7343 c = (hi << 4) | lo;
7344 if (c == 0)
7345 {
7346 libpq_append_error(errorMessage,
7347 "forbidden value %%00 in percent-encoded value: \"%s\"",
7348 str);
7349 free(buf);
7350 return NULL;
7351 }
7352 *(p++) = c;
7353 }
7354 }
7355
7356end:
7357
7358 /* skip trailing whitespaces */
7359 for (const char *s = q; *s == ' '; s++)
7360 {
7361 q++;
7362 continue;
7363 }
7364
7365 /* Not at the end of the string yet? Fail. */
7366 if (*q != '\0')
7367 {
7368 libpq_append_error(errorMessage,
7369 "unexpected spaces found in \"%s\", use percent-encoded spaces (%%20) instead",
7370 str);
7371 free(buf);
7372 return NULL;
7373 }
7374
7375 /* Copy NUL terminator */
7376 *p = '\0';
7377
7378 return buf;
7379}
7380
7381/*
7382 * Convert hexadecimal digit character to its integer value.
7383 *
7384 * If successful, returns true and value is filled with digit's base 16 value.
7385 * If not successful, returns false.
7386 *
7387 * Lower- and upper-case letters in the range A-F are treated identically.
7388 */
7389static bool
7390get_hexdigit(char digit, int *value)
7391{
7392 if ('0' <= digit && digit <= '9')
7393 *value = digit - '0';
7394 else if ('A' <= digit && digit <= 'F')
7395 *value = digit - 'A' + 10;
7396 else if ('a' <= digit && digit <= 'f')
7397 *value = digit - 'a' + 10;
7398 else
7399 return false;
7400
7401 return true;
7402}
7403
7404/*
7405 * Find an option value corresponding to the keyword in the connOptions array.
7406 *
7407 * If successful, returns a pointer to the corresponding option's value.
7408 * If not successful, returns NULL.
7409 */
7410static const char *
7411conninfo_getval(PQconninfoOption *connOptions,
7412 const char *keyword)
7413{
7414 PQconninfoOption *option;
7415
7416 option = conninfo_find(connOptions, keyword);
7417
7418 return option ? option->val : NULL;
7419}
7420
7421/*
7422 * Store a (new) value for an option corresponding to the keyword in
7423 * connOptions array.
7424 *
7425 * If uri_decode is true, the value is URI-decoded. The keyword is always
7426 * assumed to be non URI-encoded.
7427 *
7428 * If successful, returns a pointer to the corresponding PQconninfoOption,
7429 * which value is replaced with a strdup'd copy of the passed value string.
7430 * The existing value for the option is free'd before replacing, if any.
7431 *
7432 * If not successful, returns NULL and fills errorMessage accordingly.
7433 * However, if the reason of failure is an invalid keyword being passed and
7434 * ignoreMissing is true, errorMessage will be left untouched.
7435 */
7436static PQconninfoOption *
7437conninfo_storeval(PQconninfoOption *connOptions,
7438 const char *keyword, const char *value,
7439 PQExpBuffer errorMessage, bool ignoreMissing,
7440 bool uri_decode)
7441{
7442 PQconninfoOption *option;
7443 char *value_copy;
7444
7445 /*
7446 * For backwards compatibility, requiressl=1 gets translated to
7447 * sslmode=require, and requiressl=0 gets translated to sslmode=prefer
7448 * (which is the default for sslmode).
7449 */
7450 if (strcmp(keyword, "requiressl") == 0)
7451 {
7452 keyword = "sslmode";
7453 if (value[0] == '1')
7454 value = "require";
7455 else
7456 value = "prefer";
7457 }
7458
7459 option = conninfo_find(connOptions, keyword);
7460 if (option == NULL)
7461 {
7462 if (!ignoreMissing)
7463 libpq_append_error(errorMessage,
7464 "invalid connection option \"%s\"",
7465 keyword);
7466 return NULL;
7467 }
7468
7469 if (uri_decode)
7470 {
7471 value_copy = conninfo_uri_decode(value, errorMessage);
7472 if (value_copy == NULL)
7473 /* conninfo_uri_decode already set an error message */
7474 return NULL;
7475 }
7476 else
7477 {
7478 value_copy = strdup(value);
7479 if (value_copy == NULL)
7480 {
7481 libpq_append_error(errorMessage, "out of memory");
7482 return NULL;
7483 }
7484 }
7485
7486 free(option->val);
7487 option->val = value_copy;
7488
7489 return option;
7490}
7491
7492/*
7493 * Find a PQconninfoOption option corresponding to the keyword in the
7494 * connOptions array.
7495 *
7496 * If successful, returns a pointer to the corresponding PQconninfoOption
7497 * structure.
7498 * If not successful, returns NULL.
7499 */
7500static PQconninfoOption *
7501conninfo_find(PQconninfoOption *connOptions, const char *keyword)
7502{
7503 PQconninfoOption *option;
7504
7505 for (option = connOptions; option->keyword != NULL; option++)
7506 {
7507 if (strcmp(option->keyword, keyword) == 0)
7508 return option;
7509 }
7510
7511 return NULL;
7512}
7513
7514
7515/*
7516 * Return the connection options used for the connection
7517 */
7518PQconninfoOption *
7519PQconninfo(PGconn *conn)
7520{
7521 PQExpBufferData errorBuf;
7522 PQconninfoOption *connOptions;
7523
7524 if (conn == NULL)
7525 return NULL;
7526
7527 /*
7528 * We don't actually report any errors here, but callees want a buffer,
7529 * and we prefer not to trash the conn's errorMessage.
7530 */
7531 initPQExpBuffer(&errorBuf);
7532 if (PQExpBufferDataBroken(errorBuf))
7533 return NULL; /* out of memory already :-( */
7534
7535 connOptions = conninfo_init(&errorBuf);
7536
7537 if (connOptions != NULL)
7538 {
7539 const internalPQconninfoOption *option;
7540
7541 for (option = PQconninfoOptions; option->keyword; option++)
7542 {
7543 char **connmember;
7544
7545 if (option->connofs < 0)
7546 continue;
7547
7548 connmember = (char **) ((char *) conn + option->connofs);
7549
7550 if (*connmember)
7551 conninfo_storeval(connOptions, option->keyword, *connmember,
7552 &errorBuf, true, false);
7553 }
7554 }
7555
7556 termPQExpBuffer(&errorBuf);
7557
7558 return connOptions;
7559}
7560
7561
7562void
7563PQconninfoFree(PQconninfoOption *connOptions)
7564{
7565 if (connOptions == NULL)
7566 return;
7567
7568 for (PQconninfoOption *option = connOptions; option->keyword != NULL; option++)
7569 free(option->val);
7570 free(connOptions);
7571}
7572
7573
7574/* =========== accessor functions for PGconn ========= */
7575char *
7576PQdb(const PGconn *conn)
7577{
7578 if (!conn)
7579 return NULL;
7580 return conn->dbName;
7581}
7582
7583char *
7584PQuser(const PGconn *conn)
7585{
7586 if (!conn)
7587 return NULL;
7588 return conn->pguser;
7589}
7590
7591char *
7592PQpass(const PGconn *conn)
7593{
7594 char *password = NULL;
7595
7596 if (!conn)
7597 return NULL;
7598 if (conn->connhost != NULL)
7599 password = conn->connhost[conn->whichhost].password;
7600 if (password == NULL)
7601 password = conn->pgpass;
7602 /* Historically we've returned "" not NULL for no password specified */
7603 if (password == NULL)
7604 password = "";
7605 return password;
7606}
7607
7608char *
7609PQhost(const PGconn *conn)
7610{
7611 if (!conn)
7612 return NULL;
7613
7614 if (conn->connhost != NULL)
7615 {
7616 /*
7617 * Return the verbatim host value provided by user, or hostaddr in its
7618 * lack.
7619 */
7620 if (conn->connhost[conn->whichhost].host != NULL &&
7621 conn->connhost[conn->whichhost].host[0] != '\0')
7622 return conn->connhost[conn->whichhost].host;
7623 else if (conn->connhost[conn->whichhost].hostaddr != NULL &&
7624 conn->connhost[conn->whichhost].hostaddr[0] != '\0')
7625 return conn->connhost[conn->whichhost].hostaddr;
7626 }
7627
7628 return "";
7629}
7630
7631char *
7632PQhostaddr(const PGconn *conn)
7633{
7634 if (!conn)
7635 return NULL;
7636
7637 /* Return the parsed IP address */
7638 if (conn->connhost != NULL && conn->connip != NULL)
7639 return conn->connip;
7640
7641 return "";
7642}
7643
7644char *
7645PQport(const PGconn *conn)
7646{
7647 if (!conn)
7648 return NULL;
7649
7650 if (conn->connhost != NULL &&
7651 conn->connhost[conn->whichhost].port != NULL &&
7652 conn->connhost[conn->whichhost].port[0] != '\0')
7653 return conn->connhost[conn->whichhost].port;
7654
7655 return DEF_PGPORT_STR;
7656}
7657
7658/*
7659 * No longer does anything, but the function remains for API backwards
7660 * compatibility.
7661 */
7662char *
7663PQtty(const PGconn *conn)
7664{
7665 if (!conn)
7666 return NULL;
7667 return "";
7668}
7669
7670char *
7671PQoptions(const PGconn *conn)
7672{
7673 if (!conn)
7674 return NULL;
7675 return conn->pgoptions;
7676}
7677
7678ConnStatusType
7679PQstatus(const PGconn *conn)
7680{
7681 if (!conn)
7682 return CONNECTION_BAD;
7683 return conn->status;
7684}
7685
7686PGTransactionStatusType
7687PQtransactionStatus(const PGconn *conn)
7688{
7689 if (!conn || conn->status != CONNECTION_OK)
7690 return PQTRANS_UNKNOWN;
7691 if (conn->asyncStatus != PGASYNC_IDLE)
7692 return PQTRANS_ACTIVE;
7693 return conn->xactStatus;
7694}
7695
7696const char *
7697PQparameterStatus(const PGconn *conn, const char *paramName)
7698{
7699 const pgParameterStatus *pstatus;
7700
7701 if (!conn || !paramName)
7702 return NULL;
7703 for (pstatus = conn->pstatus; pstatus != NULL; pstatus = pstatus->next)
7704 {
7705 if (strcmp(pstatus->name, paramName) == 0)
7706 return pstatus->value;
7707 }
7708 return NULL;
7709}
7710
7711int
7712PQprotocolVersion(const PGconn *conn)
7713{
7714 if (!conn)
7715 return 0;
7716 if (conn->status == CONNECTION_BAD)
7717 return 0;
7718 return PG_PROTOCOL_MAJOR(conn->pversion);
7719}
7720
7721int
7722PQfullProtocolVersion(const PGconn *conn)
7723{
7724 if (!conn)
7725 return 0;
7726 if (conn->status == CONNECTION_BAD)
7727 return 0;
7728 return PG_PROTOCOL_FULL(conn->pversion);
7729}
7730
7731int
7732PQserverVersion(const PGconn *conn)
7733{
7734 if (!conn)
7735 return 0;
7736 if (conn->status == CONNECTION_BAD)
7737 return 0;
7738 return conn->sversion;
7739}
7740
7741char *
7742PQerrorMessage(const PGconn *conn)
7743{
7744 if (!conn)
7745 return libpq_gettext("connection pointer is NULL\n");
7746
7747 /*
7748 * The errorMessage buffer might be marked "broken" due to having
7749 * previously failed to allocate enough memory for the message. In that
7750 * case, tell the application we ran out of memory.
