PostgreSQL Source Code git master
Loading...
Searching...
No Matches
fe-connect.c
Go to the documentation of this file.
1/*-------------------------------------------------------------------------
2 *
3 * fe-connect.c
4 * functions related to setting up a connection to the backend
5 *
6 * Portions Copyright (c) 1996-2026, PostgreSQL Global Development Group
7 * Portions Copyright (c) 1994, Regents of the University of California
8 *
9 *
10 * IDENTIFICATION
11 * src/interfaces/libpq/fe-connect.c
12 *
13 *-------------------------------------------------------------------------
14 */
15
16#include "postgres_fe.h"
17
18#include <sys/stat.h>
19#include <fcntl.h>
20#include <ctype.h>
21#include <limits.h>
22#include <netdb.h>
23#include <time.h>
24#include <unistd.h>
25
26#include "common/base64.h"
27#include "common/ip.h"
28#include "common/link-canary.h"
29#include "common/scram-common.h"
30#include "common/string.h"
31#include "fe-auth.h"
32#include "fe-auth-oauth.h"
33#include "libpq-fe.h"
34#include "libpq-int.h"
35#include "mb/pg_wchar.h"
36#include "pg_config_paths.h"
37#include "port/pg_bswap.h"
38
39#ifdef WIN32
40#include "win32.h"
41#ifdef _WIN32_IE
42#undef _WIN32_IE
43#endif
44#define _WIN32_IE 0x0500
45#ifdef near
46#undef near
47#endif
48#define near
49#include <shlobj.h>
50#include <mstcpip.h>
51#else
52#include <sys/socket.h>
53#include <netdb.h>
54#include <netinet/in.h>
55#include <netinet/tcp.h>
56#include <pwd.h>
57#endif
58
59#ifdef WIN32
60#include "pthread-win32.h"
61#else
62#include <pthread.h>
63#endif
64
65#ifdef USE_LDAP
66#ifdef WIN32
67#include <winldap.h>
68#else
69/* OpenLDAP deprecates RFC 1823, but we want standard conformance */
70#define LDAP_DEPRECATED 1
71#include <ldap.h>
72typedef struct timeval LDAP_TIMEVAL;
73#endif
74static int ldapServiceLookup(const char *purl, PQconninfoOption *options,
75 PQExpBuffer errorMessage);
76#endif
77
78#ifndef WIN32
79#define PGPASSFILE ".pgpass"
80#else
81#define PGPASSFILE "pgpass.conf"
82#endif
83
84/*
85 * Pre-9.0 servers will return this SQLSTATE if asked to set
86 * application_name in a startup packet. We hard-wire the value rather
87 * than looking into errcodes.h since it reflects historical behavior
88 * rather than that of the current code.
89 */
90#define ERRCODE_APPNAME_UNKNOWN "42704"
91
92/* This is part of the protocol so just define it */
93#define ERRCODE_INVALID_PASSWORD "28P01"
94/* These too */
95#define ERRCODE_CANNOT_CONNECT_NOW "57P03"
96#define ERRCODE_PROTOCOL_VIOLATION "08P01"
97
98/*
99 * Cope with the various platform-specific ways to spell TCP keepalive socket
100 * options. This doesn't cover Windows, which as usual does its own thing.
101 */
102#if defined(TCP_KEEPIDLE)
103/* TCP_KEEPIDLE is the name of this option on Linux and *BSD */
104#define PG_TCP_KEEPALIVE_IDLE TCP_KEEPIDLE
105#define PG_TCP_KEEPALIVE_IDLE_STR "TCP_KEEPIDLE"
106#elif defined(TCP_KEEPALIVE_THRESHOLD)
107/* TCP_KEEPALIVE_THRESHOLD is the name of this option on Solaris >= 11 */
108#define PG_TCP_KEEPALIVE_IDLE TCP_KEEPALIVE_THRESHOLD
109#define PG_TCP_KEEPALIVE_IDLE_STR "TCP_KEEPALIVE_THRESHOLD"
110#elif defined(TCP_KEEPALIVE) && defined(__darwin__)
111/* TCP_KEEPALIVE is the name of this option on macOS */
112/* Caution: Solaris has this symbol but it means something different */
113#define PG_TCP_KEEPALIVE_IDLE TCP_KEEPALIVE
114#define PG_TCP_KEEPALIVE_IDLE_STR "TCP_KEEPALIVE"
115#endif
116
117/*
118 * fall back options if they are not specified by arguments or defined
119 * by environment variables
120 */
121#define DefaultHost "localhost"
122#define DefaultOption ""
123#ifdef USE_SSL
124#define DefaultChannelBinding "prefer"
125#else
126#define DefaultChannelBinding "disable"
127#endif
128#define DefaultTargetSessionAttrs "any"
129#define DefaultLoadBalanceHosts "disable"
130#ifdef USE_SSL
131#define DefaultSSLMode "prefer"
132#define DefaultSSLCertMode "allow"
133#else
134#define DefaultSSLMode "disable"
135#define DefaultSSLCertMode "disable"
136#endif
137#define DefaultSSLNegotiation "postgres"
138#ifdef ENABLE_GSS
139#include "fe-gssapi-common.h"
140#define DefaultGSSMode "prefer"
141#else
142#define DefaultGSSMode "disable"
143#endif
144
145/* ----------
146 * Definition of the conninfo parameters and their fallback resources.
147 *
148 * If Environment-Var and Compiled-in are specified as NULL, no
149 * fallback is available. If after all no value can be determined
150 * for an option, an error is returned.
151 *
152 * The value for the username is treated specially in conninfo_add_defaults.
153 * If the value is not obtained any other way, the username is determined
154 * by pg_fe_getauthname().
155 *
156 * The Label and Disp-Char entries are provided for applications that
157 * want to use PQconndefaults() to create a generic database connection
158 * dialog. Disp-Char is defined as follows:
159 * "" Normal input field
160 * "*" Password field - hide value
161 * "D" Debug option - don't show by default
162 *
163 * NB: Server-side clients -- dblink, postgres_fdw, libpqrcv -- use dispchar to
164 * determine which options to expose to end users, and how. Changing dispchar
165 * has compatibility and security implications for those clients. For example,
166 * postgres_fdw will attach a "*" option to USER MAPPING instead of the default
167 * SERVER, and it disallows setting "D" options entirely.
168 *
169 * PQconninfoOptions[] is a constant static array that we use to initialize
170 * a dynamically allocated working copy. All the "val" fields in
171 * PQconninfoOptions[] *must* be NULL. In a working copy, non-null "val"
172 * fields point to malloc'd strings that should be freed when the working
173 * array is freed (see PQconninfoFree).
174 *
175 * The first part of each struct is identical to the one in libpq-fe.h,
176 * which is required since we memcpy() data between the two!
177 * ----------
178 */
179typedef struct _internalPQconninfoOption
180{
181 char *keyword; /* The keyword of the option */
182 char *envvar; /* Fallback environment variable name */
183 char *compiled; /* Fallback compiled in default value */
184 char *val; /* Option's current value, or NULL */
185 char *label; /* Label for field in connect dialog */
186 char *dispchar; /* Indicates how to display this field in a
187 * connect dialog. Values are: "" Display
188 * entered value as is "*" Password field -
189 * hide value "D" Debug option - don't show
190 * by default */
191 int dispsize; /* Field size in characters for dialog */
192 /* ---
193 * Anything above this comment must be synchronized with
194 * PQconninfoOption in libpq-fe.h, since we memcpy() data
195 * between them!
196 * ---
197 */
198 off_t connofs; /* Offset into PGconn struct, -1 if not there */
199} internalPQconninfoOption;
200
201static const internalPQconninfoOption PQconninfoOptions[] = {
202 {"service", "PGSERVICE", NULL, NULL,
203 "Database-Service", "", 20,
204 offsetof(struct pg_conn, pgservice)},
205
206 {"servicefile", "PGSERVICEFILE", NULL, NULL,
207 "Database-Service-File", "", 64,
208 offsetof(struct pg_conn, pgservicefile)},
209
210 {"user", "PGUSER", NULL, NULL,
211 "Database-User", "", 20,
212 offsetof(struct pg_conn, pguser)},
213
214 {"password", "PGPASSWORD", NULL, NULL,
215 "Database-Password", "*", 20,
216 offsetof(struct pg_conn, pgpass)},
217
218 {"passfile", "PGPASSFILE", NULL, NULL,
219 "Database-Password-File", "", 64,
220 offsetof(struct pg_conn, pgpassfile)},
221
222 {"channel_binding", "PGCHANNELBINDING", DefaultChannelBinding, NULL,
223 "Channel-Binding", "", 8, /* sizeof("require") == 8 */
224 offsetof(struct pg_conn, channel_binding)},
225
226 {"connect_timeout", "PGCONNECT_TIMEOUT", NULL, NULL,
227 "Connect-timeout", "", 10, /* strlen(INT32_MAX) == 10 */
228 offsetof(struct pg_conn, connect_timeout)},
229
230 {"dbname", "PGDATABASE", NULL, NULL,
231 "Database-Name", "", 20,
232 offsetof(struct pg_conn, dbName)},
233
234 {"host", "PGHOST", NULL, NULL,
235 "Database-Host", "", 40,
236 offsetof(struct pg_conn, pghost)},
237
238 {"hostaddr", "PGHOSTADDR", NULL, NULL,
239 "Database-Host-IP-Address", "", 45,
240 offsetof(struct pg_conn, pghostaddr)},
241
242 {"port", "PGPORT", DEF_PGPORT_STR, NULL,
243 "Database-Port", "", 6,
244 offsetof(struct pg_conn, pgport)},
245
246 {"client_encoding", "PGCLIENTENCODING", NULL, NULL,
247 "Client-Encoding", "", 10,
248 offsetof(struct pg_conn, client_encoding_initial)},
249
250 {"options", "PGOPTIONS", DefaultOption, NULL,
251 "Backend-Options", "", 40,
252 offsetof(struct pg_conn, pgoptions)},
253
254 {"application_name", "PGAPPNAME", NULL, NULL,
255 "Application-Name", "", 64,
256 offsetof(struct pg_conn, appname)},
257
258 {"fallback_application_name", NULL, NULL, NULL,
259 "Fallback-Application-Name", "", 64,
260 offsetof(struct pg_conn, fbappname)},
261
262 {"keepalives", NULL, NULL, NULL,
263 "TCP-Keepalives", "", 1, /* should be just '0' or '1' */
264 offsetof(struct pg_conn, keepalives)},
265
266 {"keepalives_idle", NULL, NULL, NULL,
267 "TCP-Keepalives-Idle", "", 10, /* strlen(INT32_MAX) == 10 */
268 offsetof(struct pg_conn, keepalives_idle)},
269
270 {"keepalives_interval", NULL, NULL, NULL,
271 "TCP-Keepalives-Interval", "", 10, /* strlen(INT32_MAX) == 10 */
272 offsetof(struct pg_conn, keepalives_interval)},
273
274 {"keepalives_count", NULL, NULL, NULL,
275 "TCP-Keepalives-Count", "", 10, /* strlen(INT32_MAX) == 10 */
276 offsetof(struct pg_conn, keepalives_count)},
277
278 {"tcp_user_timeout", NULL, NULL, NULL,
279 "TCP-User-Timeout", "", 10, /* strlen(INT32_MAX) == 10 */
280 offsetof(struct pg_conn, pgtcp_user_timeout)},
281
282 /*
283 * ssl options are allowed even without client SSL support because the
284 * client can still handle SSL modes "disable" and "allow". Other
285 * parameters have no effect on non-SSL connections, so there is no reason
286 * to exclude them since none of them are mandatory.
287 */
288 {"sslmode", "PGSSLMODE", DefaultSSLMode, NULL,
289 "SSL-Mode", "", 12, /* sizeof("verify-full") == 12 */
290 offsetof(struct pg_conn, sslmode)},
291
292 {"sslnegotiation", "PGSSLNEGOTIATION", DefaultSSLNegotiation, NULL,
293 "SSL-Negotiation", "", 9, /* sizeof("postgres") == 9 */
294 offsetof(struct pg_conn, sslnegotiation)},
295
296 {"sslcompression", "PGSSLCOMPRESSION", "0", NULL,
297 "SSL-Compression", "", 1,
298 offsetof(struct pg_conn, sslcompression)},
299
300 {"sslcert", "PGSSLCERT", NULL, NULL,
301 "SSL-Client-Cert", "", 64,
302 offsetof(struct pg_conn, sslcert)},
303
304 {"sslkey", "PGSSLKEY", NULL, NULL,
305 "SSL-Client-Key", "", 64,
306 offsetof(struct pg_conn, sslkey)},
307
308 {"sslcertmode", "PGSSLCERTMODE", NULL, NULL,
309 "SSL-Client-Cert-Mode", "", 8, /* sizeof("disable") == 8 */
310 offsetof(struct pg_conn, sslcertmode)},
311
312 {"sslpassword", NULL, NULL, NULL,
313 "SSL-Client-Key-Password", "*", 20,
314 offsetof(struct pg_conn, sslpassword)},
315
316 {"sslrootcert", "PGSSLROOTCERT", NULL, NULL,
317 "SSL-Root-Certificate", "", 64,
318 offsetof(struct pg_conn, sslrootcert)},
319
320 {"sslcrl", "PGSSLCRL", NULL, NULL,
321 "SSL-Revocation-List", "", 64,
322 offsetof(struct pg_conn, sslcrl)},
323
324 {"sslcrldir", "PGSSLCRLDIR", NULL, NULL,
325 "SSL-Revocation-List-Dir", "", 64,
326 offsetof(struct pg_conn, sslcrldir)},
327
328 {"sslsni", "PGSSLSNI", "1", NULL,
329 "SSL-SNI", "", 1,
330 offsetof(struct pg_conn, sslsni)},
331
332 {"requirepeer", "PGREQUIREPEER", NULL, NULL,
333 "Require-Peer", "", 10,
334 offsetof(struct pg_conn, requirepeer)},
335
336 {"require_auth", "PGREQUIREAUTH", NULL, NULL,
337 "Require-Auth", "", 14, /* sizeof("scram-sha-256") == 14 */
338 offsetof(struct pg_conn, require_auth)},
339
340 {"min_protocol_version", "PGMINPROTOCOLVERSION",
341 NULL, NULL,
342 "Min-Protocol-Version", "", 6, /* sizeof("latest") = 6 */
343 offsetof(struct pg_conn, min_protocol_version)},
344
345 {"max_protocol_version", "PGMAXPROTOCOLVERSION",
346 NULL, NULL,
347 "Max-Protocol-Version", "", 6, /* sizeof("latest") = 6 */
348 offsetof(struct pg_conn, max_protocol_version)},
349
350 {"ssl_min_protocol_version", "PGSSLMINPROTOCOLVERSION", "TLSv1.2", NULL,
351 "SSL-Minimum-Protocol-Version", "", 8, /* sizeof("TLSv1.x") == 8 */
352 offsetof(struct pg_conn, ssl_min_protocol_version)},
353
354 {"ssl_max_protocol_version", "PGSSLMAXPROTOCOLVERSION", NULL, NULL,
355 "SSL-Maximum-Protocol-Version", "", 8, /* sizeof("TLSv1.x") == 8 */
356 offsetof(struct pg_conn, ssl_max_protocol_version)},
357
358 /*
359 * As with SSL, all GSS options are exposed even in builds that don't have
360 * support.