7751 */
7752 if (PQExpBufferBroken(&conn->errorMessage))
7753 return libpq_gettext("out of memory\n");
7754
7755 return conn->errorMessage.data;
7756}
7757
7758/*
7759 * In Windows, socket values are unsigned, and an invalid socket value
7760 * (INVALID_SOCKET) is ~0, which equals -1 in comparisons (with no compiler
7761 * warning). Ideally we would return an unsigned value for PQsocket() on
7762 * Windows, but that would cause the function's return value to differ from
7763 * Unix, so we just return -1 for invalid sockets.
7764 * http://msdn.microsoft.com/en-us/library/windows/desktop/cc507522%28v=vs.85%29.aspx
7765 * http://stackoverflow.com/questions/10817252/why-is-invalid-socket-defined-as-0-in-winsock2-h-c
7766 */
7767int
7768PQsocket(const PGconn *conn)
7769{
7770 if (!conn)
7771 return -1;
7772 if (conn->altsock != PGINVALID_SOCKET)
7773 return conn->altsock;
7774 return (conn->sock != PGINVALID_SOCKET) ? conn->sock : -1;
7775}
7776
7777int
7778PQbackendPID(const PGconn *conn)
7779{
7780 if (!conn || conn->status != CONNECTION_OK)
7781 return 0;
7782 return conn->be_pid;
7783}
7784
7785PGpipelineStatus
7786PQpipelineStatus(const PGconn *conn)
7787{
7788 if (!conn)
7789 return PQ_PIPELINE_OFF;
7790
7791 return conn->pipelineStatus;
7792}
7793
7794int
7795PQconnectionNeedsPassword(const PGconn *conn)
7796{
7797 char *password;
7798
7799 if (!conn)
7800 return false;
7801 password = PQpass(conn);
7802 if (conn->password_needed &&
7803 (password == NULL || password[0] == '\0'))
7804 return true;
7805 else
7806 return false;
7807}
7808
7809int
7810PQconnectionUsedPassword(const PGconn *conn)
7811{
7812 if (!conn)
7813 return false;
7814 if (conn->password_needed)
7815 return true;
7816 else
7817 return false;
7818}
7819
7820int
7821PQconnectionUsedGSSAPI(const PGconn *conn)
7822{
7823 if (!conn)
7824 return false;
7825 if (conn->gssapi_used)
7826 return true;
7827 else
7828 return false;
7829}
7830
7831int
7832PQclientEncoding(const PGconn *conn)
7833{
7834 if (!conn || conn->status != CONNECTION_OK)
7835 return -1;
7836 return conn->client_encoding;
7837}
7838
7839int
7840PQsetClientEncoding(PGconn *conn, const char *encoding)
7841{
7842 char qbuf[128];
7843 static const char query[] = "set client_encoding to '%s'";
7844 PGresult *res;
7845 int status;
7846
7847 if (!conn || conn->status != CONNECTION_OK)
7848 return -1;
7849
7850 if (!encoding)
7851 return -1;
7852
7853 /* Resolve special "auto" value from the locale */
7854 if (strcmp(encoding, "auto") == 0)
7855 encoding = pg_encoding_to_char(pg_get_encoding_from_locale(NULL, true));
7856
7857 /* check query buffer overflow */
7858 if (sizeof(qbuf) < (sizeof(query) + strlen(encoding)))
7859 return -1;
7860
7861 /* ok, now send a query */
7862 sprintf(qbuf, query, encoding);
7863 res = PQexec(conn, qbuf);
7864
7865 if (res == NULL)
7866 return -1;
7867 if (res->resultStatus != PGRES_COMMAND_OK)
7868 status = -1;
7869 else
7870 {
7871 /*
7872 * We rely on the backend to report the parameter value, and we'll
7873 * change state at that time.
7874 */
7875 status = 0; /* everything is ok */
7876 }
7877 PQclear(res);
7878 return status;
7879}
7880
7881PGVerbosity
7882PQsetErrorVerbosity(PGconn *conn, PGVerbosity verbosity)
7883{
7884 PGVerbosity old;
7885
7886 if (!conn)
7887 return PQERRORS_DEFAULT;
7888 old = conn->verbosity;
7889 conn->verbosity = verbosity;
7890 return old;
7891}
7892
7893PGContextVisibility
7894PQsetErrorContextVisibility(PGconn *conn, PGContextVisibility show_context)
7895{
7896 PGContextVisibility old;
7897
7898 if (!conn)
7899 return PQSHOW_CONTEXT_ERRORS;
7900 old = conn->show_context;
7901 conn->show_context = show_context;
7902 return old;
7903}
7904
7905PQnoticeReceiver
7906PQsetNoticeReceiver(PGconn *conn, PQnoticeReceiver proc, void *arg)
7907{
7908 PQnoticeReceiver old;
7909
7910 if (conn == NULL)
7911 return NULL;
7912
7913 old = conn->noticeHooks.noticeRec;
7914 if (proc)
7915 {
7916 conn->noticeHooks.noticeRec = proc;
7917 conn->noticeHooks.noticeRecArg = arg;
7918 }
7919 return old;
7920}
7921
7922PQnoticeProcessor
7923PQsetNoticeProcessor(PGconn *conn, PQnoticeProcessor proc, void *arg)
7924{
7925 PQnoticeProcessor old;
7926
7927 if (conn == NULL)
7928 return NULL;
7929
7930 old = conn->noticeHooks.noticeProc;
7931 if (proc)
7932 {
7933 conn->noticeHooks.noticeProc = proc;
7934 conn->noticeHooks.noticeProcArg = arg;
7935 }
7936 return old;
7937}
7938
7939/*
7940 * The default notice message receiver just gets the standard notice text
7941 * and sends it to the notice processor. This two-level setup exists
7942 * mostly for backwards compatibility; perhaps we should deprecate use of
7943 * PQsetNoticeProcessor?
7944 */
7945static void
7946defaultNoticeReceiver(void *arg, const PGresult *res)
7947{
7948 (void) arg; /* not used */
7949 if (res->noticeHooks.noticeProc != NULL)
7950 res->noticeHooks.noticeProc(res->noticeHooks.noticeProcArg,
7951 PQresultErrorMessage(res));
7952}
7953
7954/*
7955 * The default notice message processor just prints the
7956 * message on stderr. Applications can override this if they
7957 * want the messages to go elsewhere (a window, for example).
7958 * Note that simply discarding notices is probably a bad idea.
7959 */
7960static void
7961defaultNoticeProcessor(void *arg, const char *message)
7962{
7963 (void) arg; /* not used */
7964 /* Note: we expect the supplied string to end with a newline already. */
7965 fprintf(stderr, "%s", message);
7966}
7967
7968/*
7969 * returns a pointer to the next token or NULL if the current
7970 * token doesn't match
7971 */
7972static char *
7973pwdfMatchesString(char *buf, const char *token)
7974{
7975 char *tbuf;
7976 const char *ttok;
7977 bool bslash = false;
7978
7979 if (buf == NULL || token == NULL)
7980 return NULL;
7981 tbuf = buf;
7982 ttok = token;
7983 if (tbuf[0] == '*' && tbuf[1] == ':')
7984 return tbuf + 2;
7985 while (*tbuf != 0)
7986 {
7987 if (*tbuf == '\\' && !bslash)
7988 {
7989 tbuf++;
7990 bslash = true;
7991 }
7992 if (*tbuf == ':' && *ttok == 0 && !bslash)
7993 return tbuf + 1;
7994 bslash = false;
7995 if (*ttok == 0)
7996 return NULL;
7997 if (*tbuf == *ttok)
7998 {
7999 tbuf++;
8000 ttok++;
8001 }
8002 else
8003 return NULL;
8004 }
8005 return NULL;
8006}
8007
8008/*
8009 * Get a password from the password file. Return value is malloc'd.
8010 *
8011 * On failure, *errmsg is set to an error to be returned. It is
8012 * left NULL on success, or if no password could be found.
8013 */
8014static char *
8015passwordFromFile(const char *hostname, const char *port,
8016 const char *dbname, const char *username,
8017 const char *pgpassfile, const char **errmsg)
8018{
8019 FILE *fp;
8020#ifndef WIN32
8021 struct stat stat_buf;
8022#endif
8023 PQExpBufferData buf;
8024
8025 *errmsg = NULL;
8026
8027 if (dbname == NULL || dbname[0] == '\0')
8028 return NULL;
8029
8030 if (username == NULL || username[0] == '\0')
8031 return NULL;
8032
8033 /* 'localhost' matches pghost of '' or the default socket directory */
8034 if (hostname == NULL || hostname[0] == '\0')
8035 hostname = DefaultHost;
8036 else if (is_unixsock_path(hostname))
8037
8038 /*
8039 * We should probably use canonicalize_path(), but then we have to
8040 * bring path.c into libpq, and it doesn't seem worth it.
8041 */
8042 if (strcmp(hostname, DEFAULT_PGSOCKET_DIR) == 0)
8043 hostname = DefaultHost;
8044
8045 if (port == NULL || port[0] == '\0')
8046 port = DEF_PGPORT_STR;
8047
8048 /* If password file cannot be opened, ignore it. */
8049 fp = fopen(pgpassfile, "r");
8050 if (fp == NULL)
8051 return NULL;
8052
8053#ifndef WIN32
8054 if (fstat(fileno(fp), &stat_buf) != 0)
8055 {
8056 fclose(fp);
8057 return NULL;
8058 }
8059
8060 if (!S_ISREG(stat_buf.st_mode))
8061 {
8062 fprintf(stderr,
8063 libpq_gettext("WARNING: password file \"%s\" is not a plain file\n"),
8064 pgpassfile);
8065 fclose(fp);
8066 return NULL;
8067 }
8068
8069 /* If password file is insecure, alert the user and ignore it. */
8070 if (stat_buf.st_mode & (S_IRWXG | S_IRWXO))
8071 {
8072 fprintf(stderr,
8073 libpq_gettext("WARNING: password file \"%s\" has group or world access; permissions should be u=rw (0600) or less\n"),
8074 pgpassfile);
8075 fclose(fp);
8076 return NULL;
8077 }
8078#else
8079
8080 /*
8081 * On Win32, the directory is protected, so we don't have to check the
8082 * file.
8083 */
8084#endif
8085
8086 /* Use an expansible buffer to accommodate any reasonable line length */
8087 initPQExpBuffer(&buf);
8088
8089 while (!feof(fp) && !ferror(fp))
8090 {
8091 /* Make sure there's a reasonable amount of room in the buffer */
8092 if (!enlargePQExpBuffer(&buf, 128))
8093 {
8094 *errmsg = libpq_gettext("out of memory");
8095 break;
8096 }
8097
8098 /* Read some data, appending it to what we already have */
8099 if (fgets(buf.data + buf.len, buf.maxlen - buf.len, fp) == NULL)
8100 break;
8101 buf.len += strlen(buf.data + buf.len);
8102
8103 /* If we don't yet have a whole line, loop around to read more */
8104 if (!(buf.len > 0 && buf.data[buf.len - 1] == '\n') && !feof(fp))
8105 continue;
8106
8107 /* ignore comments */
8108 if (buf.data[0] != '#')
8109 {
8110 char *t = buf.data;
8111 int len;
8112
8113 /* strip trailing newline and carriage return */
8114 len = pg_strip_crlf(t);
8115
8116 if (len > 0 &&
8117 (t = pwdfMatchesString(t, hostname)) != NULL &&
8118 (t = pwdfMatchesString(t, port)) != NULL &&
8119 (t = pwdfMatchesString(t, dbname)) != NULL &&
8120 (t = pwdfMatchesString(t, username)) != NULL)
8121 {
8122 /* Found a match. */
8123 char *ret,
8124 *p1,
8125 *p2;
8126
8127 ret = strdup(t);
8128
8129 fclose(fp);
8130 explicit_bzero(buf.data, buf.maxlen);
8131 termPQExpBuffer(&buf);
8132
8133 if (!ret)
8134 {
8135 *errmsg = libpq_gettext("out of memory");
8136 return NULL;
8137 }
8138
8139 /* De-escape password. */
8140 for (p1 = p2 = ret; *p1 != ':' && *p1 != '\0'; ++p1, ++p2)
8141 {
8142 if (*p1 == '\\' && p1[1] != '\0')
8143 ++p1;
8144 *p2 = *p1;
8145 }
8146 *p2 = '\0';
8147
8148 return ret;
8149 }
8150 }
8151
8152 /* No match, reset buffer to prepare for next line. */
8153 buf.len = 0;
8154 }
8155
8156 fclose(fp);
8157 explicit_bzero(buf.data, buf.maxlen);
8158 termPQExpBuffer(&buf);
8159 return NULL;
8160}
8161
8162
8163/*
8164 * If the connection failed due to bad password, we should mention
8165 * if we got the password from the pgpassfile.
8166 */
8167static void
8168pgpassfileWarning(PGconn *conn)
8169{
8170 /* If it was 'invalid authorization', add pgpassfile mention */
8171 /* only works with >= 9.0 servers */
8172 if (conn->password_needed &&
8173 conn->connhost[conn->whichhost].password != NULL &&
8174 conn->result)
8175 {
8176 const char *sqlstate = PQresultErrorField(conn->result,
8177 PG_DIAG_SQLSTATE);
8178
8179 if (sqlstate && strcmp(sqlstate, ERRCODE_INVALID_PASSWORD) == 0)
8180 libpq_append_conn_error(conn, "password retrieved from file \"%s\"",
8181 conn->pgpassfile);
8182 }
8183}
8184
8185/*
8186 * Check if the SSL protocol value given in input is valid or not.
8187 * This is used as a sanity check routine for the connection parameters
8188 * ssl_min_protocol_version and ssl_max_protocol_version.
8189 */
8190static bool
8191sslVerifyProtocolVersion(const char *version)
8192{
8193 /*
8194 * An empty string and a NULL value are considered valid as it is
8195 * equivalent to ignoring the parameter.
8196 */
8197 if (!version || strlen(version) == 0)
8198 return true;
8199
8200 if (pg_strcasecmp(version, "TLSv1") == 0 ||
8201 pg_strcasecmp(version, "TLSv1.1") == 0 ||
8202 pg_strcasecmp(version, "TLSv1.2") == 0 ||
8203 pg_strcasecmp(version, "TLSv1.3") == 0)
8204 return true;
8205
8206 /* anything else is wrong */
8207 return false;
8208}
8209
8210
8211/*
8212 * Ensure that the SSL protocol range given in input is correct. The check
8213 * is performed on the input string to keep it TLS backend agnostic. Input
8214 * to this function is expected verified with sslVerifyProtocolVersion().
8215 */
8216static bool
8217sslVerifyProtocolRange(const char *min, const char *max)
8218{
8219 Assert(sslVerifyProtocolVersion(min) &&
8220 sslVerifyProtocolVersion(max));
8221
8222 /* If at least one of the bounds is not set, the range is valid */
8223 if (min == NULL || max == NULL || strlen(min) == 0 || strlen(max) == 0)
8224 return true;
8225
8226 /*
8227 * If the minimum version is the lowest one we accept, then all options
8228 * for the maximum are valid.
8229 */
8230 if (pg_strcasecmp(min, "TLSv1") == 0)
8231 return true;
8232
8233 /*
8234 * The minimum bound is valid, and cannot be TLSv1, so using TLSv1 for the
8235 * maximum is incorrect.
8236 */
8237 if (pg_strcasecmp(max, "TLSv1") == 0)
8238 return false;
8239
8240 /*
8241 * At this point we know that we have a mix of TLSv1.1 through 1.3
8242 * versions.
8243 */
8244 if (pg_strcasecmp(min, max) > 0)
8245 return false;
8246
8247 return true;
8248}
8249
8250
8251/*
8252 * Obtain user's home directory, return in given buffer
8253 *
8254 * On Unix, this actually returns the user's home directory. On Windows
8255 * it returns the PostgreSQL-specific application data folder.
8256 *
8257 * This is essentially the same as get_home_path(), but we don't use that
8258 * because we don't want to pull path.c into libpq (it pollutes application
8259 * namespace).
8260 *
8261 * Returns true on success, false on failure to obtain the directory name.
8262 *
8263 * CAUTION: although in most situations failure is unexpected, there are users
8264 * who like to run applications in a home-directory-less environment. On
8265 * failure, you almost certainly DO NOT want to report an error. Just act as
8266 * though whatever file you were hoping to find in the home directory isn't
8267 * there (which it isn't).
8268 */
8269bool
8270pqGetHomeDirectory(char *buf, int bufsize)
8271{
8272#ifndef WIN32
8273 const char *home;
8274
8275 home = getenv("HOME");
8276 if (home && home[0])
8277 {
8278 strlcpy(buf, home, bufsize);
8279 return true;
8280 }
8281 else
8282 {
8283 struct passwd pwbuf;
8284 struct passwd *pw;
8285 char tmpbuf[1024];
8286 int rc;
8287
8288 rc = getpwuid_r(geteuid(), &pwbuf, tmpbuf, sizeof tmpbuf, &pw);
8289 if (rc != 0 || !pw)
8290 return false;
8291 strlcpy(buf, pw->pw_dir, bufsize);
8292 return true;
8293 }
8294#else
8295 char tmppath[MAX_PATH];
8296
8297 ZeroMemory(tmppath, sizeof(tmppath));
8298 if (SHGetFolderPath(NULL, CSIDL_APPDATA, NULL, 0, tmppath) != S_OK)
8299 return false;
8300 snprintf(buf, bufsize, "%s/postgresql", tmppath);
8301 return true;
8302#endif
8303}
8304
8305/*
8306 * Parse and try to interpret "value" as an integer value, and if successful,
8307 * store it in *result, complaining if there is any trailing garbage or an
8308 * overflow. This allows any number of leading and trailing whitespaces.
8309 */
8310bool
8311pqParseIntParam(const char *value, int *result, PGconn *conn,
8312 const char *context)
8313{
8314 char *end;
8315 long numval;
8316
8317 Assert(value != NULL);
8318
8319 *result = 0;
8320
8321 /* strtol(3) skips leading whitespaces */
8322 errno = 0;
8323 numval = strtol(value, &end, 10);
8324
8325 /*
8326 * If no progress was done during the parsing or an error happened, fail.
8327 * This tests properly for overflows of the result.
8328 */
8329 if (value == end || errno != 0 || numval != (int) numval)
8330 goto error;
8331
8332 /*
8333 * Skip any trailing whitespace; if anything but whitespace remains before
8334 * the terminating character, fail
8335 */
8336 while (*end != '\0' && isspace((unsigned char) *end))
8337 end++;
8338
8339 if (*end != '\0')
8340 goto error;
8341
8342 *result = numval;
8343 return true;
8344
8345error:
8346 libpq_append_conn_error(conn, "invalid integer value \"%s\" for connection option \"%s\"",
8347 value, context);
8348 return false;
8349}
8350
8351/*
8352 * Parse and try to interpret "value" as a ProtocolVersion value, and if
8353 * successful, store it in *result.
8354 */
8355static bool
8356pqParseProtocolVersion(const char *value, ProtocolVersion *result, PGconn *conn,
8357 const char *context)
8358{
8359 if (strcmp(value, "latest") == 0)
8360 {
8361 *result = PG_PROTOCOL_LATEST;
8362 return true;
8363 }
8364 if (strcmp(value, "3.0") == 0)
8365 {
8366 *result = PG_PROTOCOL(3, 0);
8367 return true;
8368 }
8369
8370 /* 3.1 never existed, we went straight from 3.0 to 3.2 */
8371
8372 if (strcmp(value, "3.2") == 0)
8373 {
8374 *result = PG_PROTOCOL(3, 2);
8375 return true;
8376 }
8377
8378 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
8379 context, value);
8380 return false;
8381}
8382
8383/*
8384 * To keep the API consistent, the locking stubs are always provided, even
8385 * if they are not required.
8386 *
8387 * Since we neglected to provide any error-return convention in the
8388 * pgthreadlock_t API, we can't do much except Assert upon failure of any
8389 * mutex primitive. Fortunately, such failures appear to be nonexistent in
8390 * the field.
8391 */
8392
8393static void
8394default_threadlock(int acquire)
8395{
8396 static pthread_mutex_t singlethread_lock = PTHREAD_MUTEX_INITIALIZER;
8397
8398 if (acquire)
8399 {
8400 if (pthread_mutex_lock(&singlethread_lock))
8401 Assert(false);
8402 }
8403 else
8404 {
8405 if (pthread_mutex_unlock(&singlethread_lock))
8406 Assert(false);
8407 }
8408}
8409
8410pgthreadlock_t
8411PQregisterThreadLock(pgthreadlock_t newhandler)
8412{
8413 pgthreadlock_t prev = pg_g_threadlock;
8414
8415 if (newhandler)
8416 pg_g_threadlock = newhandler;
8417 else
8418 pg_g_threadlock = default_threadlock;
8419
8420 return prev;
8421}
8422
8423pgthreadlock_t
8424PQgetThreadLock(void)
8425{
8426 Assert(pg_g_threadlock);
8427 return pg_g_threadlock;
8428}
pg_b64_dec_len
int pg_b64_dec_len(int srclen)
Definition base64.c:239
pg_b64_decode
int pg_b64_decode(const char *src, int len, uint8 *dst, int dstlen)
Definition base64.c:116
ssl_min_protocol_version
int ssl_min_protocol_version
Definition be-secure.c:61
ssl_max_protocol_version
int ssl_max_protocol_version
Definition be-secure.c:62
values
static Datum values[MAXATTR]
Definition bootstrap.c:190
cleanup
static void cleanup(void)
Definition bootstrap.c:886
STATUS_OK
#define STATUS_OK
Definition c.h:1258
Assert
#define Assert(condition)
Definition c.h:943
uint64
uint64_t uint64
Definition c.h:625
uint32
uint32_t uint32
Definition c.h:624
lengthof
#define lengthof(array)
Definition c.h:873
MemSet
#define MemSet(start, val, len)
Definition c.h:1107
StaticAssertDecl
#define StaticAssertDecl(condition, errmessage)
Definition c.h:1008
STATUS_ERROR
#define STATUS_ERROR
Definition c.h:1259
result
uint32 result
Definition checksum_block_internal.h:18
memcpy
memcpy(sums, checksumBaseOffsets, sizeof(checksumBaseOffsets))
fprintf
#define fprintf(file, fmt, msg)
Definition cubescan.l:21
cur
struct cursor * cur
Definition ecpg.c:29
arg
Datum arg
Definition elog.c:1322
err
void err(int eval, const char *fmt,...)