361 */
362 {"gssencmode", "PGGSSENCMODE", DefaultGSSMode, NULL,
363 "GSSENC-Mode", "", 8, /* sizeof("disable") == 8 */
364 offsetof(struct pg_conn, gssencmode)},
365
366 /* Kerberos and GSSAPI authentication support specifying the service name */
367 {"krbsrvname", "PGKRBSRVNAME", PG_KRB_SRVNAM, NULL,
368 "Kerberos-service-name", "", 20,
369 offsetof(struct pg_conn, krbsrvname)},
370
371 {"gsslib", "PGGSSLIB", NULL, NULL,
372 "GSS-library", "", 7, /* sizeof("gssapi") == 7 */
373 offsetof(struct pg_conn, gsslib)},
374
375 {"gssdelegation", "PGGSSDELEGATION", "0", NULL,
376 "GSS-delegation", "", 1,
377 offsetof(struct pg_conn, gssdelegation)},
378
379 {"replication", NULL, NULL, NULL,
380 "Replication", "D", 5,
381 offsetof(struct pg_conn, replication)},
382
383 {"target_session_attrs", "PGTARGETSESSIONATTRS",
384 DefaultTargetSessionAttrs, NULL,
385 "Target-Session-Attrs", "", 15, /* sizeof("prefer-standby") = 15 */
386 offsetof(struct pg_conn, target_session_attrs)},
387
388 {"load_balance_hosts", "PGLOADBALANCEHOSTS",
389 DefaultLoadBalanceHosts, NULL,
390 "Load-Balance-Hosts", "", 8, /* sizeof("disable") = 8 */
391 offsetof(struct pg_conn, load_balance_hosts)},
392
393 {"scram_client_key", NULL, NULL, NULL, "SCRAM-Client-Key", "D", SCRAM_MAX_KEY_LEN * 2,
394 offsetof(struct pg_conn, scram_client_key)},
395
396 {"scram_server_key", NULL, NULL, NULL, "SCRAM-Server-Key", "D", SCRAM_MAX_KEY_LEN * 2,
397 offsetof(struct pg_conn, scram_server_key)},
398
399 /* OAuth v2 */
400 {"oauth_issuer", NULL, NULL, NULL,
401 "OAuth-Issuer", "", 40,
402 offsetof(struct pg_conn, oauth_issuer)},
403
404 {"oauth_client_id", NULL, NULL, NULL,
405 "OAuth-Client-ID", "", 40,
406 offsetof(struct pg_conn, oauth_client_id)},
407
408 {"oauth_client_secret", NULL, NULL, NULL,
409 "OAuth-Client-Secret", "*", 40,
410 offsetof(struct pg_conn, oauth_client_secret)},
411
412 {"oauth_scope", NULL, NULL, NULL,
413 "OAuth-Scope", "", 15,
414 offsetof(struct pg_conn, oauth_scope)},
415
416 {"sslkeylogfile", NULL, NULL, NULL,
417 "SSL-Key-Log-File", "D", 64,
418 offsetof(struct pg_conn, sslkeylogfile)},
419
420 /* Terminating entry --- MUST BE LAST */
421 {NULL, NULL, NULL, NULL,
422 NULL, NULL, 0}
423};
424
425static const PQEnvironmentOption EnvironmentOptions[] =
426{
427 /* common user-interface settings */
428 {
429 "PGDATESTYLE", "datestyle"
430 },
431 {
432 "PGTZ", "timezone"
433 },
434 /* internal performance-related settings */
435 {
436 "PGGEQO", "geqo"
437 },
438 {
439 NULL, NULL
440 }
441};
442
443static const pg_fe_sasl_mech *supported_sasl_mechs[] =
444{
445 &pg_scram_mech,
446 &pg_oauth_mech,
447};
448#define SASL_MECHANISM_COUNT lengthof(supported_sasl_mechs)
449
450/* The connection URI must start with either of the following designators: */
451static const char uri_designator[] = "postgresql://";
452static const char short_uri_designator[] = "postgres://";
453
454static bool connectOptions1(PGconn *conn, const char *conninfo);
455static bool init_allowed_encryption_methods(PGconn *conn);
456#if defined(USE_SSL) || defined(ENABLE_GSS)
457static int encryption_negotiation_failed(PGconn *conn);
458#endif
459static bool connection_failed(PGconn *conn);
460static bool select_next_encryption_method(PGconn *conn, bool have_valid_connection);
461static PGPing internal_ping(PGconn *conn);
462static void pqFreeCommandQueue(PGcmdQueueEntry *queue);
463static bool fillPGconn(PGconn *conn, PQconninfoOption *connOptions);
464static void freePGconn(PGconn *conn);
465static void release_conn_addrinfo(PGconn *conn);
466static int store_conn_addrinfo(PGconn *conn, struct addrinfo *addrlist);
467static void sendTerminateConn(PGconn *conn);
468static PQconninfoOption *conninfo_init(PQExpBuffer errorMessage);
469static PQconninfoOption *parse_connection_string(const char *connstr,
470 PQExpBuffer errorMessage, bool use_defaults);
471static int uri_prefix_length(const char *connstr);
472static bool recognized_connection_string(const char *connstr);
473static PQconninfoOption *conninfo_parse(const char *conninfo,
474 PQExpBuffer errorMessage, bool use_defaults);
475static PQconninfoOption *conninfo_array_parse(const char *const *keywords,
476 const char *const *values, PQExpBuffer errorMessage,
477 bool use_defaults, int expand_dbname);
478static bool conninfo_add_defaults(PQconninfoOption *options,
479 PQExpBuffer errorMessage);
480static PQconninfoOption *conninfo_uri_parse(const char *uri,
481 PQExpBuffer errorMessage, bool use_defaults);
482static bool conninfo_uri_parse_options(PQconninfoOption *options,
483 const char *uri, PQExpBuffer errorMessage);
484static bool conninfo_uri_parse_params(char *params,
485 PQconninfoOption *connOptions,
486 PQExpBuffer errorMessage);
487static char *conninfo_uri_decode(const char *str, PQExpBuffer errorMessage);
488static bool get_hexdigit(char digit, int *value);
489static const char *conninfo_getval(PQconninfoOption *connOptions,
490 const char *keyword);
491static PQconninfoOption *conninfo_storeval(PQconninfoOption *connOptions,
492 const char *keyword, const char *value,
493 PQExpBuffer errorMessage, bool ignoreMissing, bool uri_decode);
494static PQconninfoOption *conninfo_find(PQconninfoOption *connOptions,
495 const char *keyword);
496static void defaultNoticeReceiver(void *arg, const PGresult *res);
497static void defaultNoticeProcessor(void *arg, const char *message);
498static int parseServiceInfo(PQconninfoOption *options,
499 PQExpBuffer errorMessage);
500static int parseServiceFile(const char *serviceFile,
501 const char *service,
502 PQconninfoOption *options,
503 PQExpBuffer errorMessage,
504 bool *group_found);
505static char *pwdfMatchesString(char *buf, const char *token);
506static char *passwordFromFile(const char *hostname, const char *port,
507 const char *dbname, const char *username,
508 const char *pgpassfile, const char **errmsg);
509static void pgpassfileWarning(PGconn *conn);
510static void default_threadlock(int acquire);
511static bool sslVerifyProtocolVersion(const char *version);
512static bool sslVerifyProtocolRange(const char *min, const char *max);
513static bool pqParseProtocolVersion(const char *value, ProtocolVersion *result, PGconn *conn, const char *context);
514
515
516/* global variable because fe-auth.c needs to access it */
517pgthreadlock_t pg_g_threadlock = default_threadlock;
518
519
520/*
521 * pqDropConnection
522 *
523 * Close any physical connection to the server, and reset associated
524 * state inside the connection object. We don't release state that
525 * would be needed to reconnect, though, nor local state that might still
526 * be useful later.
527 *
528 * We can always flush the output buffer, since there's no longer any hope
529 * of sending that data. However, unprocessed input data might still be
530 * valuable, so the caller must tell us whether to flush that or not.
531 */
532void
533pqDropConnection(PGconn *conn, bool flushInput)
534{
535 /* Drop any SSL state */
536 pqsecure_close(conn);
537
538 /* Close the socket itself */
539 if (conn->sock != PGINVALID_SOCKET)
540 closesocket(conn->sock);
541 conn->sock = PGINVALID_SOCKET;
542
543 /* Optionally discard any unread data */
544 if (flushInput)
545 conn->inStart = conn->inCursor = conn->inEnd = 0;
546
547 /* Always discard any unsent data */
548 conn->outCount = 0;
549
550 /* Likewise, discard any pending pipelined commands */
551 pqFreeCommandQueue(conn->cmd_queue_head);
552 conn->cmd_queue_head = conn->cmd_queue_tail = NULL;
553 pqFreeCommandQueue(conn->cmd_queue_recycle);
554 conn->cmd_queue_recycle = NULL;
555
556 /* Free authentication/encryption state */
557 if (conn->cleanup_async_auth)
558 {
559 /*
560 * Any in-progress async authentication should be torn down first so
561 * that cleanup_async_auth() can depend on the other authentication
562 * state if necessary.
563 */
564 conn->cleanup_async_auth(conn);
565 conn->cleanup_async_auth = NULL;
566 }
567 conn->async_auth = NULL;
568 /* cleanup_async_auth() should have done this, but make sure */
569 conn->altsock = PGINVALID_SOCKET;
570#ifdef ENABLE_GSS
571 {
572 OM_uint32 min_s;
573
574 if (conn->gcred != GSS_C_NO_CREDENTIAL)
575 {
576 gss_release_cred(&min_s, &conn->gcred);
577 conn->gcred = GSS_C_NO_CREDENTIAL;
578 }
579 if (conn->gctx)
580 gss_delete_sec_context(&min_s, &conn->gctx, GSS_C_NO_BUFFER);
581 if (conn->gtarg_nam)
582 gss_release_name(&min_s, &conn->gtarg_nam);
583 if (conn->gss_SendBuffer)
584 {
585 free(conn->gss_SendBuffer);
586 conn->gss_SendBuffer = NULL;
587 }
588 if (conn->gss_RecvBuffer)
589 {
590 free(conn->gss_RecvBuffer);
591 conn->gss_RecvBuffer = NULL;
592 }
593 if (conn->gss_ResultBuffer)
594 {
595 free(conn->gss_ResultBuffer);
596 conn->gss_ResultBuffer = NULL;
597 }
598 conn->gssenc = false;
599 }
600#endif
601#ifdef ENABLE_SSPI
602 if (conn->sspitarget)
603 {
604 free(conn->sspitarget);
605 conn->sspitarget = NULL;
606 }
607 if (conn->sspicred)
608 {
609 FreeCredentialsHandle(conn->sspicred);
610 free(conn->sspicred);
611 conn->sspicred = NULL;
612 }
613 if (conn->sspictx)
614 {
615 DeleteSecurityContext(conn->sspictx);
616 free(conn->sspictx);
617 conn->sspictx = NULL;
618 }
619 conn->usesspi = 0;
620#endif
621 if (conn->sasl_state)
622 {
623 conn->sasl->free(conn->sasl_state);
624 conn->sasl_state = NULL;
625 }
626}
627
628/*
629 * pqFreeCommandQueue
630 * Free all the entries of PGcmdQueueEntry queue passed.
631 */
632static void
633pqFreeCommandQueue(PGcmdQueueEntry *queue)
634{
635 while (queue != NULL)
636 {
637 PGcmdQueueEntry *cur = queue;
638
639 queue = cur->next;
640 free(cur->query);
641 free(cur);
642 }
643}
644
645/*
646 * pqDropServerData
647 *
648 * Clear all connection state data that was received from (or deduced about)
649 * the server. This is essential to do between connection attempts to
650 * different servers, else we may incorrectly hold over some data from the
651 * old server.
652 *
653 * It would be better to merge this into pqDropConnection, perhaps, but
654 * right now we cannot because that function is called immediately on
655 * detection of connection loss (cf. pqReadData, for instance). This data
656 * should be kept until we are actually starting a new connection.
657 */
658static void
659pqDropServerData(PGconn *conn)
660{
661 PGnotify *notify;
662 pgParameterStatus *pstatus;
663
664 /* Forget pending notifies */
665 notify = conn->notifyHead;
666 while (notify != NULL)
667 {
668 PGnotify *prev = notify;
669
670 notify = notify->next;
671 free(prev);
672 }
673 conn->notifyHead = conn->notifyTail = NULL;
674
675 /* Reset ParameterStatus data, as well as variables deduced from it */
676 pstatus = conn->pstatus;
677 while (pstatus != NULL)
678 {
679 pgParameterStatus *prev = pstatus;
680
681 pstatus = pstatus->next;
682 free(prev);
683 }
684 conn->pstatus = NULL;
685 conn->client_encoding = PG_SQL_ASCII;
686 conn->std_strings = false;
687 conn->default_transaction_read_only = PG_BOOL_UNKNOWN;
688 conn->in_hot_standby = PG_BOOL_UNKNOWN;
689 conn->scram_sha_256_iterations = SCRAM_SHA_256_DEFAULT_ITERATIONS;
690 conn->sversion = 0;
691
692 /* Drop large-object lookup data */
693 free(conn->lobjfuncs);
694 conn->lobjfuncs = NULL;
695
696 /* Reset assorted other per-connection state */
697 conn->last_sqlstate[0] = '\0';
698 conn->pversion_negotiated = false;
699 conn->auth_req_received = false;
700 conn->client_finished_auth = false;
701 conn->password_needed = false;
702 conn->gssapi_used = false;
703 conn->write_failed = false;
704 free(conn->write_err_msg);
705 conn->write_err_msg = NULL;
706 conn->oauth_want_retry = false;
707
708 /*
709 * Cancel connections need to retain their be_pid and be_cancel_key across
710 * PQcancelReset invocations, otherwise they would not have access to the
711 * secret token of the connection they are supposed to cancel.
712 */
713 if (!conn->cancelRequest)
714 {
715 conn->be_pid = 0;
716 if (conn->be_cancel_key != NULL)
717 {
718 free(conn->be_cancel_key);
719 conn->be_cancel_key = NULL;
720 }
721 conn->be_cancel_key_len = 0;
722 }
723}
724
725
726/*
727 * Connecting to a Database
728 *
729 * There are now six different ways a user of this API can connect to the
730 * database. Two are not recommended for use in new code, because of their
731 * lack of extensibility with respect to the passing of options to the
732 * backend. These are PQsetdb and PQsetdbLogin (the former now being a macro
733 * to the latter).
734 *
735 * If it is desired to connect in a synchronous (blocking) manner, use the
736 * function PQconnectdb or PQconnectdbParams. The former accepts a string of
737 * option = value pairs (or a URI) which must be parsed; the latter takes two
738 * NULL terminated arrays instead.
739 *
740 * To connect in an asynchronous (non-blocking) manner, use the functions
741 * PQconnectStart or PQconnectStartParams (which differ in the same way as
742 * PQconnectdb and PQconnectdbParams) and PQconnectPoll.
743 *
744 * The non-exported functions pqConnectDBStart, pqConnectDBComplete are
745 * part of the connection procedure implementation.
746 */
747
748/*
749 * PQconnectdbParams
750 *
751 * establishes a connection to a postgres backend through the postmaster
752 * using connection information in two arrays.
753 *
754 * The keywords array is defined as
755 *
756 * const char *params[] = {"option1", "option2", NULL}
757 *
758 * The values array is defined as
759 *
760 * const char *values[] = {"value1", "value2", NULL}
761 *
762 * Returns a PGconn* which is needed for all subsequent libpq calls, or NULL
763 * if a memory allocation failed.
764 * If the status field of the connection returned is CONNECTION_BAD,
765 * then some fields may be null'ed out instead of having valid values.