Definition err.c:43
pg_oauth_mech
const pg_fe_sasl_mech pg_oauth_mech
Definition fe-auth-oauth.c:47
pqClearOAuthToken
void pqClearOAuthToken(PGconn *conn)
Definition fe-auth-oauth.c:1431
pg_scram_mech
const pg_fe_sasl_mech pg_scram_mech
Definition fe-auth-scram.c:33
pg_fe_sendauth
int pg_fe_sendauth(AuthRequest areq, int payloadlen, PGconn *conn, bool *async)
Definition fe-auth.c:1066
pg_fe_getauthname
char * pg_fe_getauthname(PQExpBuffer errorMessage)
Definition fe-auth.c:1344
pg_fe_getusername
char * pg_fe_getusername(uid_t user_id, PQExpBuffer errorMessage)
Definition fe-auth.c:1286
PQsendCancelRequest
int PQsendCancelRequest(PGconn *cancelConn)
Definition fe-cancel.c:472
PQcancelPoll
PostgresPollingStatusType PQcancelPoll(PGcancelConn *cancelConn)
Definition fe-cancel.c:226
pqFreeCommandQueue
static void pqFreeCommandQueue(PGcmdQueueEntry *queue)
Definition fe-connect.c:637
MAX_ERRLEN
#define MAX_ERRLEN
PQserverVersion
int PQserverVersion(const PGconn *conn)
Definition fe-connect.c:7732
conninfo_getval
static const char * conninfo_getval(PQconninfoOption *connOptions, const char *keyword)
Definition fe-connect.c:7411
PQprotocolVersion
int PQprotocolVersion(const PGconn *conn)
Definition fe-connect.c:7712
pqDropConnection
void pqDropConnection(PGconn *conn, bool flushInput)
Definition fe-connect.c:537
PQresetStart
int PQresetStart(PGconn *conn)
Definition fe-connect.c:5401
connectOptions1
static bool connectOptions1(PGconn *conn, const char *conninfo)
Definition fe-connect.c:1083
EnvironmentOptions
static const PQEnvironmentOption EnvironmentOptions[]
Definition fe-connect.c:429
CONNECTION_FAILED
#define CONNECTION_FAILED()
pqConnectOptions2
bool pqConnectOptions2(PGconn *conn)
Definition fe-connect.c:1257
conninfo_init
static PQconninfoOption * conninfo_init(PQExpBuffer errorMessage)
Definition fe-connect.c:6301
sendTerminateConn
static void sendTerminateConn(PGconn *conn)
Definition fe-connect.c:5273
PQoptions
char * PQoptions(const PGconn *conn)
Definition fe-connect.c:7671
setKeepalivesCount
static int setKeepalivesCount(PGconn *conn)
Definition fe-connect.c:2585
parse_connection_string
static PQconninfoOption * parse_connection_string(const char *connstr, PQExpBuffer errorMessage, bool use_defaults)
Definition fe-connect.c:6340
useKeepalives
static int useKeepalives(PGconn *conn)
Definition fe-connect.c:2498
PQdb
char * PQdb(const PGconn *conn)
Definition fe-connect.c:7576
defaultNoticeReceiver
static void defaultNoticeReceiver(void *arg, const PGresult *res)
Definition fe-connect.c:7946
uri_prefix_length
static int uri_prefix_length(const char *connstr)
Definition fe-connect.c:6360
pqParseProtocolVersion
static bool pqParseProtocolVersion(const char *value, ProtocolVersion *result, PGconn *conn, const char *context)
Definition fe-connect.c:8356
store_conn_addrinfo
static int store_conn_addrinfo(PGconn *conn, struct addrinfo *addrlist)
Definition fe-connect.c:5220
parseServiceFile
static int parseServiceFile(const char *serviceFile, const char *service, PQconninfoOption *options, PQExpBuffer errorMessage, bool *group_found)
Definition fe-connect.c:6064
connectFailureMessage
static void connectFailureMessage(PGconn *conn, int errorno)
Definition fe-connect.c:2478
DefaultHost
#define DefaultHost
Definition fe-connect.c:121
sslVerifyProtocolRange
static bool sslVerifyProtocolRange(const char *min, const char *max)
Definition fe-connect.c:8217
default_threadlock
static void default_threadlock(int acquire)
Definition fe-connect.c:8394
PQfullProtocolVersion
int PQfullProtocolVersion(const PGconn *conn)
Definition fe-connect.c:7722
libpq_prng_init
static void libpq_prng_init(PGconn *conn)
Definition fe-connect.c:1179
PQreset
void PQreset(PGconn *conn)
Definition fe-connect.c:5368
pqClosePGconn
void pqClosePGconn(PGconn *conn)
Definition fe-connect.c:5307
passwordFromFile
static char * passwordFromFile(const char *hostname, const char *port, const char *dbname, const char *username, const char *pgpassfile, const char **errmsg)
Definition fe-connect.c:8015
pqGetHomeDirectory
bool pqGetHomeDirectory(char *buf, int bufsize)
Definition fe-connect.c:8270
DefaultSSLMode
#define DefaultSSLMode
Definition fe-connect.c:134
internalPQconninfoOption
struct _internalPQconninfoOption internalPQconninfoOption
short_uri_designator
static const char short_uri_designator[]
Definition fe-connect.c:456
DefaultGSSMode
#define DefaultGSSMode
Definition fe-connect.c:142
release_conn_addrinfo
static void release_conn_addrinfo(PGconn *conn)
Definition fe-connect.c:5259
PQport
char * PQport(const PGconn *conn)
Definition fe-connect.c:7645
PQtransactionStatus
PGTransactionStatusType PQtransactionStatus(const PGconn *conn)
Definition fe-connect.c:7687
count_comma_separated_elems
static int count_comma_separated_elems(const char *input)
Definition fe-connect.c:1120
DefaultOption
#define DefaultOption
Definition fe-connect.c:122
conninfo_add_defaults
static bool conninfo_add_defaults(PQconninfoOption *options, PQExpBuffer errorMessage)
Definition fe-connect.c:6728
select_next_encryption_method
static bool select_next_encryption_method(PGconn *conn, bool have_valid_connection)
Definition fe-connect.c:4852
PQconnectdb
PGconn * PQconnectdb(const char *conninfo)
Definition fe-connect.c:830
PQhost
char * PQhost(const PGconn *conn)
Definition fe-connect.c:7609
ERRCODE_APPNAME_UNKNOWN
#define ERRCODE_APPNAME_UNKNOWN
Definition fe-connect.c:90
conninfo_uri_parse_params
static bool conninfo_uri_parse_params(char *params, PQconninfoOption *connOptions, PQExpBuffer errorMessage)
Definition fe-connect.c:7157
PQconnectionUsedPassword
int PQconnectionUsedPassword(const PGconn *conn)
Definition fe-connect.c:7810
clear_allowed_sasl_mechs
static void clear_allowed_sasl_mechs(PGconn *conn)
Definition fe-connect.c:1226
PQconninfo
PQconninfoOption * PQconninfo(PGconn *conn)
Definition fe-connect.c:7519
conninfo_uri_decode
static char * conninfo_uri_decode(const char *str, PQExpBuffer errorMessage)
Definition fe-connect.c:7290
setKeepalivesInterval
static int setKeepalivesInterval(PGconn *conn)
Definition fe-connect.c:2550
fill_allowed_sasl_mechs
static void fill_allowed_sasl_mechs(PGconn *conn)
Definition fe-connect.c:1202
setKeepalivesIdle
static int setKeepalivesIdle(PGconn *conn)
Definition fe-connect.c:2516
PQconnectPoll
PostgresPollingStatusType PQconnectPoll(PGconn *conn)
Definition fe-connect.c:2925
PQconninfoFree
void PQconninfoFree(PQconninfoOption *connOptions)
Definition fe-connect.c:7563
PQgetThreadLock
pgthreadlock_t PQgetThreadLock(void)
Definition fe-connect.c:8424
DefaultChannelBinding
#define DefaultChannelBinding
Definition fe-connect.c:126
pqParseIntParam
bool pqParseIntParam(const char *value, int *result, PGconn *conn, const char *context)
Definition fe-connect.c:8311
defaultNoticeProcessor
static void defaultNoticeProcessor(void *arg, const char *message)
Definition fe-connect.c:7961
pgpassfileWarning
static void pgpassfileWarning(PGconn *conn)
Definition fe-connect.c:8168
PQtty
char * PQtty(const PGconn *conn)
Definition fe-connect.c:7663
index_of_allowed_sasl_mech
static int index_of_allowed_sasl_mech(PGconn *conn, const pg_fe_sasl_mech *mech)
Definition fe-connect.c:1237
internal_ping
static PGPing internal_ping(PGconn *conn)
Definition fe-connect.c:4927
conninfo_find
static PQconninfoOption * conninfo_find(PQconninfoOption *connOptions, const char *keyword)
Definition fe-connect.c:7501
uri_designator
static const char uri_designator[]
Definition fe-connect.c:455
PQconninfoParse
PQconninfoOption * PQconninfoParse(const char *conninfo, char **errmsg)
Definition fe-connect.c:6279
PQparameterStatus
const char * PQparameterStatus(const PGconn *conn, const char *paramName)
Definition fe-connect.c:7697
sslVerifyProtocolVersion
static bool sslVerifyProtocolVersion(const char *version)
Definition fe-connect.c:8191
SELECT_NEXT_METHOD
#define SELECT_NEXT_METHOD(method)
PQconnectionNeedsPassword
int PQconnectionNeedsPassword(const PGconn *conn)
Definition fe-connect.c:7795
PQpass
char * PQpass(const PGconn *conn)
Definition fe-connect.c:7592
ERRCODE_PROTOCOL_VIOLATION
#define ERRCODE_PROTOCOL_VIOLATION
Definition fe-connect.c:96
PQresetPoll
PostgresPollingStatusType PQresetPoll(PGconn *conn)
Definition fe-connect.c:5420
PQconnectionUsedGSSAPI
int PQconnectionUsedGSSAPI(const PGconn *conn)
Definition fe-connect.c:7821
conninfo_uri_parse
static PQconninfoOption * conninfo_uri_parse(const char *uri, PQExpBuffer errorMessage, bool use_defaults)
Definition fe-connect.c:6863
pqReleaseConnHosts
void pqReleaseConnHosts(PGconn *conn)
Definition fe-connect.c:5190
emitHostIdentityInfo
static void emitHostIdentityInfo(PGconn *conn, const char *host_addr)
Definition fe-connect.c:2422
connection_failed
static bool connection_failed(PGconn *conn)
Definition fe-connect.c:4837
pg_g_threadlock
pgthreadlock_t pg_g_threadlock
Definition fe-connect.c:521
PQstatus
ConnStatusType PQstatus(const PGconn *conn)
Definition fe-connect.c:7679
PQconnectStart
PGconn * PQconnectStart(const char *conninfo)
Definition fe-connect.c:958
setTCPUserTimeout
static int setTCPUserTimeout(PGconn *conn)
Definition fe-connect.c:2682
conninfo_array_parse
static PQconninfoOption * conninfo_array_parse(const char *const *keywords, const char *const *values, PQExpBuffer errorMessage, bool use_defaults, int expand_dbname)
Definition fe-connect.c:6570
PQclientEncoding
int PQclientEncoding(const PGconn *conn)
Definition fe-connect.c:7832
PQconnectStartParams
PGconn * PQconnectStartParams(const char *const *keywords, const char *const *values, int expand_dbname)
Definition fe-connect.c:877
conninfo_parse
static PQconninfoOption * conninfo_parse(const char *conninfo, PQExpBuffer errorMessage, bool use_defaults)
Definition fe-connect.c:6394
PQfinish
void PQfinish(PGconn *conn)
Definition fe-connect.c:5354
pqDropServerData
static void pqDropServerData(PGconn *conn)
Definition fe-connect.c:663
pqMakeEmptyPGconn
PGconn * pqMakeEmptyPGconn(void)
Definition fe-connect.c:4991
PQping
PGPing PQping(const char *conninfo)
Definition fe-connect.c:846
PQsetErrorContextVisibility
PGContextVisibility PQsetErrorContextVisibility(PGconn *conn, PGContextVisibility show_context)
Definition fe-connect.c:7894
DefaultLoadBalanceHosts
#define DefaultLoadBalanceHosts
Definition fe-connect.c:129
connectNoDelay
static int connectNoDelay(PGconn *conn)
Definition fe-connect.c:2363
DefaultSSLNegotiation
#define DefaultSSLNegotiation
Definition fe-connect.c:137
PQsetNoticeReceiver
PQnoticeReceiver PQsetNoticeReceiver(PGconn *conn, PQnoticeReceiver proc, void *arg)
Definition fe-connect.c:7906
PQsetdbLogin
PGconn * PQsetdbLogin(const char *pghost, const char *pgport, const char *pgoptions, const char *pgtty, const char *dbName, const char *login, const char *pwd)
Definition fe-connect.c:2248
PQhostaddr
char * PQhostaddr(const PGconn *conn)
Definition fe-connect.c:7632
PQbackendPID
int PQbackendPID(const PGconn *conn)
Definition fe-connect.c:7778
PQconndefaults
PQconninfoOption * PQconndefaults(void)
Definition fe-connect.c:2210
conninfo_storeval
static PQconninfoOption * conninfo_storeval(PQconninfoOption *connOptions, const char *keyword, const char *value, PQExpBuffer errorMessage, bool ignoreMissing, bool uri_decode)
Definition fe-connect.c:7437
PGPASSFILE
#define PGPASSFILE
Definition fe-connect.c:79
conninfo_uri_parse_options
static bool conninfo_uri_parse_options(PQconninfoOption *options, const char *uri, PQExpBuffer errorMessage)
Definition fe-connect.c:6916
pqConnectDBStart
int pqConnectDBStart(PGconn *conn)
Definition fe-connect.c:2721
getHostaddr
static void getHostaddr(PGconn *conn, char *host_addr, int host_addr_len)
Definition fe-connect.c:2389
PQuser
char * PQuser(const PGconn *conn)
Definition fe-connect.c:7584
freePGconn
static void freePGconn(PGconn *conn)
Definition fe-connect.c:5091
pqCopyPGconn
bool pqCopyPGconn(PGconn *srcConn, PGconn *dstConn)
Definition fe-connect.c:1042
pwdfMatchesString
static char * pwdfMatchesString(char *buf, const char *token)
Definition fe-connect.c:7973
PQpipelineStatus
PGpipelineStatus PQpipelineStatus(const PGconn *conn)
Definition fe-connect.c:7786
get_hexdigit
static bool get_hexdigit(char digit, int *value)
Definition fe-connect.c:7390
ERRCODE_INVALID_PASSWORD
#define ERRCODE_INVALID_PASSWORD
Definition fe-connect.c:93
PQsetErrorVerbosity
PGVerbosity PQsetErrorVerbosity(PGconn *conn, PGVerbosity verbosity)
Definition fe-connect.c:7882
SASL_MECHANISM_COUNT
#define SASL_MECHANISM_COUNT
Definition fe-connect.c:452
PQsetNoticeProcessor
PQnoticeProcessor PQsetNoticeProcessor(PGconn *conn, PQnoticeProcessor proc, void *arg)
Definition fe-connect.c:7923
DefaultSSLCertMode
#define DefaultSSLCertMode
Definition fe-connect.c:135
ERRCODE_CANNOT_CONNECT_NOW
#define ERRCODE_CANNOT_CONNECT_NOW
Definition fe-connect.c:95
PQconninfoOptions
static const internalPQconninfoOption PQconninfoOptions[]
Definition fe-connect.c:201
ENCRYPTION_NEGOTIATION_FAILED
#define ENCRYPTION_NEGOTIATION_FAILED(msg)
recognized_connection_string
static bool recognized_connection_string(const char *connstr)
Definition fe-connect.c:6383
DefaultTargetSessionAttrs
#define DefaultTargetSessionAttrs
Definition fe-connect.c:128
parseServiceInfo
static int parseServiceInfo(PQconninfoOption *options, PQExpBuffer errorMessage)
Definition fe-connect.c:5992
PQerrorMessage
char * PQerrorMessage(const PGconn *conn)
Definition fe-connect.c:7742
init_allowed_encryption_methods
static bool init_allowed_encryption_methods(PGconn *conn)
Definition fe-connect.c:4747
supported_sasl_mechs
static const pg_fe_sasl_mech * supported_sasl_mechs[]
Definition fe-connect.c:447
PQpingParams
PGPing PQpingParams(const char *const *keywords, const char *const *values, int expand_dbname)
Definition fe-connect.c:793
PQsocket
int PQsocket(const PGconn *conn)
Definition fe-connect.c:7768
pqConnectDBComplete
int pqConnectDBComplete(PGconn *conn)
Definition fe-connect.c:2799
PQsetClientEncoding
int PQsetClientEncoding(PGconn *conn, const char *encoding)
Definition fe-connect.c:7840
PQconnectdbParams
PGconn * PQconnectdbParams(const char *const *keywords, const char *const *values, int expand_dbname)
Definition fe-connect.c:775
parse_comma_separated_list
static char * parse_comma_separated_list(char **startptr, bool *more)
Definition fe-connect.c:1144
pqPacketSend
int pqPacketSend(PGconn *conn, char pack_type, const void *buf, size_t buf_len)
Definition fe-connect.c:5462
fillPGconn
static bool fillPGconn(PGconn *conn, PQconninfoOption *connOptions)
Definition fe-connect.c:1004
PQregisterThreadLock
pgthreadlock_t PQregisterThreadLock(pgthreadlock_t newhandler)
Definition fe-connect.c:8411
PQsendQueryContinue
int PQsendQueryContinue(PGconn *conn, const char *query)
Definition fe-exec.c:1439
PQconsumeInput
int PQconsumeInput(PGconn *conn)
Definition fe-exec.c:2001
pqClearAsyncResult
void pqClearAsyncResult(PGconn *conn)
Definition fe-exec.c:785
PQisBusy
int PQisBusy(PGconn *conn)
Definition fe-exec.c:2048
PQexec
PGresult * PQexec(PGconn *conn, const char *query)
Definition fe-exec.c:2279
pg_GSS_have_cred_cache
bool pg_GSS_have_cred_cache(gss_cred_id_t *cred_out)
Definition fe-gssapi-common.c:61
pqReadData
int pqReadData(PGconn *conn)
Definition fe-misc.c:606
pqFlush
int pqFlush(PGconn *conn)
Definition fe-misc.c:994
pqParseDone
void pqParseDone(PGconn *conn, int newInStart)
Definition fe-misc.c:443
pqPutMsgStart
int pqPutMsgStart(char msg_type, PGconn *conn)
Definition fe-misc.c:473
pqGetc
int pqGetc(char *result, PGconn *conn)
Definition fe-misc.c:77
pqGetInt
int pqGetInt(int *result, size_t bytes, PGconn *conn)
Definition fe-misc.c:216
libpq_append_grease_info
void libpq_append_grease_info(PGconn *conn)
Definition fe-misc.c:1432
pqPutnchar
int pqPutnchar(const void *s, size_t len, PGconn *conn)
Definition fe-misc.c:202
pqCheckInBufferSpace
int pqCheckInBufferSpace(size_t bytes_needed, PGconn *conn)
Definition fe-misc.c:351
PQgetCurrentTimeUSec
pg_usec_time_t PQgetCurrentTimeUSec(void)
Definition fe-misc.c:1235
libpq_append_error
void libpq_append_error(PQExpBuffer errorMessage, const char *fmt,...)
Definition fe-misc.c:1375
libpq_append_conn_error
void libpq_append_conn_error(PGconn *conn, const char *fmt,...)