766 *
767 * You should call PQfinish (if conn is not NULL) regardless of whether this
768 * call succeeded.
769 */
770PGconn *
771PQconnectdbParams(const char *const *keywords,
772 const char *const *values,
773 int expand_dbname)
774{
775 PGconn *conn = PQconnectStartParams(keywords, values, expand_dbname);
776
777 if (conn && conn->status != CONNECTION_BAD)
778 (void) pqConnectDBComplete(conn);
779
780 return conn;
781}
782
783/*
784 * PQpingParams
785 *
786 * check server status, accepting parameters identical to PQconnectdbParams
787 */
788PGPing
789PQpingParams(const char *const *keywords,
790 const char *const *values,
791 int expand_dbname)
792{
793 PGconn *conn = PQconnectStartParams(keywords, values, expand_dbname);
794 PGPing ret;
795
796 ret = internal_ping(conn);
797 PQfinish(conn);
798
799 return ret;
800}
801
802/*
803 * PQconnectdb
804 *
805 * establishes a connection to a postgres backend through the postmaster
806 * using connection information in a string.
807 *
808 * The conninfo string is either a whitespace-separated list of
809 *
810 * option = value
811 *
812 * definitions or a URI (refer to the documentation for details.) Value
813 * might be a single value containing no whitespaces or a single quoted
814 * string. If a single quote should appear anywhere in the value, it must be
815 * escaped with a backslash like \'
816 *
817 * Returns a PGconn* which is needed for all subsequent libpq calls, or NULL
818 * if a memory allocation failed.
819 * If the status field of the connection returned is CONNECTION_BAD,
820 * then some fields may be null'ed out instead of having valid values.
821 *
822 * You should call PQfinish (if conn is not NULL) regardless of whether this
823 * call succeeded.
824 */
825PGconn *
826PQconnectdb(const char *conninfo)
827{
828 PGconn *conn = PQconnectStart(conninfo);
829
830 if (conn && conn->status != CONNECTION_BAD)
831 (void) pqConnectDBComplete(conn);
832
833 return conn;
834}
835
836/*
837 * PQping
838 *
839 * check server status, accepting parameters identical to PQconnectdb
840 */
841PGPing
842PQping(const char *conninfo)
843{
844 PGconn *conn = PQconnectStart(conninfo);
845 PGPing ret;
846
847 ret = internal_ping(conn);
848 PQfinish(conn);
849
850 return ret;
851}
852
853/*
854 * PQconnectStartParams
855 *
856 * Begins the establishment of a connection to a postgres backend through the
857 * postmaster using connection information in a struct.
858 *
859 * See comment for PQconnectdbParams for the definition of the string format.
860 *
861 * Returns a PGconn*. If NULL is returned, a malloc error has occurred, and
862 * you should not attempt to proceed with this connection. If the status
863 * field of the connection returned is CONNECTION_BAD, an error has
864 * occurred. In this case you should call PQfinish on the result, (perhaps
865 * inspecting the error message first). Other fields of the structure may not
866 * be valid if that occurs. If the status field is not CONNECTION_BAD, then
867 * this stage has succeeded - call PQconnectPoll, using select(2) to see when
868 * this is necessary.
869 *
870 * See PQconnectPoll for more info.
871 */
872PGconn *
873PQconnectStartParams(const char *const *keywords,
874 const char *const *values,
875 int expand_dbname)
876{
877 PGconn *conn;
878 PQconninfoOption *connOptions;
879
880 /*
881 * Allocate memory for the conn structure. Note that we also expect this
882 * to initialize conn->errorMessage to empty. All subsequent steps during
883 * connection initialization will only append to that buffer.
884 */
885 conn = pqMakeEmptyPGconn();
886 if (conn == NULL)
887 return NULL;
888
889 /*
890 * Parse the conninfo arrays
891 */
892 connOptions = conninfo_array_parse(keywords, values,
893 &conn->errorMessage,
894 true, expand_dbname);
895 if (connOptions == NULL)
896 {
897 conn->status = CONNECTION_BAD;
898 /* errorMessage is already set */
899 return conn;
900 }
901
902 /*
903 * Move option values into conn structure
904 */
905 if (!fillPGconn(conn, connOptions))
906 {
907 PQconninfoFree(connOptions);
908 return conn;
909 }
910
911 /*
912 * Free the option info - all is in conn now
913 */
914 PQconninfoFree(connOptions);
915
916 /*
917 * Compute derived options
918 */
919 if (!pqConnectOptions2(conn))
920 return conn;
921
922 /*
923 * Connect to the database
924 */
925 if (!pqConnectDBStart(conn))
926 {
927 /* Just in case we failed to set it in pqConnectDBStart */
928 conn->status = CONNECTION_BAD;
929 }
930
931 return conn;
932}
933
934/*
935 * PQconnectStart
936 *
937 * Begins the establishment of a connection to a postgres backend through the
938 * postmaster using connection information in a string.
939 *
940 * See comment for PQconnectdb for the definition of the string format.
941 *
942 * Returns a PGconn*. If NULL is returned, a malloc error has occurred, and
943 * you should not attempt to proceed with this connection. If the status
944 * field of the connection returned is CONNECTION_BAD, an error has
945 * occurred. In this case you should call PQfinish on the result, (perhaps
946 * inspecting the error message first). Other fields of the structure may not
947 * be valid if that occurs. If the status field is not CONNECTION_BAD, then
948 * this stage has succeeded - call PQconnectPoll, using select(2) to see when
949 * this is necessary.
950 *
951 * See PQconnectPoll for more info.
952 */
953PGconn *
954PQconnectStart(const char *conninfo)
955{
956 PGconn *conn;
957
958 /*
959 * Allocate memory for the conn structure. Note that we also expect this
960 * to initialize conn->errorMessage to empty. All subsequent steps during
961 * connection initialization will only append to that buffer.
962 */
963 conn = pqMakeEmptyPGconn();
964 if (conn == NULL)
965 return NULL;
966
967 /*
968 * Parse the conninfo string
969 */
970 if (!connectOptions1(conn, conninfo))
971 return conn;
972
973 /*
974 * Compute derived options
975 */
976 if (!pqConnectOptions2(conn))
977 return conn;
978
979 /*
980 * Connect to the database
981 */
982 if (!pqConnectDBStart(conn))
983 {
984 /* Just in case we failed to set it in pqConnectDBStart */
985 conn->status = CONNECTION_BAD;
986 }
987
988 return conn;
989}
990
991/*
992 * Move option values into conn structure
993 *
994 * Don't put anything cute here --- intelligence should be in
995 * pqConnectOptions2 ...
996 *
997 * Returns true on success. On failure, returns false and sets error message.
998 */
999static bool
1000fillPGconn(PGconn *conn, PQconninfoOption *connOptions)
1001{
1002 const internalPQconninfoOption *option;
1003
1004 for (option = PQconninfoOptions; option->keyword; option++)
1005 {
1006 if (option->connofs >= 0)
1007 {
1008 const char *tmp = conninfo_getval(connOptions, option->keyword);
1009
1010 if (tmp)
1011 {
1012 char **connmember = (char **) ((char *) conn + option->connofs);
1013
1014 free(*connmember);
1015 *connmember = strdup(tmp);
1016 if (*connmember == NULL)
1017 {
1018 libpq_append_conn_error(conn, "out of memory");
1019 return false;
1020 }
1021 }
1022 }
1023 }
1024
1025 return true;
1026}
1027
1028/*
1029 * Copy over option values from srcConn to dstConn
1030 *
1031 * Don't put anything cute here --- intelligence should be in
1032 * pqConnectOptions2 ...
1033 *
1034 * Returns true on success. On failure, returns false and sets error message of
1035 * dstConn.
1036 */
1037bool
1038pqCopyPGconn(PGconn *srcConn, PGconn *dstConn)
1039{
1040 const internalPQconninfoOption *option;
1041
1042 /* copy over connection options */
1043 for (option = PQconninfoOptions; option->keyword; option++)
1044 {
1045 if (option->connofs >= 0)
1046 {
1047 const char **tmp = (const char **) ((char *) srcConn + option->connofs);
1048
1049 if (*tmp)
1050 {
1051 char **dstConnmember = (char **) ((char *) dstConn + option->connofs);
1052
1053 if (*dstConnmember)
1054 free(*dstConnmember);
1055 *dstConnmember = strdup(*tmp);
1056 if (*dstConnmember == NULL)
1057 {
1058 libpq_append_conn_error(dstConn, "out of memory");
1059 return false;
1060 }
1061 }
1062 }
1063 }
1064 return true;
1065}
1066
1067/*
1068 * connectOptions1
1069 *
1070 * Internal subroutine to set up connection parameters given an already-
1071 * created PGconn and a conninfo string. Derived settings should be
1072 * processed by calling pqConnectOptions2 next. (We split them because
1073 * PQsetdbLogin overrides defaults in between.)
1074 *
1075 * Returns true if OK, false if trouble (in which case errorMessage is set
1076 * and so is conn->status).
1077 */
1078static bool
1079connectOptions1(PGconn *conn, const char *conninfo)
1080{
1081 PQconninfoOption *connOptions;
1082
1083 /*
1084 * Parse the conninfo string
1085 */
1086 connOptions = parse_connection_string(conninfo, &conn->errorMessage, true);
1087 if (connOptions == NULL)
1088 {
1089 conn->status = CONNECTION_BAD;
1090 /* errorMessage is already set */
1091 return false;
1092 }
1093
1094 /*
1095 * Move option values into conn structure
1096 */
1097 if (!fillPGconn(conn, connOptions))
1098 {
1099 conn->status = CONNECTION_BAD;
1100 PQconninfoFree(connOptions);
1101 return false;
1102 }
1103
1104 /*
1105 * Free the option info - all is in conn now
1106 */
1107 PQconninfoFree(connOptions);
1108
1109 return true;
1110}
1111
1112/*
1113 * Count the number of elements in a simple comma-separated list.
1114 */
1115static int
1116count_comma_separated_elems(const char *input)
1117{
1118 int n;
1119
1120 n = 1;
1121 for (; *input != '\0'; input++)
1122 {
1123 if (*input == ',')
1124 n++;
1125 }
1126
1127 return n;
1128}
1129
1130/*
1131 * Parse a simple comma-separated list.
1132 *
1133 * On each call, returns a malloc'd copy of the next element, and sets *more
1134 * to indicate whether there are any more elements in the list after this,
1135 * and updates *startptr to point to the next element, if any.
1136 *
1137 * On out of memory, returns NULL.
1138 */
1139static char *
1140parse_comma_separated_list(char **startptr, bool *more)
1141{
1142 char *p;
1143 char *s = *startptr;
1144 char *e;
1145 size_t len;
1146
1147 /*
1148 * Search for the end of the current element; a comma or end-of-string
1149 * acts as a terminator.
1150 */
1151 e = s;
1152 while (*e != '\0' && *e != ',')
1153 ++e;
1154 *more = (*e == ',');
1155
1156 len = e - s;
1157 p = (char *) malloc(sizeof(char) * (len + 1));
1158 if (p)
1159 {
1160 memcpy(p, s, len);
1161 p[len] = '\0';
1162 }
1163 *startptr = e + 1;
1164
1165 return p;
1166}
1167
1168/*
1169 * Initializes the prng_state field of the connection. We want something
1170 * unpredictable, so if possible, use high-quality random bits for the
1171 * seed. Otherwise, fall back to a seed based on the connection address,
1172 * timestamp and PID.
1173 */
1174static void
1175libpq_prng_init(PGconn *conn)
1176{
1177 uint64 rseed;
1178 struct timeval tval = {0};
1179
1180 if (pg_prng_strong_seed(&conn->prng_state))
1181 return;
1182
1183 gettimeofday(&tval, NULL);
1184
1185 rseed = ((uintptr_t) conn) ^
1186 ((uint64) getpid()) ^
1187 ((uint64) tval.tv_usec) ^
1188 ((uint64) tval.tv_sec);
1189
1190 pg_prng_seed(&conn->prng_state, rseed);
1191}
1192
1193/*
1194 * Fills the connection's allowed_sasl_mechs list with all supported SASL
1195 * mechanisms.
1196 */
1197static inline void
1198fill_allowed_sasl_mechs(PGconn *conn)
1199{
1200 /*---
1201 * We only support two mechanisms at the moment, so rather than deal with a
1202 * linked list, conn->allowed_sasl_mechs is an array of static length. We
1203 * rely on the compile-time assertion here to keep us honest.
1204 *
1205 * To add a new mechanism to require_auth,
1206 * - add it to supported_sasl_mechs,
1207 * - update the length of conn->allowed_sasl_mechs,
1208 * - handle the new mechanism name in the require_auth portion of
1209 * pqConnectOptions2(), below.
1210 */
1211 StaticAssertDecl(lengthof(conn->allowed_sasl_mechs) == SASL_MECHANISM_COUNT,
1212 "conn->allowed_sasl_mechs[] is not sufficiently large for holding all supported SASL mechanisms");
1213
1214 for (int i = 0; i < SASL_MECHANISM_COUNT; i++)
1215 conn->allowed_sasl_mechs[i] = supported_sasl_mechs[i];
1216}
1217
1218/*
1219 * Clears the connection's allowed_sasl_mechs list.
1220 */
1221static inline void
1227
1228/*
1229 * Helper routine that searches the static allowed_sasl_mechs list for a
1230 * specific mechanism.
1231 */
1232static inline int
1233index_of_allowed_sasl_mech(PGconn *conn, const pg_fe_sasl_mech *mech)
1234{
1235 for (int i = 0; i < lengthof(conn->allowed_sasl_mechs); i++)
1236 {
1237 if (conn->allowed_sasl_mechs[i] == mech)
1238 return i;
1239 }
1240
1241 return -1;
1242}
1243
1244/*
1245 * pqConnectOptions2
1246 *
1247 * Compute derived connection options after absorbing all user-supplied info.
1248 *
1249 * Returns true if OK, false if trouble (in which case errorMessage is set
1250 * and so is conn->status).
1251 */
1252bool
1253pqConnectOptions2(PGconn *conn)
1254{
1255 int i;
1256
1257 /*
1258 * Allocate memory for details about each host to which we might possibly
1259 * try to connect. For that, count the number of elements in the hostaddr
1260 * or host options. If neither is given, assume one host.
1261 */
1262 conn->whichhost = 0;
1263 if (conn->pghostaddr && conn->pghostaddr[0] != '\0')
1264 conn->nconnhost = count_comma_separated_elems(conn->pghostaddr);
1265 else if (conn->pghost && conn->pghost[0] != '\0')
1266 conn->nconnhost = count_comma_separated_elems(conn->pghost);
1267 else
1268 conn->nconnhost = 1;
1269 conn->connhost = (pg_conn_host *)
1270 calloc(conn->nconnhost, sizeof(pg_conn_host));
1271 if (conn->connhost == NULL)
1272 goto oom_error;
1273
1274 /*
1275 * We now have one pg_conn_host structure per possible host. Fill in the
1276 * host and hostaddr fields for each, by splitting the parameter strings.
1277 */
1278 if (conn->pghostaddr != NULL && conn->pghostaddr[0] != '\0')
1279 {
1280 char *s = conn->pghostaddr;
1281 bool more = true;
1282
1283 for (i = 0; i < conn->nconnhost && more; i++)
1284 {
1285 conn->connhost[i].hostaddr = parse_comma_separated_list(&s, &more);
1286 if (conn->connhost[i].hostaddr == NULL)
1287 goto oom_error;
1288 }
1289
1290 /*
1291 * If hostaddr was given, the array was allocated according to the
1292 * number of elements in the hostaddr list, so it really should be the
1293 * right size.