Definition fe-misc.c:1404
pqWaitTimed
int pqWaitTimed(int forRead, int forWrite, PGconn *conn, pg_usec_time_t end_time)
Definition fe-misc.c:1035
pqGets_append
int pqGets_append(PQExpBuffer buf, PGconn *conn)
Definition fe-misc.c:142
pqPutMsgEnd
int pqPutMsgEnd(PGconn *conn)
Definition fe-misc.c:532
pqBuildStartupPacket3
char * pqBuildStartupPacket3(PGconn *conn, int *packetlen, const PQEnvironmentOption *options)
Definition fe-protocol3.c:2436
pqGetNegotiateProtocolVersion3
int pqGetNegotiateProtocolVersion3(PGconn *conn)
Definition fe-protocol3.c:1443
pqGetErrorNotice3
int pqGetErrorNotice3(PGconn *conn, bool isError)
Definition fe-protocol3.c:898
pqsecure_open_gss
PostgresPollingStatusType pqsecure_open_gss(PGconn *conn)
Definition fe-secure-gssapi.c:481
pqsecure_open_client
PostgresPollingStatusType pqsecure_open_client(PGconn *conn)
Definition fe-secure.c:138
pqsecure_close
void pqsecure_close(PGconn *conn)
Definition fe-secure.c:152
pqTraceOutputCharResponse
void pqTraceOutputCharResponse(PGconn *conn, const char *responseType, char response)
Definition fe-trace.c:915
start
return str start
Definition hashfn_unstable.h:289
str
const char * str
Definition hashfn_unstable.h:261
token
#define token
Definition indent_globs.h:126
bufsize
#define bufsize
Definition indent_globs.h:36
input
FILE * input
val
long val
Definition informix.c:689
value
static struct @177 value
username
static char * username
Definition initdb.c:153
encoding
static char * encoding
Definition initdb.c:139
pg_freeaddrinfo_all
void pg_freeaddrinfo_all(int hint_ai_family, struct addrinfo *ai)
Definition ip.c:85
pg_getnameinfo_all
int pg_getnameinfo_all(const struct sockaddr_storage *addr, int salen, char *node, int nodelen, char *service, int servicelen, int flags)
Definition ip.c:117
pg_getaddrinfo_all
int pg_getaddrinfo_all(const char *hostname, const char *servname, const struct addrinfo *hintp, struct addrinfo **result)
Definition ip.c:56
j
int j
Definition isn.c:78
i
int i
Definition isn.c:77
keywords
static const JsonPathKeyword keywords[]
Definition jsonpath_scan.l:402
PQresultErrorMessage
#define PQresultErrorMessage
Definition libpq-be-fe-helpers.h:475
PQgetvalue
#define PQgetvalue
Definition libpq-be-fe.h:253
PQgetResult
#define PQgetResult
Definition libpq-be-fe.h:246
PQclear
#define PQclear
Definition libpq-be-fe.h:245
PQresultErrorField
#define PQresultErrorField
Definition libpq-be-fe.h:249
PQresultStatus
#define PQresultStatus
Definition libpq-be-fe.h:247
PQntuples
#define PQntuples
Definition libpq-be-fe.h:251
PGEVT_CONNDESTROY
@ PGEVT_CONNDESTROY
Definition libpq-events.h:31
PGEVT_CONNRESET
@ PGEVT_CONNRESET
Definition libpq-events.h:30
ConnStatusType
ConnStatusType
Definition libpq-fe.h:89
CONNECTION_CONSUME
@ CONNECTION_CONSUME
Definition libpq-fe.h:108
CONNECTION_AUTHENTICATING
@ CONNECTION_AUTHENTICATING
Definition libpq-fe.h:115
CONNECTION_CHECK_STANDBY
@ CONNECTION_CHECK_STANDBY
Definition libpq-fe.h:112
CONNECTION_STARTED
@ CONNECTION_STARTED
Definition libpq-fe.h:98
CONNECTION_AWAITING_RESPONSE
@ CONNECTION_AWAITING_RESPONSE
Definition libpq-fe.h:100
CONNECTION_MADE
@ CONNECTION_MADE
Definition libpq-fe.h:99
CONNECTION_CHECK_WRITABLE
@ CONNECTION_CHECK_WRITABLE
Definition libpq-fe.h:107
CONNECTION_BAD
@ CONNECTION_BAD
Definition libpq-fe.h:91
CONNECTION_OK
@ CONNECTION_OK
Definition libpq-fe.h:90
CONNECTION_GSS_STARTUP
@ CONNECTION_GSS_STARTUP
Definition libpq-fe.h:109
CONNECTION_SSL_STARTUP
@ CONNECTION_SSL_STARTUP
Definition libpq-fe.h:105
CONNECTION_AUTH_OK
@ CONNECTION_AUTH_OK
Definition libpq-fe.h:102
CONNECTION_CHECK_TARGET
@ CONNECTION_CHECK_TARGET
Definition libpq-fe.h:110
CONNECTION_NEEDED
@ CONNECTION_NEEDED
Definition libpq-fe.h:106
PGRES_COMMAND_OK
@ PGRES_COMMAND_OK
Definition libpq-fe.h:131
PGRES_FATAL_ERROR
@ PGRES_FATAL_ERROR
Definition libpq-fe.h:142
PGRES_TUPLES_OK
@ PGRES_TUPLES_OK
Definition libpq-fe.h:134
pgthreadlock_t
void(* pgthreadlock_t)(int acquire)
Definition libpq-fe.h:477
PGPing
PGPing
Definition libpq-fe.h:181
PQPING_OK
@ PQPING_OK
Definition libpq-fe.h:182
PQPING_REJECT
@ PQPING_REJECT
Definition libpq-fe.h:183
PQPING_NO_RESPONSE
@ PQPING_NO_RESPONSE
Definition libpq-fe.h:184
PQPING_NO_ATTEMPT
@ PQPING_NO_ATTEMPT
Definition libpq-fe.h:185
PGContextVisibility
PGContextVisibility
Definition libpq-fe.h:169
PQSHOW_CONTEXT_ERRORS
@ PQSHOW_CONTEXT_ERRORS
Definition libpq-fe.h:171
PGTransactionStatusType
PGTransactionStatusType
Definition libpq-fe.h:152
PQTRANS_IDLE
@ PQTRANS_IDLE
Definition libpq-fe.h:153
PQTRANS_ACTIVE
@ PQTRANS_ACTIVE
Definition libpq-fe.h:154
PQTRANS_UNKNOWN
@ PQTRANS_UNKNOWN
Definition libpq-fe.h:157
PQnoticeReceiver
void(* PQnoticeReceiver)(void *arg, const PGresult *res)
Definition libpq-fe.h:249
pg_usec_time_t
int64_t pg_usec_time_t
Definition libpq-fe.h:246
PQnoticeProcessor
void(* PQnoticeProcessor)(void *arg, const char *message)
Definition libpq-fe.h:250
PostgresPollingStatusType
PostgresPollingStatusType
Definition libpq-fe.h:120
PGRES_POLLING_OK
@ PGRES_POLLING_OK
Definition libpq-fe.h:124
PGRES_POLLING_READING
@ PGRES_POLLING_READING
Definition libpq-fe.h:122
PGRES_POLLING_WRITING
@ PGRES_POLLING_WRITING
Definition libpq-fe.h:123
PGRES_POLLING_FAILED
@ PGRES_POLLING_FAILED
Definition libpq-fe.h:121
PGpipelineStatus
PGpipelineStatus
Definition libpq-fe.h:192
PQ_PIPELINE_OFF
@ PQ_PIPELINE_OFF
Definition libpq-fe.h:193
PGVerbosity
PGVerbosity
Definition libpq-fe.h:161
PQERRORS_DEFAULT
@ PQERRORS_DEFAULT
Definition libpq-fe.h:163
PGASYNC_IDLE
@ PGASYNC_IDLE
Definition libpq-int.h:215
PGASYNC_BUSY
@ PGASYNC_BUSY
Definition libpq-int.h:216
LOAD_BALANCE_DISABLE
@ LOAD_BALANCE_DISABLE
Definition libpq-int.h:249
LOAD_BALANCE_RANDOM
@ LOAD_BALANCE_RANDOM
Definition libpq-int.h:250
SOCK_STRERROR
#define SOCK_STRERROR
Definition libpq-int.h:974
ENC_PLAINTEXT
#define ENC_PLAINTEXT
Definition libpq-int.h:230
ENC_GSSAPI
#define ENC_GSSAPI
Definition libpq-int.h:231
ENC_SSL
#define ENC_SSL
Definition libpq-int.h:232
CHT_UNIX_SOCKET
@ CHT_UNIX_SOCKET
Definition libpq-int.h:311
CHT_HOST_ADDRESS
@ CHT_HOST_ADDRESS
Definition libpq-int.h:310
CHT_HOST_NAME
@ CHT_HOST_NAME
Definition libpq-int.h:309
pqClearConnErrorState
#define pqClearConnErrorState(conn)
Definition libpq-int.h:924
ENC_ERROR
#define ENC_ERROR
Definition libpq-int.h:229
SERVER_TYPE_STANDBY
@ SERVER_TYPE_STANDBY
Definition libpq-int.h:241
SERVER_TYPE_PRIMARY
@ SERVER_TYPE_PRIMARY
Definition libpq-int.h:240
SERVER_TYPE_ANY
@ SERVER_TYPE_ANY
Definition libpq-int.h:237
SERVER_TYPE_READ_WRITE
@ SERVER_TYPE_READ_WRITE
Definition libpq-int.h:238
SERVER_TYPE_PREFER_STANDBY_PASS2
@ SERVER_TYPE_PREFER_STANDBY_PASS2
Definition libpq-int.h:243
SERVER_TYPE_PREFER_STANDBY
@ SERVER_TYPE_PREFER_STANDBY
Definition libpq-int.h:242
SERVER_TYPE_READ_ONLY
@ SERVER_TYPE_READ_ONLY
Definition libpq-int.h:239
SOCK_ERRNO
#define SOCK_ERRNO
Definition oauth-utils.c:86
libpq_gettext
#define libpq_gettext(x)
Definition oauth-utils.h:44
PG_BOOL_YES
@ PG_BOOL_YES
Definition oauth-utils.h:34
PG_BOOL_NO
@ PG_BOOL_NO
Definition oauth-utils.h:35
PG_BOOL_UNKNOWN
@ PG_BOOL_UNKNOWN
Definition oauth-utils.h:33
errmsg
static char * errmsg
Definition oauth_hook_client.c:61
pg_bswap.h
pg_hton32
#define pg_hton32(x)
Definition pg_bswap.h:121
MAXPGPATH
#define MAXPGPATH
Definition pg_config_manual.h:105
DEFAULT_PGSOCKET_DIR
#define DEFAULT_PGSOCKET_DIR
Definition pg_config_manual.h:198
len
const void size_t len
Definition pg_crc32c_sse42.c:31
connstr
static const char * connstr
Definition pg_dumpall.c:95
pg_prng_uint64_range
uint64 pg_prng_uint64_range(pg_prng_state *state, uint64 rmin, uint64 rmax)
Definition pg_prng.c:144
pg_prng_seed
void pg_prng_seed(pg_prng_state *state, uint64 seed)
Definition pg_prng.c:89
pg_prng_strong_seed
#define pg_prng_strong_seed(state)
Definition pg_prng.h:46
user
static char * user
Definition pg_regress.c:121
port
static int port
Definition pg_regress.c:117
portstr
static char portstr[16]
Definition pg_regress.c:118
hostname
static char * hostname
Definition pg_regress.c:116
buf
static char buf[DEFAULT_XLOG_SEG_SIZE]
Definition pg_test_fsync.c:71
pg_wchar.h
PG_SQL_ASCII
@ PG_SQL_ASCII
Definition pg_wchar.h:76
pg_encoding_to_char
#define pg_encoding_to_char
Definition pg_wchar.h:483
end_time
static int64 end_time
Definition pgbench.c:176
pghost
static const char * pghost
Definition pgbench.c:295
pgport
static const char * pgport
Definition pgbench.c:296
dbName
static const char * dbName
Definition pgbench.c:298
PG_STRERROR_R_BUFLEN
#define PG_STRERROR_R_BUFLEN
Definition port.h:278
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition pgstrcasecmp.c:32
pg_inet_net_ntop
char * pg_inet_net_ntop(int af, const void *src, int bits, char *dst, size_t size)
Definition inet_net_ntop.c:77
sprintf
#define sprintf
Definition port.h:262
pg_set_noblock
bool pg_set_noblock(pgsocket sock)
Definition noblock.c:25
explicit_bzero
void explicit_bzero(void *buf, size_t len)
Definition explicit_bzero.c:68