1294 */
1295 Assert(!more);
1296 Assert(i == conn->nconnhost);
1297 }
1298
1299 if (conn->pghost != NULL && conn->pghost[0] != '\0')
1300 {
1301 char *s = conn->pghost;
1302 bool more = true;
1303
1304 for (i = 0; i < conn->nconnhost && more; i++)
1305 {
1306 conn->connhost[i].host = parse_comma_separated_list(&s, &more);
1307 if (conn->connhost[i].host == NULL)
1308 goto oom_error;
1309 }
1310
1311 /* Check for wrong number of host items. */
1312 if (more || i != conn->nconnhost)
1313 {
1314 conn->status = CONNECTION_BAD;
1315 libpq_append_conn_error(conn, "could not match %d host names to %d hostaddr values",
1316 count_comma_separated_elems(conn->pghost), conn->nconnhost);
1317 return false;
1318 }
1319 }
1320
1321 /*
1322 * Now, for each host slot, identify the type of address spec, and fill in
1323 * the default address if nothing was given.
1324 */
1325 for (i = 0; i < conn->nconnhost; i++)
1326 {
1327 pg_conn_host *ch = &conn->connhost[i];
1328
1329 if (ch->hostaddr != NULL && ch->hostaddr[0] != '\0')
1330 ch->type = CHT_HOST_ADDRESS;
1331 else if (ch->host != NULL && ch->host[0] != '\0')
1332 {
1333 ch->type = CHT_HOST_NAME;
1334 if (is_unixsock_path(ch->host))
1335 ch->type = CHT_UNIX_SOCKET;
1336 }
1337 else
1338 {
1339 free(ch->host);
1340
1341 /*
1342 * This bit selects the default host location. If you change
1343 * this, see also pg_regress.
1344 */
1345 if (DEFAULT_PGSOCKET_DIR[0])
1346 {
1347 ch->host = strdup(DEFAULT_PGSOCKET_DIR);
1348 ch->type = CHT_UNIX_SOCKET;
1349 }
1350 else
1351 {
1352 ch->host = strdup(DefaultHost);
1353 ch->type = CHT_HOST_NAME;
1354 }
1355 if (ch->host == NULL)
1356 goto oom_error;
1357 }
1358 }
1359
1360 /*
1361 * Next, work out the port number corresponding to each host name.
1362 *
1363 * Note: unlike the above for host names, this could leave the port fields
1364 * as null or empty strings. We will substitute DEF_PGPORT whenever we
1365 * read such a port field.
1366 */
1367 if (conn->pgport != NULL && conn->pgport[0] != '\0')
1368 {
1369 char *s = conn->pgport;
1370 bool more = true;
1371
1372 for (i = 0; i < conn->nconnhost && more; i++)
1373 {
1374 conn->connhost[i].port = parse_comma_separated_list(&s, &more);
1375 if (conn->connhost[i].port == NULL)
1376 goto oom_error;
1377 }
1378
1379 /*
1380 * If exactly one port was given, use it for every host. Otherwise,
1381 * there must be exactly as many ports as there were hosts.
1382 */
1383 if (i == 1 && !more)
1384 {
1385 for (i = 1; i < conn->nconnhost; i++)
1386 {
1387 conn->connhost[i].port = strdup(conn->connhost[0].port);
1388 if (conn->connhost[i].port == NULL)
1389 goto oom_error;
1390 }
1391 }
1392 else if (more || i != conn->nconnhost)
1393 {
1394 conn->status = CONNECTION_BAD;
1395 libpq_append_conn_error(conn, "could not match %d port numbers to %d hosts",
1396 count_comma_separated_elems(conn->pgport), conn->nconnhost);
1397 return false;
1398 }
1399 }
1400
1401 /*
1402 * If user name was not given, fetch it. (Most likely, the fetch will
1403 * fail, since the only way we get here is if pg_fe_getauthname() failed
1404 * during conninfo_add_defaults(). But now we want an error message.)
1405 */
1406 if (conn->pguser == NULL || conn->pguser[0] == '\0')
1407 {
1408 free(conn->pguser);
1409 conn->pguser = pg_fe_getauthname(&conn->errorMessage);
1410 if (!conn->pguser)
1411 {
1412 conn->status = CONNECTION_BAD;
1413 return false;
1414 }
1415 }
1416
1417 /*
1418 * If database name was not given, default it to equal user name
1419 */
1420 if (conn->dbName == NULL || conn->dbName[0] == '\0')
1421 {
1422 free(conn->dbName);
1423 conn->dbName = strdup(conn->pguser);
1424 if (!conn->dbName)
1425 goto oom_error;
1426 }
1427
1428 /*
1429 * If password was not given, try to look it up in password file. Note
1430 * that the result might be different for each host/port pair.
1431 */
1432 if (conn->pgpass == NULL || conn->pgpass[0] == '\0')
1433 {
1434 /* If password file wasn't specified, use ~/PGPASSFILE */
1435 if (conn->pgpassfile == NULL || conn->pgpassfile[0] == '\0')
1436 {
1437 char homedir[MAXPGPATH];
1438
1439 if (pqGetHomeDirectory(homedir, sizeof(homedir)))
1440 {
1441 free(conn->pgpassfile);
1442 conn->pgpassfile = malloc(MAXPGPATH);
1443 if (!conn->pgpassfile)
1444 goto oom_error;
1445 snprintf(conn->pgpassfile, MAXPGPATH, "%s/%s",
1446 homedir, PGPASSFILE);
1447 }
1448 }
1449
1450 if (conn->pgpassfile != NULL && conn->pgpassfile[0] != '\0')
1451 {
1452 for (i = 0; i < conn->nconnhost; i++)
1453 {
1454 /*
1455 * Try to get a password for this host from file. We use host
1456 * for the hostname search key if given, else hostaddr (at
1457 * least one of them is guaranteed nonempty by now).
1458 */
1459 const char *pwhost = conn->connhost[i].host;
1460 const char *password_errmsg = NULL;
1461
1462 if (pwhost == NULL || pwhost[0] == '\0')
1463 pwhost = conn->connhost[i].hostaddr;
1464
1465 conn->connhost[i].password =
1466 passwordFromFile(pwhost,
1467 conn->connhost[i].port,
1468 conn->dbName,
1469 conn->pguser,
1470 conn->pgpassfile,
1471 &password_errmsg);
1472
1473 if (password_errmsg != NULL)
1474 {
1475 conn->status = CONNECTION_BAD;
1476 libpq_append_conn_error(conn, "%s", password_errmsg);
1477 return false;
1478 }
1479 }
1480 }
1481 }
1482
1483 /*
1484 * parse and validate require_auth option
1485 */
1486 if (conn->require_auth && conn->require_auth[0])
1487 {
1488 char *s = conn->require_auth;
1489 bool first,
1490 more;
1491 bool negated = false;
1492
1493 /*
1494 * By default, start from an empty set of allowed methods and
1495 * mechanisms, and add to it.
1496 */
1497 conn->auth_required = true;
1498 conn->allowed_auth_methods = 0;
1499 clear_allowed_sasl_mechs(conn);
1500
1501 for (first = true, more = true; more; first = false)
1502 {
1503 char *method,
1504 *part;
1505 uint32 bits = 0;
1506 const pg_fe_sasl_mech *mech = NULL;
1507
1508 part = parse_comma_separated_list(&s, &more);
1509 if (part == NULL)
1510 goto oom_error;
1511
1512 /*
1513 * Check for negation, e.g. '!password'. If one element is
1514 * negated, they all have to be.
1515 */
1516 method = part;
1517 if (*method == '!')
1518 {
1519 if (first)
1520 {
1521 /*
1522 * Switch to a permissive set of allowed methods and
1523 * mechanisms, and subtract from it.
1524 */
1525 conn->auth_required = false;
1526 conn->allowed_auth_methods = -1;
1527 fill_allowed_sasl_mechs(conn);
1528 }
1529 else if (!negated)
1530 {
1531 conn->status = CONNECTION_BAD;
1532 libpq_append_conn_error(conn, "negative require_auth method \"%s\" cannot be mixed with non-negative methods",
1533 method);
1534
1535 free(part);
1536 return false;
1537 }
1538
1539 negated = true;
1540 method++;
1541 }
1542 else if (negated)
1543 {
1544 conn->status = CONNECTION_BAD;
1545 libpq_append_conn_error(conn, "require_auth method \"%s\" cannot be mixed with negative methods",
1546 method);
1547
1548 free(part);
1549 return false;
1550 }
1551
1552 /*
1553 * First group: methods that can be handled solely with the
1554 * authentication request codes.
1555 */
1556 if (strcmp(method, "password") == 0)
1557 {
1558 bits = (1 << AUTH_REQ_PASSWORD);
1559 }
1560 else if (strcmp(method, "md5") == 0)
1561 {
1562 bits = (1 << AUTH_REQ_MD5);
1563 }
1564 else if (strcmp(method, "gss") == 0)
1565 {
1566 bits = (1 << AUTH_REQ_GSS);
1567 bits |= (1 << AUTH_REQ_GSS_CONT);
1568 }
1569 else if (strcmp(method, "sspi") == 0)
1570 {
1571 bits = (1 << AUTH_REQ_SSPI);
1572 bits |= (1 << AUTH_REQ_GSS_CONT);
1573 }
1574
1575 /*
1576 * Next group: SASL mechanisms. All of these use the same request
1577 * codes, so the list of allowed mechanisms is tracked separately.
1578 *
1579 * supported_sasl_mechs must contain all mechanisms handled here.
1580 */
1581 else if (strcmp(method, "scram-sha-256") == 0)
1582 {
1583 mech = &pg_scram_mech;
1584 }
1585 else if (strcmp(method, "oauth") == 0)
1586 {
1587 mech = &pg_oauth_mech;
1588 }
1589
1590 /*
1591 * Final group: meta-options.
1592 */
1593 else if (strcmp(method, "none") == 0)
1594 {
1595 /*
1596 * Special case: let the user explicitly allow (or disallow)
1597 * connections where the server does not send an explicit
1598 * authentication challenge, such as "trust" and "cert" auth.
1599 */
1600 if (negated) /* "!none" */
1601 {
1602 if (conn->auth_required)
1603 goto duplicate;
1604
1605 conn->auth_required = true;
1606 }
1607 else /* "none" */
1608 {
1609 if (!conn->auth_required)
1610 goto duplicate;
1611
1612 conn->auth_required = false;
1613 }
1614
1615 free(part);
1616 continue; /* avoid the bitmask manipulation below */
1617 }
1618 else
1619 {
1620 conn->status = CONNECTION_BAD;
1621 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
1622 "require_auth", method);
1623
1624 free(part);
1625 return false;
1626 }
1627
1628 if (mech)
1629 {
1630 /*
1631 * Update the mechanism set only. The method bitmask will be
1632 * updated for SASL further down.
1633 */
1634 Assert(!bits);
1635
1636 if (negated)
1637 {
1638 /* Remove the existing mechanism from the list. */
1639 i = index_of_allowed_sasl_mech(conn, mech);
1640 if (i < 0)
1641 goto duplicate;
1642
1643 conn->allowed_sasl_mechs[i] = NULL;
1644 }
1645 else
1646 {
1647 /*
1648 * Find a space to put the new mechanism (after making
1649 * sure it's not already there).
1650 */
1651 i = index_of_allowed_sasl_mech(conn, mech);
1652 if (i >= 0)
1653 goto duplicate;
1654
1655 i = index_of_allowed_sasl_mech(conn, NULL);
1656 if (i < 0)
1657 {
1658 /* Should not happen; the pointer list is corrupted. */
1659 Assert(false);
1660
1661 conn->status = CONNECTION_BAD;
1662 libpq_append_conn_error(conn,
1663 "internal error: no space in allowed_sasl_mechs");
1664 free(part);
1665 return false;
1666 }
1667
1668 conn->allowed_sasl_mechs[i] = mech;
1669 }
1670 }
1671 else
1672 {
1673 /* Update the method bitmask. */
1674 Assert(bits);
1675
1676 if (negated)
1677 {
1678 if ((conn->allowed_auth_methods & bits) == 0)
1679 goto duplicate;
1680
1681 conn->allowed_auth_methods &= ~bits;
1682 }
1683 else
1684 {
1685 if ((conn->allowed_auth_methods & bits) == bits)
1686 goto duplicate;
1687
1688 conn->allowed_auth_methods |= bits;
1689 }
1690 }
1691
1692 free(part);
1693 continue;
1694
1695 duplicate:
1696
1697 /*
1698 * A duplicated method probably indicates a typo in a setting
1699 * where typos are extremely risky.
1700 */
1701 conn->status = CONNECTION_BAD;
1702 libpq_append_conn_error(conn, "require_auth method \"%s\" is specified more than once",
1703 part);
1704
1705 free(part);
1706 return false;
1707 }
1708
1709 /*
1710 * Finally, allow SASL authentication requests if (and only if) we've
1711 * allowed any mechanisms.
1712 */
1713 {
1714 bool allowed = false;
1715 const uint32 sasl_bits =
1716 (1 << AUTH_REQ_SASL)
1717 | (1 << AUTH_REQ_SASL_CONT)
1718 | (1 << AUTH_REQ_SASL_FIN);
1719
1720 for (i = 0; i < lengthof(conn->allowed_sasl_mechs); i++)
1721 {
1722 if (conn->allowed_sasl_mechs[i])
1723 {
1724 allowed = true;
1725 break;
1726 }
1727 }
1728
1729 /*
1730 * For the standard case, add the SASL bits to the (default-empty)
1731 * set if needed. For the negated case, remove them.
1732 */
1733 if (!negated && allowed)
1734 conn->allowed_auth_methods |= sasl_bits;
1735 else if (negated && !allowed)
1736 conn->allowed_auth_methods &= ~sasl_bits;
1737 }
1738 }
1739
1740 /*
1741 * validate channel_binding option
1742 */
1743 if (conn->channel_binding)
1744 {
1745 if (strcmp(conn->channel_binding, "disable") != 0
1746 && strcmp(conn->channel_binding, "prefer") != 0
1747 && strcmp(conn->channel_binding, "require") != 0)
1748 {
1749 conn->status = CONNECTION_BAD;
1750 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
1751 "channel_binding", conn->channel_binding);
1752 return false;
1753 }
1754 }
1755 else
1756 {
1757 conn->channel_binding = strdup(DefaultChannelBinding);
1758 if (!conn->channel_binding)
1759 goto oom_error;
1760 }
1761
1762#ifndef USE_SSL
1763
1764 /*
1765 * sslrootcert=system is not supported. Since setting this changes the
1766 * default sslmode, check this _before_ we validate sslmode, to avoid
1767 * confusing the user with errors for an option they may not have set.
1768 */
1769 if (conn->sslrootcert
1770 && strcmp(conn->sslrootcert, "system") == 0)
1771 {
1772 conn->status = CONNECTION_BAD;
1773 libpq_append_conn_error(conn, "%s value \"%s\" invalid when SSL support is not compiled in",
1774 "sslrootcert", conn->sslrootcert);
1775 return false;
1776 }
1777#endif
1778
1779 /*
1780 * validate sslmode option
1781 */
1782 if (conn->sslmode)
1783 {
1784 if (strcmp(conn->sslmode, "disable") != 0
1785 && strcmp(conn->sslmode, "allow") != 0
1786 && strcmp(conn->sslmode, "prefer") != 0
1787 && strcmp(conn->sslmode, "require") != 0
1788 && strcmp(conn->sslmode, "verify-ca") != 0
1789 && strcmp(conn->sslmode, "verify-full") != 0)
1790 {
1791 conn->status = CONNECTION_BAD;
1792 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
1793 "sslmode", conn->sslmode);
1794 return false;
1795 }
1796
1797#ifndef USE_SSL
1798 switch (conn->sslmode[0])
1799 {
1800 case 'a': /* "allow" */
1801 case 'p': /* "prefer" */
1802
1803 /*
1804 * warn user that an SSL connection will never be negotiated
1805 * since SSL was not compiled in?