pgsocket
int pgsocket
Definition port.h:29
snprintf
#define snprintf
Definition port.h:260
socklen_t
unsigned int socklen_t
Definition port.h:40
PGINVALID_SOCKET
#define PGINVALID_SOCKET
Definition port.h:31
strerror_r
#define strerror_r
Definition port.h:277
pg_get_encoding_from_locale
int pg_get_encoding_from_locale(const char *ctype, bool write_message)
Definition chklocale.c:301
strlcpy
size_t strlcpy(char *dst, const char *src, size_t siz)
Definition strlcpy.c:45
pg_strncasecmp
int pg_strncasecmp(const char *s1, const char *s2, size_t n)
Definition pgstrcasecmp.c:65
closesocket
#define closesocket
Definition port.h:397
getpeereid
int getpeereid(int sock, uid_t *uid, gid_t *gid)
Definition getpeereid.c:33
PG_DIAG_SQLSTATE
#define PG_DIAG_SQLSTATE
Definition postgres_ext.h:57
postgres_fe.h
PG_PROTOCOL_MAJOR
#define PG_PROTOCOL_MAJOR(v)
Definition pqcomm.h:86
PG_PROTOCOL_EARLIEST
#define PG_PROTOCOL_EARLIEST
Definition pqcomm.h:94
PG_PROTOCOL_FULL
#define PG_PROTOCOL_FULL(v)
Definition pqcomm.h:88
is_unixsock_path
static bool is_unixsock_path(const char *path)
Definition pqcomm.h:66
PG_PROTOCOL_LATEST
#define PG_PROTOCOL_LATEST
Definition pqcomm.h:95
UNIXSOCK_PATH
#define UNIXSOCK_PATH(path, port, sockdir)
Definition pqcomm.h:43
UNIXSOCK_PATH_BUFLEN
#define UNIXSOCK_PATH_BUFLEN
Definition pqcomm.h:59
NEGOTIATE_GSS_CODE
#define NEGOTIATE_GSS_CODE
Definition pqcomm.h:129
NEGOTIATE_SSL_CODE
#define NEGOTIATE_SSL_CODE
Definition pqcomm.h:128
ProtocolVersion
uint32 ProtocolVersion
Definition pqcomm.h:132
PG_PROTOCOL_GREASE
#define PG_PROTOCOL_GREASE
Definition pqcomm.h:115
AuthRequest
uint32 AuthRequest
Definition pqcomm.h:151
PG_PROTOCOL
#define PG_PROTOCOL(m, n)
Definition pqcomm.h:89
initPQExpBuffer
void initPQExpBuffer(PQExpBuffer str)
Definition pqexpbuffer.c:90
enlargePQExpBuffer
int enlargePQExpBuffer(PQExpBuffer str, size_t needed)
Definition pqexpbuffer.c:172
appendPQExpBuffer
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition pqexpbuffer.c:265
appendPQExpBufferChar
void appendPQExpBufferChar(PQExpBuffer str, char ch)
Definition pqexpbuffer.c:378
appendPQExpBufferStr
void appendPQExpBufferStr(PQExpBuffer str, const char *data)
Definition pqexpbuffer.c:367
termPQExpBuffer
void termPQExpBuffer(PQExpBuffer str)
Definition pqexpbuffer.c:129
PQExpBufferBroken
#define PQExpBufferBroken(str)
Definition pqexpbuffer.h:59
PQExpBufferDataBroken
#define PQExpBufferDataBroken(buf)
Definition pqexpbuffer.h:67
c
char * c
Definition preproc-cursor.c:31
e
e
Definition preproc-init.c:82
fb
static int fb(int x)
Definition preproc-init.c:92
AUTH_REQ_SSPI
#define AUTH_REQ_SSPI
Definition protocol.h:105
AUTH_REQ_SASL_CONT
#define AUTH_REQ_SASL_CONT
Definition protocol.h:107
AUTH_REQ_GSS
#define AUTH_REQ_GSS
Definition protocol.h:103
AUTH_REQ_MD5
#define AUTH_REQ_MD5
Definition protocol.h:101
AUTH_REQ_OK
#define AUTH_REQ_OK
Definition protocol.h:96
PqMsg_AuthenticationRequest
#define PqMsg_AuthenticationRequest
Definition protocol.h:50
PqMsg_NegotiateProtocolVersion
#define PqMsg_NegotiateProtocolVersion
Definition protocol.h:59
AUTH_REQ_PASSWORD
#define AUTH_REQ_PASSWORD
Definition protocol.h:99
AUTH_REQ_GSS_CONT
#define AUTH_REQ_GSS_CONT
Definition protocol.h:104
PqMsg_ErrorResponse
#define PqMsg_ErrorResponse
Definition protocol.h:44
AUTH_REQ_SASL
#define AUTH_REQ_SASL
Definition protocol.h:106
PqMsg_Terminate
#define PqMsg_Terminate
Definition protocol.h:28
AUTH_REQ_SASL_FIN
#define AUTH_REQ_SASL_FIN
Definition protocol.h:108
pthread_mutex_unlock
int pthread_mutex_unlock(pthread_mutex_t *mp)
Definition pthread-win32.c:60
pthread_mutex_lock
int pthread_mutex_lock(pthread_mutex_t *mp)
Definition pthread-win32.c:42
PTHREAD_MUTEX_INITIALIZER
#define PTHREAD_MUTEX_INITIALIZER
Definition pthread-win32.h:16
SCRAM_MAX_KEY_LEN
#define SCRAM_MAX_KEY_LEN
Definition scram-common.h:30
SCRAM_SHA_256_DEFAULT_ITERATIONS
#define SCRAM_SHA_256_DEFAULT_ITERATIONS
Definition scram-common.h:50
calloc
#define calloc(a, b)
Definition snowball_runtime.h:55
free
#define free(a)
Definition snowball_runtime.h:65
malloc
#define malloc(a)
Definition snowball_runtime.h:50
gai_strerror
const char * gai_strerror(int errcode)
Definition win32gai_strerror.c:22
error
static void error(void)
Definition sql-dyntest.c:147
password
static char * password
Definition streamutil.c:51
dbname
char * dbname
Definition streamutil.c:49
conn
PGconn * conn
Definition streamutil.c:52
pg_strip_crlf
int pg_strip_crlf(char *str)
Definition string.c:154
AddrInfo::family
int family
Definition pqcomm.h:38
AddrInfo::addr
SockAddr addr
Definition pqcomm.h:39
PGEvent::passThrough
void * passThrough
Definition libpq-int.h:159
PGEvent::name
char * name
Definition libpq-int.h:158
PGEvent::proc
PGEventProc proc
Definition libpq-int.h:157
PGNoticeHooks::noticeProcArg
void * noticeProcArg
Definition libpq-int.h:152
PGNoticeHooks::noticeRec
PQnoticeReceiver noticeRec
Definition libpq-int.h:149
PGNoticeHooks::noticeProc
PQnoticeProcessor noticeProc
Definition libpq-int.h:151
PGNoticeHooks::noticeRecArg
void * noticeRecArg
Definition libpq-int.h:150
SockAddr::addr
struct sockaddr_storage addr
Definition pqcomm.h:32
SockAddr::salen
socklen_t salen
Definition pqcomm.h:33
_PQconninfoOption
Definition libpq-fe.h:280
_internalPQconninfoOption
Definition fe-connect.c:180
_internalPQconninfoOption::dispchar
char * dispchar
Definition fe-connect.c:186
_internalPQconninfoOption::val
char * val
Definition fe-connect.c:184
_internalPQconninfoOption::keyword
char * keyword
Definition fe-connect.c:181
_internalPQconninfoOption::connofs
off_t connofs
Definition fe-connect.c:198
_internalPQconninfoOption::label
char * label
Definition fe-connect.c:185
_internalPQconninfoOption::envvar
char * envvar
Definition fe-connect.c:182
_internalPQconninfoOption::compiled
char * compiled
Definition fe-connect.c:183
_internalPQconninfoOption::dispsize
int dispsize
Definition fe-connect.c:191
cursor::next
struct cursor * next
Definition type.h:148
option::val
int val
Definition getopt_long.h:22
pgNotify::next
struct pgNotify * next
Definition libpq-fe.h:242
pgParameterStatus::next
struct pgParameterStatus * next
Definition libpq-int.h:271
pg_cancel_conn
Definition fe-cancel.c:32
pg_conn_host
Definition libpq-int.h:356
pg_conn_host::host
char * host
Definition libpq-int.h:358
pg_conn_host::password
char * password
Definition libpq-int.h:362
pg_conn_host::port
char * port
Definition libpq-int.h:360
pg_conn_host::hostaddr
char * hostaddr
Definition libpq-int.h:359
pg_conn_host::type
pg_conn_host_type type
Definition libpq-int.h:357
pg_conn
Definition libpq-int.h:372
pg_conn::laddr
SockAddr laddr
Definition libpq-int.h:502
pg_conn::try_next_host
bool try_next_host
Definition libpq-int.h:539
pg_conn::addr
AddrInfo * addr
Definition libpq-int.h:542
pg_conn::be_cancel_key
uint8 * be_cancel_key
Definition libpq-int.h:555
pg_conn::replication
char * replication
Definition libpq-int.h:391
pg_conn::scram_client_key_binary
uint8 * scram_client_key_binary
Definition libpq-int.h:546
pg_conn::write_err_msg
char * write_err_msg
Definition libpq-int.h:514
pg_conn::failed_enc_methods
uint8 failed_enc_methods
Definition libpq-int.h:617
pg_conn::notifyHead
PGnotify * notifyHead
Definition libpq-int.h:477
pg_conn::sslrootcert
char * sslrootcert
Definition libpq-int.h:413
pg_conn::rowBuf
PGdataValue * rowBuf
Definition libpq-int.h:594
pg_conn::sslnegotiation
char * sslnegotiation
Definition libpq-int.h:407
pg_conn::sslcompression
char * sslcompression
Definition libpq-int.h:408
pg_conn::oauth_discovery_uri
char * oauth_discovery_uri
Definition libpq-int.h:441
pg_conn::sigpipe_flag
bool sigpipe_flag
Definition libpq-int.h:512
pg_conn::oauth_scope
char * oauth_scope
Definition libpq-int.h:445
pg_conn::nconnhost
int nconnhost
Definition libpq-int.h:481
pg_conn::require_auth
char * require_auth
Definition libpq-int.h:428
pg_conn::sock
pgsocket sock
Definition libpq-int.h:500
pg_conn::inBuffer
char * inBuffer
Definition libpq-int.h:577
pg_conn::channel_binding
char * channel_binding
Definition libpq-int.h:398
pg_conn::pversion
ProtocolVersion pversion
Definition libpq-int.h:504
pg_conn::std_strings
bool std_strings
Definition libpq-int.h:558
pg_conn::write_failed
bool write_failed
Definition libpq-int.h:513
pg_conn::sslcrldir
char * sslcrldir
Definition libpq-int.h:415
pg_conn::gssdelegation
char * gssdelegation
Definition libpq-int.h:422
pg_conn::pgoptions
char * pgoptions
Definition libpq-int.h:387
pg_conn::send_appname
bool send_appname
Definition libpq-int.h:544
pg_conn::xactStatus
PGTransactionStatusType xactStatus
Definition libpq-int.h:465
pg_conn::sslcrl
char * sslcrl
Definition libpq-int.h:414
pg_conn::pghost
char * pghost
Definition libpq-int.h:374
pg_conn::sasl
const pg_fe_sasl_mech * sasl
Definition libpq-int.h:612
pg_conn::scram_client_key_len
size_t scram_client_key_len
Definition libpq-int.h:545
pg_conn::cancelRequest
bool cancelRequest
Definition libpq-int.h:434
pg_conn::inCursor
int inCursor