1806 */
1807 break;
1808
1809 case 'r': /* "require" */
1810 case 'v': /* "verify-ca" or "verify-full" */
1811 conn->status = CONNECTION_BAD;
1812 libpq_append_conn_error(conn, "%s value \"%s\" invalid when SSL support is not compiled in",
1813 "sslmode", conn->sslmode);
1814 return false;
1815 }
1816#endif
1817 }
1818 else
1819 {
1820 conn->sslmode = strdup(DefaultSSLMode);
1821 if (!conn->sslmode)
1822 goto oom_error;
1823 }
1824
1825 /*
1826 * validate sslnegotiation option, default is "postgres" for the postgres
1827 * style negotiated connection with an extra round trip but more options.
1828 */
1829 if (conn->sslnegotiation)
1830 {
1831 if (strcmp(conn->sslnegotiation, "postgres") != 0
1832 && strcmp(conn->sslnegotiation, "direct") != 0)
1833 {
1834 conn->status = CONNECTION_BAD;
1835 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
1836 "sslnegotiation", conn->sslnegotiation);
1837 return false;
1838 }
1839
1840#ifndef USE_SSL
1841 if (conn->sslnegotiation[0] != 'p')
1842 {
1843 conn->status = CONNECTION_BAD;
1844 libpq_append_conn_error(conn, "%s value \"%s\" invalid when SSL support is not compiled in",
1845 "sslnegotiation", conn->sslnegotiation);
1846 return false;
1847 }
1848#endif
1849
1850 /*
1851 * Don't allow direct SSL negotiation with sslmode='prefer', because
1852 * that poses a risk of unintentional fallback to plaintext connection
1853 * when connecting to a pre-v17 server that does not support direct
1854 * SSL connections. To keep things simple, don't allow it with
1855 * sslmode='allow' or sslmode='disable' either. If a user goes through
1856 * the trouble of setting sslnegotiation='direct', they probably
1857 * intend to use SSL, and sslmode=disable or allow is probably a user
1858 * mistake anyway.
1859 */
1860 if (conn->sslnegotiation[0] == 'd' &&
1861 conn->sslmode[0] != 'r' && conn->sslmode[0] != 'v')
1862 {
1863 conn->status = CONNECTION_BAD;
1864 libpq_append_conn_error(conn, "weak sslmode \"%s\" may not be used with sslnegotiation=direct (use \"require\", \"verify-ca\", or \"verify-full\")",
1865 conn->sslmode);
1866 return false;
1867 }
1868 }
1869 else
1870 {
1871 conn->sslnegotiation = strdup(DefaultSSLNegotiation);
1872 if (!conn->sslnegotiation)
1873 goto oom_error;
1874 }
1875
1876#ifdef USE_SSL
1877
1878 /*
1879 * If sslrootcert=system, make sure our chosen sslmode is compatible.
1880 */
1881 if (conn->sslrootcert
1882 && strcmp(conn->sslrootcert, "system") == 0
1883 && strcmp(conn->sslmode, "verify-full") != 0)
1884 {
1885 conn->status = CONNECTION_BAD;
1886 libpq_append_conn_error(conn, "weak sslmode \"%s\" may not be used with sslrootcert=system (use \"verify-full\")",
1887 conn->sslmode);
1888 return false;
1889 }
1890#endif
1891
1892 /*
1893 * Validate TLS protocol versions for ssl_min_protocol_version and
1894 * ssl_max_protocol_version.
1895 */
1896 if (!sslVerifyProtocolVersion(conn->ssl_min_protocol_version))
1897 {
1898 conn->status = CONNECTION_BAD;
1899 libpq_append_conn_error(conn, "invalid \"%s\" value: \"%s\"",
1900 "ssl_min_protocol_version",
1901 conn->ssl_min_protocol_version);
1902 return false;
1903 }
1904 if (!sslVerifyProtocolVersion(conn->ssl_max_protocol_version))
1905 {
1906 conn->status = CONNECTION_BAD;
1907 libpq_append_conn_error(conn, "invalid \"%s\" value: \"%s\"",
1908 "ssl_max_protocol_version",
1909 conn->ssl_max_protocol_version);
1910 return false;
1911 }
1912
1913 /*
1914 * Check if the range of SSL protocols defined is correct. This is done
1915 * at this early step because this is independent of the SSL
1916 * implementation used, and this avoids unnecessary cycles with an
1917 * already-built SSL context when the connection is being established, as
1918 * it would be doomed anyway.
1919 */
1920 if (!sslVerifyProtocolRange(conn->ssl_min_protocol_version,
1921 conn->ssl_max_protocol_version))
1922 {
1923 conn->status = CONNECTION_BAD;
1924 libpq_append_conn_error(conn, "invalid SSL protocol version range");
1925 return false;
1926 }
1927
1928 /*
1929 * validate sslcertmode option
1930 */
1931 if (conn->sslcertmode)
1932 {
1933 if (strcmp(conn->sslcertmode, "disable") != 0 &&
1934 strcmp(conn->sslcertmode, "allow") != 0 &&
1935 strcmp(conn->sslcertmode, "require") != 0)
1936 {
1937 conn->status = CONNECTION_BAD;
1938 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
1939 "sslcertmode", conn->sslcertmode);
1940 return false;
1941 }
1942#ifndef USE_SSL
1943 if (strcmp(conn->sslcertmode, "require") == 0)
1944 {
1945 conn->status = CONNECTION_BAD;
1946 libpq_append_conn_error(conn, "%s value \"%s\" invalid when SSL support is not compiled in",
1947 "sslcertmode", conn->sslcertmode);
1948 return false;
1949 }
1950#endif
1951#ifndef HAVE_SSL_CTX_SET_CERT_CB
1952
1953 /*
1954 * Without a certificate callback, the current implementation can't
1955 * figure out if a certificate was actually requested, so "require" is
1956 * useless.
1957 */
1958 if (strcmp(conn->sslcertmode, "require") == 0)
1959 {
1960 conn->status = CONNECTION_BAD;
1961 libpq_append_conn_error(conn, "%s value \"%s\" is not supported (check OpenSSL version)",
1962 "sslcertmode", conn->sslcertmode);
1963 return false;
1964 }
1965#endif
1966 }
1967 else
1968 {
1969 conn->sslcertmode = strdup(DefaultSSLCertMode);
1970 if (!conn->sslcertmode)
1971 goto oom_error;
1972 }
1973
1974 /*
1975 * validate gssencmode option
1976 */
1977 if (conn->gssencmode)
1978 {
1979 if (strcmp(conn->gssencmode, "disable") != 0 &&
1980 strcmp(conn->gssencmode, "prefer") != 0 &&
1981 strcmp(conn->gssencmode, "require") != 0)
1982 {
1983 conn->status = CONNECTION_BAD;
1984 libpq_append_conn_error(conn, "invalid %s value: \"%s\"", "gssencmode", conn->gssencmode);
1985 return false;
1986 }
1987#ifndef ENABLE_GSS
1988 if (strcmp(conn->gssencmode, "require") == 0)
1989 {
1990 conn->status = CONNECTION_BAD;
1991 libpq_append_conn_error(conn, "gssencmode value \"%s\" invalid when GSSAPI support is not compiled in",
1992 conn->gssencmode);
1993 return false;
1994 }
1995#endif
1996 }
1997 else
1998 {
1999 conn->gssencmode = strdup(DefaultGSSMode);
2000 if (!conn->gssencmode)
2001 goto oom_error;
2002 }
2003
2004 /*
2005 * validate target_session_attrs option, and set target_server_type
2006 */
2007 if (conn->target_session_attrs)
2008 {
2009 if (strcmp(conn->target_session_attrs, "any") == 0)
2010 conn->target_server_type = SERVER_TYPE_ANY;
2011 else if (strcmp(conn->target_session_attrs, "read-write") == 0)
2012 conn->target_server_type = SERVER_TYPE_READ_WRITE;
2013 else if (strcmp(conn->target_session_attrs, "read-only") == 0)
2014 conn->target_server_type = SERVER_TYPE_READ_ONLY;
2015 else if (strcmp(conn->target_session_attrs, "primary") == 0)
2016 conn->target_server_type = SERVER_TYPE_PRIMARY;
2017 else if (strcmp(conn->target_session_attrs, "standby") == 0)
2018 conn->target_server_type = SERVER_TYPE_STANDBY;
2019 else if (strcmp(conn->target_session_attrs, "prefer-standby") == 0)
2020 conn->target_server_type = SERVER_TYPE_PREFER_STANDBY;
2021 else
2022 {
2023 conn->status = CONNECTION_BAD;
2024 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
2025 "target_session_attrs",
2026 conn->target_session_attrs);
2027 return false;
2028 }
2029 }
2030 else
2031 conn->target_server_type = SERVER_TYPE_ANY;
2032
2033 if (conn->scram_client_key)
2034 {
2035 int len;
2036
2037 len = pg_b64_dec_len(strlen(conn->scram_client_key));
2038 conn->scram_client_key_binary = malloc(len);
2039 if (!conn->scram_client_key_binary)
2040 goto oom_error;
2041 len = pg_b64_decode(conn->scram_client_key, strlen(conn->scram_client_key),
2042 conn->scram_client_key_binary, len);
2043 if (len < 0)
2044 {
2045 libpq_append_conn_error(conn, "invalid SCRAM client key");
2046 return false;
2047 }
2048 if (len != SCRAM_MAX_KEY_LEN)
2049 {
2050 libpq_append_conn_error(conn, "invalid SCRAM client key length: %d", len);
2051 return false;
2052 }
2053 conn->scram_client_key_len = len;
2054 }
2055
2056 if (conn->scram_server_key)
2057 {
2058 int len;
2059
2060 len = pg_b64_dec_len(strlen(conn->scram_server_key));
2061 conn->scram_server_key_binary = malloc(len);
2062 if (!conn->scram_server_key_binary)
2063 goto oom_error;
2064 len = pg_b64_decode(conn->scram_server_key, strlen(conn->scram_server_key),
2065 conn->scram_server_key_binary, len);
2066 if (len < 0)
2067 {
2068 libpq_append_conn_error(conn, "invalid SCRAM server key");
2069 return false;
2070 }
2071 if (len != SCRAM_MAX_KEY_LEN)
2072 {
2073 libpq_append_conn_error(conn, "invalid SCRAM server key length: %d", len);
2074 return false;
2075 }
2076 conn->scram_server_key_len = len;
2077 }
2078
2079 /*
2080 * validate load_balance_hosts option, and set load_balance_type
2081 */
2082 if (conn->load_balance_hosts)
2083 {
2084 if (strcmp(conn->load_balance_hosts, "disable") == 0)
2085 conn->load_balance_type = LOAD_BALANCE_DISABLE;
2086 else if (strcmp(conn->load_balance_hosts, "random") == 0)
2087 conn->load_balance_type = LOAD_BALANCE_RANDOM;
2088 else
2089 {
2090 conn->status = CONNECTION_BAD;
2091 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
2092 "load_balance_hosts",
2093 conn->load_balance_hosts);
2094 return false;
2095 }
2096 }
2097 else
2098 conn->load_balance_type = LOAD_BALANCE_DISABLE;
2099
2100 if (conn->load_balance_type == LOAD_BALANCE_RANDOM)
2101 {
2102 libpq_prng_init(conn);
2103
2104 /*
2105 * This is the "inside-out" variant of the Fisher-Yates shuffle
2106 * algorithm. Notionally, we append each new value to the array and
2107 * then swap it with a randomly-chosen array element (possibly
2108 * including itself, else we fail to generate permutations with the
2109 * last integer last). The swap step can be optimized by combining it
2110 * with the insertion.
2111 */
2112 for (i = 1; i < conn->nconnhost; i++)
2113 {
2114 int j = pg_prng_uint64_range(&conn->prng_state, 0, i);
2115 pg_conn_host temp = conn->connhost[j];
2116
2117 conn->connhost[j] = conn->connhost[i];
2118 conn->connhost[i] = temp;
2119 }
2120 }
2121
2122 if (conn->min_protocol_version)
2123 {
2124 if (!pqParseProtocolVersion(conn->min_protocol_version, &conn->min_pversion, conn, "min_protocol_version"))
2125 {
2126 conn->status = CONNECTION_BAD;
2127 return false;
2128 }
2129 }
2130 else
2131 {
2132 conn->min_pversion = PG_PROTOCOL_EARLIEST;
2133 }
2134
2135 if (conn->max_protocol_version)
2136 {
2137 if (!pqParseProtocolVersion(conn->max_protocol_version, &conn->max_pversion, conn, "max_protocol_version"))
2138 {
2139 conn->status = CONNECTION_BAD;
2140 return false;
2141 }
2142 }
2143 else
2144 {
2145 /*
2146 * Default to PG_PROTOCOL_GREASE, which is larger than all real
2147 * versions, to test negotiation. The server should automatically
2148 * downgrade to a supported version.
2149 *
2150 * This behavior is for 19beta only. It will be reverted before RC1.
2151 */
2152 conn->max_pversion = PG_PROTOCOL_GREASE;
2153 }
2154
2155 if (conn->min_pversion > conn->max_pversion)
2156 {
2157 conn->status = CONNECTION_BAD;
2158 libpq_append_conn_error(conn, "\"%s\" is greater than \"%s\"", "min_protocol_version", "max_protocol_version");
2159 return false;
2160 }
2161
2162 /*
2163 * Resolve special "auto" client_encoding from the locale
2164 */
2165 if (conn->client_encoding_initial &&
2166 strcmp(conn->client_encoding_initial, "auto") == 0)
2167 {
2168 free(conn->client_encoding_initial);
2169 conn->client_encoding_initial = strdup(pg_encoding_to_char(pg_get_encoding_from_locale(NULL, true)));
2170 if (!conn->client_encoding_initial)
2171 goto oom_error;
2172 }
2173
2174 /*
2175 * Only if we get this far is it appropriate to try to connect. (We need a
2176 * state flag, rather than just the boolean result of this function, in
2177 * case someone tries to PQreset() the PGconn.)
2178 */
2179 conn->options_valid = true;
2180
2181 return true;
2182
2183oom_error:
2184 conn->status = CONNECTION_BAD;
2185 libpq_append_conn_error(conn, "out of memory");
2186 return false;
2187}
2188
2189/*
2190 * PQconndefaults
2191 *
2192 * Construct a default connection options array, which identifies all the
2193 * available options and shows any default values that are available from the
2194 * environment etc. On error (eg out of memory), NULL is returned.
2195 *
2196 * Using this function, an application may determine all possible options
2197 * and their current default values.
2198 *
2199 * NOTE: as of PostgreSQL 7.0, the returned array is dynamically allocated
2200 * and should be freed when no longer needed via PQconninfoFree(). (In prior
2201 * versions, the returned array was static, but that's not thread-safe.)
2202 * Pre-7.0 applications that use this function will see a small memory leak
2203 * until they are updated to call PQconninfoFree.
2204 */
2205PQconninfoOption *
2206PQconndefaults(void)
2207{
2208 PQExpBufferData errorBuf;
2209 PQconninfoOption *connOptions;
2210
2211 /* We don't actually report any errors here, but callees want a buffer */
2212 initPQExpBuffer(&errorBuf);
2213 if (PQExpBufferDataBroken(errorBuf))
2214 return NULL; /* out of memory already :-( */
2215
2216 connOptions = conninfo_init(&errorBuf);
2217 if (connOptions != NULL)
2218 {
2219 /* pass NULL errorBuf to ignore errors */
2220 if (!conninfo_add_defaults(connOptions, NULL))
2221 {
2222 PQconninfoFree(connOptions);
2223 connOptions = NULL;
2224 }
2225 }
2226
2227 termPQExpBuffer(&errorBuf);
2228 return connOptions;
2229}
2230
2231/* ----------------
2232 * PQsetdbLogin
2233 *
2234 * establishes a connection to a postgres backend through the postmaster
2235 * at the specified host and port.
2236 *
2237 * returns a PGconn* which is needed for all subsequent libpq calls
2238 *
2239 * if the status field of the connection returned is CONNECTION_BAD,
2240 * then only the errorMessage is likely to be useful.
2241 * ----------------
2242 */
2243PGconn *
2244PQsetdbLogin(const char *pghost, const char *pgport, const char *pgoptions,
2245 const char *pgtty, const char *dbName, const char *login,
2246 const char *pwd)
2247{
2248 PGconn *conn;
2249
2250 /*
2251 * Allocate memory for the conn structure. Note that we also expect this
2252 * to initialize conn->errorMessage to empty. All subsequent steps during
2253 * connection initialization will only append to that buffer.
2254 */
2255 conn = pqMakeEmptyPGconn();
2256 if (conn == NULL)
2257 return NULL;
2258
2259 /*
2260 * If the dbName parameter contains what looks like a connection string,
2261 * parse it into conn struct using connectOptions1.
2262 */
2263 if (dbName && recognized_connection_string(dbName))
2264 {
2265 if (!connectOptions1(conn, dbName))
2266 return conn;
2267 }
2268 else
2269 {
2270 /*
2271 * Old-style path: first, parse an empty conninfo string in order to
2272 * set up the same defaults that PQconnectdb() would use.
2273 */
2274 if (!connectOptions1(conn, ""))
2275 return conn;
2276
2277 /* Insert dbName parameter value into struct */
2278 if (dbName && dbName[0] != '\0')
2279 {
2280 free(conn->dbName);
2281 conn->dbName = strdup(dbName);
2282 if (!conn->dbName)
2283 goto oom_error;
2284 }
2285 }
2286
2287 /*
2288 * Insert remaining parameters into struct, overriding defaults (as well
2289 * as any conflicting data from dbName taken as a conninfo).
2290 */
2291 if (pghost && pghost[0] != '\0')
2292 {
2293 free(conn->pghost);
2294 conn->pghost = strdup(pghost);
2295 if (!conn->pghost)
2296 goto oom_error;
2297 }
2298
2299 if (pgport && pgport[0] != '\0')
2300 {
2301 free(conn->pgport);
2302 conn->pgport = strdup(pgport);
2303 if (!conn->pgport)
2304 goto oom_error;
2305 }
2306
2307 if (pgoptions && pgoptions[0] != '\0')
2308 {
2309 free(conn->pgoptions);
2310 conn->pgoptions = strdup(pgoptions);
2311 if (!conn->pgoptions)
2312 goto oom_error;
2313 }
2314
2315 if (login && login[0] != '\0')
2316 {
2317 free(conn->pguser);
2318 conn->pguser = strdup(login);
2319 if (!conn->pguser)
2320 goto oom_error;
2321 }
2322
2323 if (pwd && pwd[0] != '\0')
2324 {
2325 free(conn->pgpass);
2326 conn->pgpass = strdup(pwd);
2327 if (!conn->pgpass)
2328 goto oom_error;
2329 }
2330
2331 /*
2332 * Compute derived options
2333 */
2334 if (!pqConnectOptions2(conn))
2335 return conn;
2336
2337 /*
2338 * Connect to the database
2339 */
2340 if (pqConnectDBStart(conn))
2341 (void) pqConnectDBComplete(conn);
2342
2343 return conn;
2344
2345oom_error:
2346 conn->status = CONNECTION_BAD;
2347 libpq_append_conn_error(conn, "out of memory");
2348 return conn;
2349}
2350
2351
2352/* ----------
2353 * connectNoDelay -
2354 * Sets the TCP_NODELAY socket option.
2355 * Returns 1 if successful, 0 if not.
2356 * ----------
2357 */
2358static int
2359connectNoDelay(PGconn *conn)
2360{
2361#ifdef TCP_NODELAY
2362 int on = 1;
2363
2364 if (setsockopt(conn->sock, IPPROTO_TCP, TCP_NODELAY,
2365 (char *) &on,
2366 sizeof(on)) < 0)
2367 {
2368 char sebuf[PG_STRERROR_R_BUFLEN];
2369
2370 libpq_append_conn_error(conn, "could not set socket to TCP no delay mode: %s",
2371 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
2372 return 0;
2373 }
2374#endif
2375
2376 return 1;
2377}
2378
2379/* ----------
2380 * Write currently connected IP address into host_addr (of len host_addr_len).
2381 * If unable to, set it to the empty string.
2382 * ----------
2383 */
2384static void
2385getHostaddr(PGconn *conn, char *host_addr, int host_addr_len)
2386{
2387 struct sockaddr_storage *addr = &conn->raddr.addr;
2388
2389 if (addr->ss_family == AF_INET)
2390 {
2391 if (pg_inet_net_ntop(AF_INET,
2392 &((struct sockaddr_in *) addr)->sin_addr.s_addr,
2393 32,
2394 host_addr, host_addr_len) == NULL)
2395 host_addr[0] = '\0';
2396 }
2397 else if (addr->ss_family == AF_INET6)
2398 {
2399 if (pg_inet_net_ntop(AF_INET6,
2400 &((struct sockaddr_in6 *) addr)->sin6_addr.s6_addr,
2401 128,
2402 host_addr, host_addr_len) == NULL)
2403 host_addr[0] = '\0';
2404 }
2405 else
2406 host_addr[0] = '\0';
2407}
2408
2409/*
2410 * emitHostIdentityInfo -
2411 * Speculatively append "connection to server so-and-so failed: " to
2412 * conn->errorMessage once we've identified the current connection target
2413 * address. This ensures that any subsequent error message will be properly
2414 * attributed to the server we couldn't connect to. conn->raddr must be
2415 * valid, and the result of getHostaddr() must be supplied.
2416 */
2417static void
2418emitHostIdentityInfo(PGconn *conn, const char *host_addr)
2419{
2420 if (conn->raddr.addr.ss_family == AF_UNIX)
2421 {
2422 char service[NI_MAXHOST];
2423
2424 pg_getnameinfo_all(&conn->raddr.addr, conn->raddr.salen,
2425 NULL, 0,
2426 service, sizeof(service),
2427 NI_NUMERICSERV);
2428 appendPQExpBuffer(&conn->errorMessage,
2429 libpq_gettext("connection to server on socket \"%s\" failed: "),
2430 service);
2431 }
2432 else
2433 {
2434 const char *displayed_host;
2435 const char *displayed_port;
2436
2437 /* To which host and port were we actually connecting? */
2438 if (conn->connhost[conn->whichhost].type == CHT_HOST_ADDRESS)
2439 displayed_host = conn->connhost[conn->whichhost].hostaddr;
2440 else
2441 displayed_host = conn->connhost[conn->whichhost].host;
2442 displayed_port = conn->connhost[conn->whichhost].port;
2443 if (displayed_port == NULL || displayed_port[0] == '\0')
2444 displayed_port = DEF_PGPORT_STR;
2445
2446 /*
2447 * If the user did not supply an IP address using 'hostaddr', and
2448 * 'host' was missing or does not match our lookup, display the
2449 * looked-up IP address.
2450 */
2451 if (conn->connhost[conn->whichhost].type != CHT_HOST_ADDRESS &&
2452 host_addr[0] &&
2453 strcmp(displayed_host, host_addr) != 0)
2454 appendPQExpBuffer(&conn->errorMessage,
2455 libpq_gettext("connection to server at \"%s\" (%s), port %s failed: "),
2456 displayed_host, host_addr,
2457 displayed_port);
2458 else
2459 appendPQExpBuffer(&conn->errorMessage,
2460 libpq_gettext("connection to server at \"%s\", port %s failed: "),
2461 displayed_host,
2462 displayed_port);
2463 }
2464}
2465
2466/* ----------
2467 * connectFailureMessage -
2468 * create a friendly error message on connection failure,
2469 * using the given errno value. Use this for error cases that
2470 * imply that there's no server there.
2471 * ----------
2472 */
2473static void
2474connectFailureMessage(PGconn *conn, int errorno)
2475{
2476 char sebuf[PG_STRERROR_R_BUFLEN];
2477
2478 appendPQExpBuffer(&conn->errorMessage,
2479 "%s\n",
2480 SOCK_STRERROR(errorno, sebuf, sizeof(sebuf)));
2481
2482 if (conn->raddr.addr.ss_family == AF_UNIX)
2483 libpq_append_conn_error(conn, "\tIs the server running locally and accepting connections on that socket?");
2484 else
2485 libpq_append_conn_error(conn, "\tIs the server running on that host and accepting TCP/IP connections?");
2486}
2487
2488/*
2489 * Should we use keepalives? Returns 1 if yes, 0 if no, and -1 if
2490 * conn->keepalives is set to a value which is not parseable as an
2491 * integer.
2492 */
2493static int
2494useKeepalives(PGconn *conn)
2495{
2496 int val;
2497
2498 if (conn->keepalives == NULL)
2499 return 1;
2500
2501 if (!pqParseIntParam(conn->keepalives, &val, conn, "keepalives"))
2502 return -1;
2503
2504 return val != 0 ? 1 : 0;
2505}
2506
2507#ifndef WIN32
2508/*
2509 * Set the keepalive idle timer.
2510 */
2511static int
2512setKeepalivesIdle(PGconn *conn)
2513{
2514 int idle;
2515
2516 if (conn->keepalives_idle == NULL)
2517 return 1;
2518
2519 if (!pqParseIntParam(conn->keepalives_idle, &idle, conn,
2520 "keepalives_idle"))
2521 return 0;
2522 if (idle < 0)
2523 idle = 0;
2524
2525#ifdef PG_TCP_KEEPALIVE_IDLE
2526 if (setsockopt(conn->sock, IPPROTO_TCP, PG_TCP_KEEPALIVE_IDLE,
2527 (char *) &idle, sizeof(idle)) < 0)
2528 {
2529 char sebuf[PG_STRERROR_R_BUFLEN];
2530
2531 libpq_append_conn_error(conn, "%s(%s) failed: %s",
2532 "setsockopt",
2533 PG_TCP_KEEPALIVE_IDLE_STR,
2534 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
2535 return 0;
2536 }
2537#endif
2538
2539 return 1;
2540}
2541
2542/*
2543 * Set the keepalive interval.
2544 */
2545static int
2546setKeepalivesInterval(PGconn *conn)
2547{
2548 int interval;
2549
2550 if (conn->keepalives_interval == NULL)
2551 return 1;
2552
2553 if (!pqParseIntParam(conn->keepalives_interval, &interval, conn,
2554 "keepalives_interval"))
2555 return 0;
2556 if (interval < 0)
2557 interval = 0;
2558
2559#ifdef TCP_KEEPINTVL
2560 if (setsockopt(conn->sock, IPPROTO_TCP, TCP_KEEPINTVL,
2561 (char *) &interval, sizeof(interval)) < 0)
2562 {
2563 char sebuf[PG_STRERROR_R_BUFLEN];
2564
2565 libpq_append_conn_error(conn, "%s(%s) failed: %s",
2566 "setsockopt",
2567 "TCP_KEEPINTVL",
2568 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
2569 return 0;
2570 }
2571#endif
2572
2573 return 1;
2574}
2575
2576/*
2577 * Set the count of lost keepalive packets that will trigger a connection
2578 * break.
2579 */
2580static int
2581setKeepalivesCount(PGconn *conn)
2582{
2583 int count;
2584
2585 if (conn->keepalives_count == NULL)
2586 return 1;
2587
2588 if (!pqParseIntParam(conn->keepalives_count, &count, conn,
2589 "keepalives_count"))
2590 return 0;
2591 if (count < 0)
2592 count = 0;
2593
2594#ifdef TCP_KEEPCNT
2595 if (setsockopt(conn->sock, IPPROTO_TCP, TCP_KEEPCNT,
2596 (char *) &count, sizeof(count)) < 0)
2597 {
2598 char sebuf[PG_STRERROR_R_BUFLEN];
2599
2600 libpq_append_conn_error(conn, "%s(%s) failed: %s",
2601 "setsockopt",
2602 "TCP_KEEPCNT",
2603 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
2604 return 0;
2605 }
2606#endif
2607
2608 return 1;
2609}
2610#else /* WIN32 */
2611#ifdef SIO_KEEPALIVE_VALS
2612/*
2613 * Enable keepalives and set the keepalive values on Win32,
2614 * where they are always set in one batch.
2615 *
2616 * CAUTION: This needs to be signal safe, since it's used by PQcancel.
2617 */
2618int
2619pqSetKeepalivesWin32(pgsocket sock, int idle, int interval)
2620{
2621 struct tcp_keepalive ka;
2622 DWORD retsize;
2623
2624 if (idle <= 0)
2625 idle = 2 * 60 * 60; /* 2 hours = default */
2626 if (interval <= 0)
2627 interval = 1; /* 1 second = default */
2628
2629 ka.onoff = 1;
2630 ka.keepalivetime = idle * 1000;
2631 ka.keepaliveinterval = interval * 1000;
2632
2633 if (WSAIoctl(sock,
2634 SIO_KEEPALIVE_VALS,
2635 (LPVOID) &ka,
2636 sizeof(ka),
2637 NULL,
2638 0,
2639 &retsize,
2640 NULL,
2641 NULL)
2642 != 0)
2643 return 0;
2644 return 1;
2645}
2646
2647static int
2648prepKeepalivesWin32(PGconn *conn)
2649{
2650 int idle = -1;
2651 int interval = -1;
2652
2653 if (conn->keepalives_idle &&
2654 !pqParseIntParam(conn->keepalives_idle, &idle, conn,
2655 "keepalives_idle"))
2656 return 0;
2657 if (conn->keepalives_interval &&
2658 !pqParseIntParam(conn->keepalives_interval, &interval, conn,
2659 "keepalives_interval"))
2660 return 0;
2661
2662 if (!pqSetKeepalivesWin32(conn->sock, idle, interval))
2663 {
2664 libpq_append_conn_error(conn, "%s(%s) failed: error code %d",
2665 "WSAIoctl", "SIO_KEEPALIVE_VALS",
2666 WSAGetLastError());
2667 return 0;
2668 }
2669 return 1;
2670}
2671#endif /* SIO_KEEPALIVE_VALS */
2672#endif /* WIN32 */
2673
2674/*
2675 * Set the TCP user timeout.