Definition libpq-int.h:580
pg_conn::ssl_max_protocol_version
char * ssl_max_protocol_version
Definition libpq-int.h:426
pg_conn::in_hot_standby
PGTernaryBool in_hot_standby
Definition libpq-int.h:560
pg_conn::scram_server_key_binary
uint8 * scram_server_key_binary
Definition libpq-int.h:548
pg_conn::cleanup_async_auth
void(* cleanup_async_auth)(PGconn *conn)
Definition libpq-int.h:530
pg_conn::pgpass
char * pgpass
Definition libpq-int.h:396
pg_conn::be_pid
int be_pid
Definition libpq-int.h:553
pg_conn::client_finished_auth
bool client_finished_auth
Definition libpq-int.h:522
pg_conn::cmd_queue_recycle
PGcmdQueueEntry * cmd_queue_recycle
Definition libpq-int.h:497
pg_conn::min_pversion
ProtocolVersion min_pversion
Definition libpq-int.h:549
pg_conn::dbName
char * dbName
Definition libpq-int.h:390
pg_conn::oauth_client_id
char * oauth_client_id
Definition libpq-int.h:443
pg_conn::inEnd
int inEnd
Definition libpq-int.h:581
pg_conn::oauth_issuer
char * oauth_issuer
Definition libpq-int.h:439
pg_conn::fbappname
char * fbappname
Definition libpq-int.h:389
pg_conn::sslcert
char * sslcert
Definition libpq-int.h:410
pg_conn::sslcertmode
char * sslcertmode
Definition libpq-int.h:412
pg_conn::allowed_auth_methods
uint32 allowed_auth_methods
Definition libpq-int.h:518
pg_conn::target_session_attrs
char * target_session_attrs
Definition libpq-int.h:427
pg_conn::cmd_queue_tail
PGcmdQueueEntry * cmd_queue_tail
Definition libpq-int.h:491
pg_conn::current_enc_method
uint8 current_enc_method
Definition libpq-int.h:618
pg_conn::notifyTail
PGnotify * notifyTail
Definition libpq-int.h:478
pg_conn::auth_required
bool auth_required
Definition libpq-int.h:516
pg_conn::inBufSize
int inBufSize
Definition libpq-int.h:578
pg_conn::naddr
int naddr
Definition libpq-int.h:540
pg_conn::sslpassword
char * sslpassword
Definition libpq-int.h:411
pg_conn::nonblocking
bool nonblocking
Definition libpq-int.h:468
pg_conn::gssapi_used
bool gssapi_used
Definition libpq-int.h:510
pg_conn::client_encoding
int client_encoding
Definition libpq-int.h:557
pg_conn::workBuffer
PQExpBufferData workBuffer
Definition libpq-int.h:688
pg_conn::inStart
int inStart
Definition libpq-int.h:579
pg_conn::keepalives_idle
char * keepalives_idle
Definition libpq-int.h:401
pg_conn::connip
char * connip
Definition libpq-int.h:484
pg_conn::sversion
int sversion
Definition libpq-int.h:505
pg_conn::pgservicefile
char * pgservicefile
Definition libpq-int.h:393
pg_conn::oauth_ca_file
char * oauth_ca_file
Definition libpq-int.h:447
pg_conn::auth_req_received
bool auth_req_received
Definition libpq-int.h:508
pg_conn::oauth_client_secret
char * oauth_client_secret
Definition libpq-int.h:444
pg_conn::max_protocol_version
char * max_protocol_version
Definition libpq-int.h:424
pg_conn::load_balance_hosts
char * load_balance_hosts
Definition libpq-int.h:429
pg_conn::pversion_negotiated
bool pversion_negotiated
Definition libpq-int.h:506
pg_conn::oauth_want_retry
bool oauth_want_retry
Definition libpq-int.h:448
pg_conn::default_transaction_read_only
PGTernaryBool default_transaction_read_only
Definition libpq-int.h:559
pg_conn::pstatus
pgParameterStatus * pstatus
Definition libpq-int.h:556
pg_conn::pguser
char * pguser
Definition libpq-int.h:395
pg_conn::keepalives
char * keepalives
Definition libpq-int.h:400
pg_conn::min_protocol_version
char * min_protocol_version
Definition libpq-int.h:423
pg_conn::result
PGresult * result
Definition libpq-int.h:607
pg_conn::sigpipe_so
bool sigpipe_so
Definition libpq-int.h:511
pg_conn::verbosity
PGVerbosity verbosity
Definition libpq-int.h:561
pg_conn::client_encoding_initial
char * client_encoding_initial
Definition libpq-int.h:386
pg_conn::keepalives_interval
char * keepalives_interval
Definition libpq-int.h:402
pg_conn::whichaddr
int whichaddr
Definition libpq-int.h:541
pg_conn::appname
char * appname
Definition libpq-int.h:388
pg_conn::sslmode
char * sslmode
Definition libpq-int.h:406
pg_conn::prng_state
pg_prng_state prng_state
Definition libpq-int.h:564
pg_conn::pgtcp_user_timeout
char * pgtcp_user_timeout
Definition libpq-int.h:385
pg_conn::ssl_min_protocol_version
char * ssl_min_protocol_version
Definition libpq-int.h:425
pg_conn::oauth_issuer_id
char * oauth_issuer_id
Definition libpq-int.h:440
pg_conn::errorMessage
PQExpBufferData errorMessage
Definition libpq-int.h:684
pg_conn::gssencmode
char * gssencmode
Definition libpq-int.h:418
pg_conn::scram_server_key
char * scram_server_key
Definition libpq-int.h:431
pg_conn::nEvents
int nEvents
Definition libpq-int.h:459
pg_conn::pghostaddr
char * pghostaddr
Definition libpq-int.h:378
pg_conn::sslkey
char * sslkey
Definition libpq-int.h:409
pg_conn::altsock
pgsocket altsock
Definition libpq-int.h:531
pg_conn::scram_client_key
char * scram_client_key
Definition libpq-int.h:430
pg_conn::max_pversion
ProtocolVersion max_pversion
Definition libpq-int.h:550
pg_conn::sslkeylogfile
char * sslkeylogfile
Definition libpq-int.h:432
pg_conn::rowBufLen
int rowBufLen
Definition libpq-int.h:595
pg_conn::async_auth
PostgresPollingStatusType(* async_auth)(PGconn *conn)
Definition libpq-int.h:529
pg_conn::pgpassfile
char * pgpassfile
Definition libpq-int.h:397
pg_conn::last_sqlstate
char last_sqlstate[6]
Definition libpq-int.h:466
pg_conn::asyncStatus
PGAsyncStatusType asyncStatus
Definition libpq-int.h:464
pg_conn::load_balance_type
PGLoadBalanceType load_balance_type
Definition libpq-int.h:536
pg_conn::connect_timeout
char * connect_timeout
Definition libpq-int.h:384
pg_conn::scram_sha_256_iterations
int scram_sha_256_iterations
Definition libpq-int.h:614
pg_conn::krbsrvname
char * krbsrvname
Definition libpq-int.h:419
pg_conn::pipelineStatus
PGpipelineStatus pipelineStatus
Definition libpq-int.h:470
pg_conn::gsslib
char * gsslib
Definition libpq-int.h:420
pg_conn::lobjfuncs
PGlobjfuncs * lobjfuncs
Definition libpq-int.h:563
pg_conn::outBufSize
int outBufSize
Definition libpq-int.h:585
pg_conn::allowed_enc_methods
uint8 allowed_enc_methods
Definition libpq-int.h:616
pg_conn::options_valid
bool options_valid
Definition libpq-int.h:467
pg_conn::noticeHooks
PGNoticeHooks noticeHooks
Definition libpq-int.h:455
pg_conn::target_server_type
PGTargetServerType target_server_type
Definition libpq-int.h:535
pg_conn::Pfdebug
FILE * Pfdebug
Definition libpq-int.h:451
pg_conn::sasl_state
void * sasl_state
Definition libpq-int.h:613
pg_conn::scram_server_key_len
size_t scram_server_key_len
Definition libpq-int.h:547
pg_conn::cmd_queue_head
PGcmdQueueEntry * cmd_queue_head
Definition libpq-int.h:490
pg_conn::raddr
SockAddr raddr
Definition libpq-int.h:503
pg_conn::try_next_addr
bool try_next_addr
Definition libpq-int.h:538
pg_conn::outCount
int outCount
Definition libpq-int.h:586
pg_conn::pgport
char * pgport
Definition libpq-int.h:382
pg_conn::be_cancel_key_len
int be_cancel_key_len
Definition libpq-int.h:554
pg_conn::pgservice
char * pgservice
Definition libpq-int.h:392
pg_conn::allowed_sasl_mechs
const pg_fe_sasl_mech * allowed_sasl_mechs[2]
Definition libpq-int.h:520
pg_conn::whichhost
int whichhost
Definition libpq-int.h:482
pg_conn::show_context
PGContextVisibility show_context
Definition libpq-int.h:562
pg_conn::keepalives_count
char * keepalives_count
Definition libpq-int.h:404
pg_conn::requirepeer
char * requirepeer
Definition libpq-int.h:417
pg_conn::sslsni
char * sslsni
Definition libpq-int.h:416
pg_conn::connhost
pg_conn_host * connhost
Definition libpq-int.h:483
pg_conn::ssl_in_use
bool ssl_in_use
Definition libpq-int.h:621
pg_conn::events
PGEvent * events
Definition libpq-int.h:458
pg_conn::password_needed
bool password_needed
Definition libpq-int.h:509
pg_conn::outBuffer
char * outBuffer
Definition libpq-int.h:584
pg_conn::status
ConnStatusType status
Definition libpq-int.h:463
pg_fe_sasl_mech
Definition fe-auth-sasl.h:44
pg_fe_sasl_mech::free
void(* free)(void *state)
Definition fe-auth-sasl.h:149
pg_result
Definition libpq-int.h:165
pg_result::noticeHooks
PGNoticeHooks noticeHooks
Definition libpq-int.h:183
pg_result::resultStatus
ExecStatusType resultStatus
Definition libpq-int.h:174
pthread_mutex_t
Definition pthread-win32.h:10
flag
char * flag(int b)
Definition test-ctype.c:33
tmpbuf
static StringInfoData tmpbuf
Definition walsender.c:195
stat
#define stat
Definition win32_port.h:74
S_IRWXG
#define S_IRWXG
Definition win32_port.h:300
EINTR
#define EINTR
Definition win32_port.h:361
EWOULDBLOCK
#define EWOULDBLOCK
Definition win32_port.h:367
S_IRWXO
#define S_IRWXO
Definition win32_port.h:312
EINPROGRESS
#define EINPROGRESS
Definition win32_port.h:373
gid_t
int gid_t
Definition win32_port.h:235
fstat
#define fstat
Definition win32_port.h:73
S_ISREG
#define S_ISREG(m)
Definition win32_port.h:318
socket
#define socket(af, type, protocol)
Definition win32_port.h:495
connect
#define connect(s, name, namelen)
Definition win32_port.h:499
uid_t
int uid_t
Definition win32_port.h:234
gettimeofday
int gettimeofday(struct timeval *tp, void *tzp)
Definition win32gettimeofday.c:53