2676 */
2677static int
2678setTCPUserTimeout(PGconn *conn)
2679{
2680 int timeout;
2681
2682 if (conn->pgtcp_user_timeout == NULL)
2683 return 1;
2684
2685 if (!pqParseIntParam(conn->pgtcp_user_timeout, &timeout, conn,
2686 "tcp_user_timeout"))
2687 return 0;
2688
2689 if (timeout < 0)
2690 timeout = 0;
2691
2692#ifdef TCP_USER_TIMEOUT
2693 if (setsockopt(conn->sock, IPPROTO_TCP, TCP_USER_TIMEOUT,
2694 (char *) &timeout, sizeof(timeout)) < 0)
2695 {
2696 char sebuf[256];
2697
2698 libpq_append_conn_error(conn, "%s(%s) failed: %s",
2699 "setsockopt",
2700 "TCP_USER_TIMEOUT",
2701 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
2702 return 0;
2703 }
2704#endif
2705
2706 return 1;
2707}
2708
2709/* ----------
2710 * pqConnectDBStart -
2711 * Begin the process of making a connection to the backend.
2712 *
2713 * Returns 1 if successful, 0 if not.
2714 * ----------
2715 */
2716int
2717pqConnectDBStart(PGconn *conn)
2718{
2719 if (!conn)
2720 return 0;
2721
2722 if (!conn->options_valid)
2723 goto connect_errReturn;
2724
2725 /*
2726 * Check for bad linking to backend-internal versions of src/common
2727 * functions (see comments in link-canary.c for the reason we need this).
2728 * Nobody but developers should see this message, so we don't bother
2729 * translating it.
2730 */
2731 if (!pg_link_canary_is_frontend())
2732 {
2733 appendPQExpBufferStr(&conn->errorMessage,
2734 "libpq is incorrectly linked to backend functions\n");
2735 goto connect_errReturn;
2736 }
2737
2738 /* Ensure our buffers are empty */
2739 conn->inStart = conn->inCursor = conn->inEnd = 0;
2740 conn->outCount = 0;
2741
2742 /*
2743 * Set up to try to connect to the first host. (Setting whichhost = -1 is
2744 * a bit of a cheat, but PQconnectPoll will advance it to 0 before
2745 * anything else looks at it.)
2746 *
2747 * Cancel requests are special though, they should only try one host and
2748 * address, and these fields have already been set up in PQcancelCreate,
2749 * so leave these fields alone for cancel requests.
2750 */
2751 if (!conn->cancelRequest)
2752 {
2753 conn->whichhost = -1;
2754 conn->try_next_host = true;
2755 conn->try_next_addr = false;
2756 }
2757
2758 conn->status = CONNECTION_NEEDED;
2759
2760 /* Also reset the target_server_type state if needed */
2761 if (conn->target_server_type == SERVER_TYPE_PREFER_STANDBY_PASS2)
2762 conn->target_server_type = SERVER_TYPE_PREFER_STANDBY;
2763
2764 /*
2765 * The code for processing CONNECTION_NEEDED state is in PQconnectPoll(),
2766 * so that it can easily be re-executed if needed again during the
2767 * asynchronous startup process. However, we must run it once here,
2768 * because callers expect a success return from this routine to mean that
2769 * we are in PGRES_POLLING_WRITING connection state.
2770 */
2771 if (PQconnectPoll(conn) == PGRES_POLLING_WRITING)
2772 return 1;
2773
2774connect_errReturn:
2775
2776 /*
2777 * If we managed to open a socket, close it immediately rather than
2778 * waiting till PQfinish. (The application cannot have gotten the socket
2779 * from PQsocket yet, so this doesn't risk breaking anything.)
2780 */
2781 pqDropConnection(conn, true);
2782 conn->status = CONNECTION_BAD;
2783 return 0;
2784}
2785
2786
2787/*
2788 * pqConnectDBComplete
2789 *
2790 * Block and complete a connection.
2791 *
2792 * Returns 1 on success, 0 on failure.
2793 */
2794int
2795pqConnectDBComplete(PGconn *conn)
2796{
2797 PostgresPollingStatusType flag = PGRES_POLLING_WRITING;
2798 pg_usec_time_t end_time = -1;
2799 int timeout = 0;
2800 int last_whichhost = -2; /* certainly different from whichhost */
2801 int last_whichaddr = -2; /* certainly different from whichaddr */
2802
2803 if (conn == NULL || conn->status == CONNECTION_BAD)
2804 return 0;
2805
2806 /*
2807 * Set up a time limit, if connect_timeout is greater than zero.
2808 */
2809 if (conn->connect_timeout != NULL)
2810 {
2811 if (!pqParseIntParam(conn->connect_timeout, &timeout, conn,
2812 "connect_timeout"))
2813 {
2814 /* mark the connection as bad to report the parsing failure */
2815 conn->status = CONNECTION_BAD;
2816 return 0;
2817 }
2818 }
2819
2820 for (;;)
2821 {
2822 int ret = 0;
2823
2824 /*
2825 * (Re)start the connect_timeout timer if it's active and we are
2826 * considering a different host than we were last time through. If
2827 * we've already succeeded, though, needn't recalculate.
2828 */
2829 if (flag != PGRES_POLLING_OK &&
2830 timeout > 0 &&
2831 (conn->whichhost != last_whichhost ||
2832 conn->whichaddr != last_whichaddr))
2833 {
2834 end_time = PQgetCurrentTimeUSec() + (pg_usec_time_t) timeout * 1000000;
2835 last_whichhost = conn->whichhost;
2836 last_whichaddr = conn->whichaddr;
2837 }
2838
2839 /*
2840 * Wait, if necessary. Note that the initial state (just after
2841 * PQconnectStart) is to wait for the socket to select for writing.
2842 */
2843 switch (flag)
2844 {
2845 case PGRES_POLLING_OK:
2846 return 1; /* success! */
2847
2848 case PGRES_POLLING_READING:
2849 ret = pqWaitTimed(1, 0, conn, end_time);
2850 if (ret == -1)
2851 {
2852 /* hard failure, eg select() problem, aborts everything */
2853 conn->status = CONNECTION_BAD;
2854 return 0;
2855 }
2856 break;
2857
2858 case PGRES_POLLING_WRITING:
2859 ret = pqWaitTimed(0, 1, conn, end_time);
2860 if (ret == -1)
2861 {
2862 /* hard failure, eg select() problem, aborts everything */
2863 conn->status = CONNECTION_BAD;
2864 return 0;
2865 }
2866 break;
2867
2868 default:
2869 /* Just in case we failed to set it in PQconnectPoll */
2870 conn->status = CONNECTION_BAD;
2871 return 0;
2872 }
2873
2874 if (ret == 1) /* connect_timeout elapsed */
2875 {
2876 /*
2877 * Give up on current server/address, try the next one.
2878 */
2879 conn->try_next_addr = true;
2880 conn->status = CONNECTION_NEEDED;
2881 }
2882
2883 /*
2884 * Now try to advance the state machine.
2885 */
2886 if (conn->cancelRequest)
2887 flag = PQcancelPoll((PGcancelConn *) conn);
2888 else
2889 flag = PQconnectPoll(conn);
2890 }
2891}
2892
2893/* ----------------
2894 * PQconnectPoll
2895 *
2896 * Poll an asynchronous connection.
2897 *
2898 * Returns a PostgresPollingStatusType.
2899 * Before calling this function, use select(2) to determine when data
2900 * has arrived..
2901 *
2902 * You must call PQfinish whether or not this fails.
2903 *
2904 * This function and PQconnectStart are intended to allow connections to be
2905 * made without blocking the execution of your program on remote I/O. However,
2906 * there are a number of caveats:
2907 *
2908 * o If you call PQtrace, ensure that the stream object into which you trace
2909 * will not block.
2910 * o If you do not supply an IP address for the remote host (i.e. you
2911 * supply a host name instead) then PQconnectStart will block on
2912 * getaddrinfo. You will be fine if using Unix sockets (i.e. by
2913 * supplying neither a host name nor a host address).
2914 * o If your backend wants to use Kerberos authentication then you must
2915 * supply both a host name and a host address, otherwise this function
2916 * may block on gethostname.
2917 *
2918 * ----------------
2919 */
2920PostgresPollingStatusType
2921PQconnectPoll(PGconn *conn)
2922{
2923 bool reset_connection_state_machine = false;
2924 bool need_new_connection = false;
2925 PGresult *res;
2926 char sebuf[PG_STRERROR_R_BUFLEN];
2927 int optval;
2928
2929 if (conn == NULL)
2930 return PGRES_POLLING_FAILED;
2931
2932 /* Get the new data */
2933 switch (conn->status)
2934 {
2935 /*
2936 * We really shouldn't have been polled in these two cases, but we
2937 * can handle it.
2938 */
2939 case CONNECTION_BAD:
2940 return PGRES_POLLING_FAILED;
2941 case CONNECTION_OK:
2942 return PGRES_POLLING_OK;
2943
2944 /* These are reading states */
2945 case CONNECTION_AWAITING_RESPONSE:
2946 case CONNECTION_AUTH_OK:
2947 case CONNECTION_CHECK_WRITABLE:
2948 case CONNECTION_CONSUME:
2949 case CONNECTION_CHECK_STANDBY:
2950 {
2951 /* Load waiting data */
2952 int n = pqReadData(conn);
2953
2954 if (n < 0)
2955 goto error_return;
2956 if (n == 0)
2957 return PGRES_POLLING_READING;
2958
2959 break;
2960 }
2961
2962 /* These are writing states, so we just proceed. */
2963 case CONNECTION_STARTED:
2964 case CONNECTION_MADE:
2965 break;
2966
2967 /* Special cases: proceed without waiting. */
2968 case CONNECTION_SSL_STARTUP:
2969 case CONNECTION_NEEDED:
2970 case CONNECTION_GSS_STARTUP:
2971 case CONNECTION_CHECK_TARGET:
2972 case CONNECTION_AUTHENTICATING:
2973 break;
2974
2975 default:
2976 libpq_append_conn_error(conn, "invalid connection state, probably indicative of memory corruption");
2977 goto error_return;
2978 }
2979
2980
2981keep_going: /* We will come back to here until there is
2982 * nothing left to do. */
2983
2984 /* Time to advance to next address, or next host if no more addresses? */
2985 if (conn->try_next_addr)
2986 {
2987 if (conn->whichaddr < conn->naddr)
2988 {
2989 conn->whichaddr++;
2990 reset_connection_state_machine = true;
2991 }
2992 else
2993 conn->try_next_host = true;
2994 conn->try_next_addr = false;
2995 }
2996
2997 /* Time to advance to next connhost[] entry? */
2998 if (conn->try_next_host)
2999 {
3000 pg_conn_host *ch;
3001 struct addrinfo hint;
3002 struct addrinfo *addrlist;
3003 int thisport;
3004 int ret;
3005 char portstr[MAXPGPATH];
3006
3007 if (conn->whichhost + 1 < conn->nconnhost)
3008 conn->whichhost++;
3009 else
3010 {
3011 /*
3012 * Oops, no more hosts.
3013 *
3014 * If we are trying to connect in "prefer-standby" mode, then drop
3015 * the standby requirement and start over. Don't do this for
3016 * cancel requests though, since we are certain the list of
3017 * servers won't change as the target_server_type option is not
3018 * applicable to those connections.
3019 *
3020 * Otherwise, an appropriate error message is already set up, so
3021 * we just need to set the right status.
3022 */
3023 if (conn->target_server_type == SERVER_TYPE_PREFER_STANDBY &&
3024 conn->nconnhost > 0 &&
3025 !conn->cancelRequest)
3026 {
3027 conn->target_server_type = SERVER_TYPE_PREFER_STANDBY_PASS2;
3028 conn->whichhost = 0;
3029 }
3030 else
3031 goto error_return;
3032 }
3033
3034 /* Drop any address info for previous host */
3035 release_conn_addrinfo(conn);
3036
3037 /*
3038 * Look up info for the new host. On failure, log the problem in
3039 * conn->errorMessage, then loop around to try the next host. (Note
3040 * we don't clear try_next_host until we've succeeded.)
3041 */
3042 ch = &conn->connhost[conn->whichhost];
3043
3044 /* Initialize hint structure */
3045 MemSet(&hint, 0, sizeof(hint));
3046 hint.ai_socktype = SOCK_STREAM;
3047 hint.ai_family = AF_UNSPEC;
3048
3049 /* Figure out the port number we're going to use. */
3050 if (ch->port == NULL || ch->port[0] == '\0')
3051 thisport = DEF_PGPORT;
3052 else
3053 {
3054 if (!pqParseIntParam(ch->port, &thisport, conn, "port"))
3055 goto error_return;
3056
3057 if (thisport < 1 || thisport > 65535)
3058 {
3059 libpq_append_conn_error(conn, "invalid port number: \"%s\"", ch->port);
3060 goto keep_going;
3061 }
3062 }
3063 snprintf(portstr, sizeof(portstr), "%d", thisport);
3064
3065 /* Use pg_getaddrinfo_all() to resolve the address */
3066 switch (ch->type)
3067 {
3068 case CHT_HOST_NAME:
3069 ret = pg_getaddrinfo_all(ch->host, portstr, &hint,
3070 &addrlist);
3071 if (ret || !addrlist)
3072 {
3073 libpq_append_conn_error(conn, "could not translate host name \"%s\" to address: %s",
3074 ch->host, gai_strerror(ret));
3075 goto keep_going;
3076 }
3077 break;
3078
3079 case CHT_HOST_ADDRESS:
3080 hint.ai_flags = AI_NUMERICHOST;
3081 ret = pg_getaddrinfo_all(ch->hostaddr, portstr, &hint,
3082 &addrlist);
3083 if (ret || !addrlist)
3084 {
3085 libpq_append_conn_error(conn, "could not parse network address \"%s\": %s",
3086 ch->hostaddr, gai_strerror(ret));
3087 goto keep_going;
3088 }
3089 break;
3090
3091 case CHT_UNIX_SOCKET:
3092 hint.ai_family = AF_UNIX;
3093 UNIXSOCK_PATH(portstr, thisport, ch->host);
3094 if (strlen(portstr) >= UNIXSOCK_PATH_BUFLEN)
3095 {
3096 libpq_append_conn_error(conn, "Unix-domain socket path \"%s\" is too long (maximum %zu bytes)",
3097 portstr,
3098 (UNIXSOCK_PATH_BUFLEN - 1));
3099 goto keep_going;
3100 }
3101
3102 /*
3103 * NULL hostname tells pg_getaddrinfo_all to parse the service
3104 * name as a Unix-domain socket path.
3105 */
3106 ret = pg_getaddrinfo_all(NULL, portstr, &hint,
3107 &addrlist);
3108 if (ret || !addrlist)
3109 {
3110 libpq_append_conn_error(conn, "could not translate Unix-domain socket path \"%s\" to address: %s",
3111 portstr, gai_strerror(ret));
3112 goto keep_going;
3113 }
3114 break;
3115 }
3116
3117 /*
3118 * Store a copy of the addrlist in private memory so we can perform
3119 * randomization for load balancing.
3120 */
3121 ret = store_conn_addrinfo(conn, addrlist);
3122 pg_freeaddrinfo_all(hint.ai_family, addrlist);
3123 if (ret)
3124 goto error_return; /* message already logged */
3125
3126 /*
3127 * If random load balancing is enabled we shuffle the addresses.
3128 */
3129 if (conn->load_balance_type == LOAD_BALANCE_RANDOM)
3130 {
3131 /*
3132 * This is the "inside-out" variant of the Fisher-Yates shuffle
3133 * algorithm. Notionally, we append each new value to the array
3134 * and then swap it with a randomly-chosen array element (possibly
3135 * including itself, else we fail to generate permutations with
3136 * the last integer last). The swap step can be optimized by
3137 * combining it with the insertion.
3138 *
3139 * We don't need to initialize conn->prng_state here, because that
3140 * already happened in pqConnectOptions2.
3141 */
3142 for (int i = 1; i < conn->naddr; i++)
3143 {
3144 int j = pg_prng_uint64_range(&conn->prng_state, 0, i);
3145 AddrInfo temp = conn->addr[j];
3146
3147 conn->addr[j] = conn->addr[i];
3148 conn->addr[i] = temp;
3149 }
3150 }
3151
3152 reset_connection_state_machine = true;
3153 conn->try_next_host = false;
3154 }
3155
3156 /* Reset connection state machine? */
3157 if (reset_connection_state_machine)
3158 {
3159 /*
3160 * (Re) initialize our connection control variables for a set of
3161 * connection attempts to a single server address. These variables
3162 * must persist across individual connection attempts, but we must
3163 * reset them when we start to consider a new server.
3164 */
3165 conn->pversion = conn->max_pversion;
3166 conn->send_appname = true;
3167 conn->failed_enc_methods = 0;
3168 conn->current_enc_method = 0;
3169 conn->allowed_enc_methods = 0;
3170 reset_connection_state_machine = false;
3171 need_new_connection = true;
3172 }
3173
3174 /* Force a new connection (perhaps to the same server as before)? */
3175 if (need_new_connection)
3176 {
3177 /* Drop any existing connection */
3178 pqDropConnection(conn, true);
3179
3180 /* Reset all state obtained from old server */
3181 pqDropServerData(conn);
3182
3183 /* Drop any PGresult we might have, too */
3184 conn->asyncStatus = PGASYNC_IDLE;
3185 conn->xactStatus = PQTRANS_IDLE;
3186 conn->pipelineStatus = PQ_PIPELINE_OFF;
3187 pqClearAsyncResult(conn);
3188
3189 /* Reset conn->status to put the state machine in the right state */
3190 conn->status = CONNECTION_NEEDED;
3191
3192 need_new_connection = false;
3193 }
3194
3195 /*
3196 * Decide what to do next, if server rejects SSL or GSS negotiation, but
3197 * the connection is still valid. If there are no options left, error out
3198 * with 'msg'.
3199 */
3200#define ENCRYPTION_NEGOTIATION_FAILED(msg) \
3201 do { \
3202 switch (encryption_negotiation_failed(conn)) \
3203 { \
3204 case 0: \
3205 libpq_append_conn_error(conn, (msg)); \
3206 goto error_return; \
3207 case 1: \
3208 conn->status = CONNECTION_MADE; \
3209 return PGRES_POLLING_WRITING; \
3210 case 2: \
3211 need_new_connection = true; \
3212 goto keep_going; \
3213 } \
3214 } while(0);
3215
3216 /*
3217 * Decide what to do next, if connection fails. If there are no options
3218 * left, return with an error. The error message has already been written
3219 * to the connection's error buffer.
3220 */
3221#define CONNECTION_FAILED() \
3222 do { \
3223 if (connection_failed(conn)) \
3224 { \
3225 need_new_connection = true; \
3226 goto keep_going; \
3227 } \
3228 else \
3229 goto error_return; \
3230 } while(0);
3231
3232 /* Now try to advance the state machine for this connection */
3233 switch (conn->status)
3234 {
3235 case CONNECTION_NEEDED:
3236 {
3237 /*
3238 * Try to initiate a connection to one of the addresses
3239 * returned by pg_getaddrinfo_all(). conn->whichaddr is the
3240 * next one to try.
3241 *
3242 * The extra level of braces here is historical. It's not
3243 * worth reindenting this whole switch case to remove 'em.
3244 */
3245 {
3246 char host_addr[NI_MAXHOST];
3247 int sock_type;
3248 AddrInfo *addr_cur;
3249
3250 /*
3251 * Advance to next possible host, if we've tried all of
3252 * the addresses for the current host.
3253 */
3254 if (conn->whichaddr == conn->naddr)
3255 {
3256 conn->try_next_host = true;
3257 goto keep_going;
3258 }
3259 addr_cur = &conn->addr[conn->whichaddr];
3260
3261 /* Remember current address for possible use later */
3262 memcpy(&conn->raddr, &addr_cur->addr, sizeof(SockAddr));
3263
3264#ifdef ENABLE_GSS
3265
3266 /*
3267 * Before establishing the connection, check if it's
3268 * doomed to fail because gssencmode='require' but GSSAPI
3269 * is not available.
3270 */
3271 if (conn->gssencmode[0] == 'r')
3272 {
3273 if (conn->raddr.addr.ss_family == AF_UNIX)
3274 {
3275 libpq_append_conn_error(conn,
3276 "GSSAPI encryption required but it is not supported over a local socket");
3277 goto error_return;
3278 }
3279 if (conn->gcred == GSS_C_NO_CREDENTIAL)
3280 {
3281 if (!pg_GSS_have_cred_cache(&conn->gcred))
3282 {
3283 libpq_append_conn_error(conn,
3284 "GSSAPI encryption required but no credential cache");
3285 goto error_return;
3286 }
3287 }
3288 }
3289#endif
3290
3291 /*
3292 * Choose the encryption method to try first. Do this
3293 * before establishing the connection, so that if none of
3294 * the modes allowed by the connections options are
3295 * available, we can error out before establishing the
3296 * connection.
3297 */
3298 if (!init_allowed_encryption_methods(conn))
3299 goto error_return;
3300
3301 /*
3302 * Set connip, too. Note we purposely ignore strdup
3303 * failure; not a big problem if it fails.
3304 */
3305 if (conn->connip != NULL)
3306 {
3307 free(conn->connip);
3308 conn->connip = NULL;
3309 }
3310 getHostaddr(conn, host_addr, NI_MAXHOST);
3311 if (host_addr[0])
3312 conn->connip = strdup(host_addr);
3313
3314 /* Try to create the socket */
3315 sock_type = SOCK_STREAM;
3316#ifdef SOCK_CLOEXEC
3317
3318 /*
3319 * Atomically mark close-on-exec, if possible on this
3320 * platform, so that there isn't a window where a
3321 * subprogram executed by another thread inherits the
3322 * socket. See fallback code below.
3323 */
3324 sock_type |= SOCK_CLOEXEC;
3325#endif
3326#ifdef SOCK_NONBLOCK
3327
3328 /*
3329 * We might as well skip a system call for nonblocking
3330 * mode too, if we can.
3331 */
3332 sock_type |= SOCK_NONBLOCK;
3333#endif
3334 conn->sock = socket(addr_cur->family, sock_type, 0);
3335 if (conn->sock == PGINVALID_SOCKET)
3336 {
3337 int errorno = SOCK_ERRNO;
3338
3339 /*
3340 * Silently ignore socket() failure if we have more
3341 * addresses to try; this reduces useless chatter in
3342 * cases where the address list includes both IPv4 and
3343 * IPv6 but kernel only accepts one family.
3344 */
3345 if (conn->whichaddr < conn->naddr ||
3346 conn->whichhost + 1 < conn->nconnhost)
3347 {
3348 conn->try_next_addr = true;
3349 goto keep_going;
3350 }
3351 emitHostIdentityInfo(conn, host_addr);
3352 libpq_append_conn_error(conn, "could not create socket: %s",
3353 SOCK_STRERROR(errorno, sebuf, sizeof(sebuf)));
3354 goto error_return;
3355 }
3356
3357 /*
3358 * Once we've identified a target address, all errors
3359 * except the preceding socket()-failure case should be
3360 * prefixed with host-identity information. (If the
3361 * connection succeeds, the contents of conn->errorMessage
3362 * won't matter, so this is harmless.)
3363 */
3364 emitHostIdentityInfo(conn, host_addr);
3365
3366 /*
3367 * Select socket options: no delay of outgoing data for
3368 * TCP sockets, nonblock mode, close-on-exec. Try the
3369 * next address if any of this fails.
3370 */
3371 if (addr_cur->family != AF_UNIX)
3372 {
3373 if (!connectNoDelay(conn))
3374 {
3375 /* error message already created */
3376 conn->try_next_addr = true;
3377 goto keep_going;
3378 }
3379 }
3380#ifndef SOCK_NONBLOCK
3381 if (!pg_set_noblock(conn->sock))
3382 {
3383 libpq_append_conn_error(conn, "could not set socket to nonblocking mode: %s",
3384 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3385 conn->try_next_addr = true;
3386 goto keep_going;
3387 }
3388#endif
3389
3390#ifndef SOCK_CLOEXEC
3391#ifdef F_SETFD
3392 if (fcntl(conn->sock, F_SETFD, FD_CLOEXEC) == -1)
3393 {
3394 libpq_append_conn_error(conn, "could not set socket to close-on-exec mode: %s",
3395 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3396 conn->try_next_addr = true;
3397 goto keep_going;
3398 }
3399#endif /* F_SETFD */
3400#endif
3401
3402 if (addr_cur->family != AF_UNIX)
3403 {
3404#ifndef WIN32
3405 int on = 1;
3406#endif
3407 int usekeepalives = useKeepalives(conn);
3408 int err = 0;
3409
3410 if (usekeepalives < 0)
3411 {
3412 /* error is already reported */
3413 err = 1;
3414 }
3415 else if (usekeepalives == 0)
3416 {
3417 /* Do nothing */
3418 }
3419#ifndef WIN32
3420 else if (setsockopt(conn->sock,
3421 SOL_SOCKET, SO_KEEPALIVE,
3422 (char *) &on, sizeof(on)) < 0)
3423 {
3424 libpq_append_conn_error(conn, "%s(%s) failed: %s",
3425 "setsockopt",
3426 "SO_KEEPALIVE",
3427 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3428 err = 1;
3429 }
3430 else if (!setKeepalivesIdle(conn)
3431 || !setKeepalivesInterval(conn)
3432 || !setKeepalivesCount(conn))
3433 err = 1;
3434#else /* WIN32 */
3435#ifdef SIO_KEEPALIVE_VALS
3436 else if (!prepKeepalivesWin32(conn))
3437 err = 1;
3438#endif /* SIO_KEEPALIVE_VALS */
3439#endif /* WIN32 */
3440 else if (!setTCPUserTimeout(conn))
3441 err = 1;
3442
3443 if (err)
3444 {
3445 conn->try_next_addr = true;
3446 goto keep_going;
3447 }
3448 }
3449
3450 /*----------
3451 * We have three methods of blocking SIGPIPE during
3452 * send() calls to this socket:
3453 *
3454 * - setsockopt(sock, SO_NOSIGPIPE)
3455 * - send(sock, ..., MSG_NOSIGNAL)
3456 * - setting the signal mask to SIG_IGN during send()
3457 *
3458 * The third method requires three syscalls per send,
3459 * so we prefer either of the first two, but they are
3460 * less portable. The state is tracked in the following
3461 * members of PGconn:
3462 *
3463 * conn->sigpipe_so - we have set up SO_NOSIGPIPE
3464 * conn->sigpipe_flag - we're specifying MSG_NOSIGNAL
3465 *
3466 * If we can use SO_NOSIGPIPE, then set sigpipe_so here
3467 * and we're done. Otherwise, set sigpipe_flag so that
3468 * we will try MSG_NOSIGNAL on sends. If we get an error
3469 * with MSG_NOSIGNAL, we'll clear that flag and revert to
3470 * signal masking.
3471 *----------
3472 */
3473 conn->sigpipe_so = false;
3474#ifdef MSG_NOSIGNAL
3475 conn->sigpipe_flag = true;
3476#else
3477 conn->sigpipe_flag = false;
3478#endif /* MSG_NOSIGNAL */
3479
3480#ifdef SO_NOSIGPIPE
3481 optval = 1;
3482 if (setsockopt(conn->sock, SOL_SOCKET, SO_NOSIGPIPE,
3483 (char *) &optval, sizeof(optval)) == 0)
3484 {
3485 conn->sigpipe_so = true;
3486 conn->sigpipe_flag = false;
3487 }
3488#endif /* SO_NOSIGPIPE */
3489
3490 /*
3491 * Start/make connection. This should not block, since we
3492 * are in nonblock mode. If it does, well, too bad.
3493 */
3494 if (connect(conn->sock, (struct sockaddr *) &addr_cur->addr.addr,
3495 addr_cur->addr.salen) < 0)
3496 {
3497 if (SOCK_ERRNO == EINPROGRESS ||
3498#ifdef WIN32
3499 SOCK_ERRNO == EWOULDBLOCK ||
3500#endif
3501 SOCK_ERRNO == EINTR)
3502 {
3503 /*
3504 * This is fine - we're in non-blocking mode, and
3505 * the connection is in progress. Tell caller to
3506 * wait for write-ready on socket.
3507 */
3508 conn->status = CONNECTION_STARTED;
3509 return PGRES_POLLING_WRITING;
3510 }
3511 /* otherwise, trouble */
3512 }
3513 else
3514 {
3515 /*
3516 * Hm, we're connected already --- seems the "nonblock
3517 * connection" wasn't. Advance the state machine and
3518 * go do the next stuff.
3519 */
3520 conn->status = CONNECTION_STARTED;
3521 goto keep_going;
3522 }
3523
3524 /*
3525 * This connection failed. Add the error report to
3526 * conn->errorMessage, then try the next address if any.
3527 */
3528 connectFailureMessage(conn, SOCK_ERRNO);
3529 conn->try_next_addr = true;
3530 goto keep_going;
3531 }
3532 }
3533
3534 case CONNECTION_STARTED:
3535 {
3536 socklen_t optlen = sizeof(optval);
3537
3538 /*
3539 * Write ready, since we've made it here, so the connection
3540 * has been made ... or has failed.
3541 */
3542
3543 /*
3544 * Now check (using getsockopt) that there is not an error
3545 * state waiting for us on the socket.
3546 */
3547
3548 if (getsockopt(conn->sock, SOL_SOCKET, SO_ERROR,
3549 (char *) &optval, &optlen) == -1)
3550 {
3551 libpq_append_conn_error(conn, "could not get socket error status: %s",
3552 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3553 goto error_return;
3554 }
3555 else if (optval != 0)
3556 {
3557 /*
3558 * When using a nonblocking connect, we will typically see
3559 * connect failures at this point, so provide a friendly
3560 * error message.
3561 */
3562 connectFailureMessage(conn, optval);
3563
3564 /*
3565 * Try the next address if any, just as in the case where
3566 * connect() returned failure immediately.
3567 */
3568 conn->try_next_addr = true;
3569 goto keep_going;
3570 }
3571
3572 /* Fill in the client address */
3573 conn->laddr.salen = sizeof(conn->laddr.addr);
3574 if (getsockname(conn->sock,
3575 (struct sockaddr *) &conn->laddr.addr,
3576 &conn->laddr.salen) < 0)
3577 {
3578 libpq_append_conn_error(conn, "could not get client address from socket: %s",
3579 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3580 goto error_return;
3581 }
3582
3583 /*
3584 * Implement requirepeer check, if requested and it's a
3585 * Unix-domain socket.
3586 */
3587 if (conn->requirepeer && conn->requirepeer[0] &&
3588 conn->raddr.addr.ss_family == AF_UNIX)
3589 {
3590#ifndef WIN32
3591 char *remote_username;
3592#endif
3593 uid_t uid;
3594 gid_t gid;
3595
3596 errno = 0;
3597 if (getpeereid(conn->sock, &uid, &gid) != 0)
3598 {
3599 /*
3600 * Provide special error message if getpeereid is a
3601 * stub
3602 */
3603 if (errno == ENOSYS)
3604 libpq_append_conn_error(conn, "requirepeer parameter is not supported on this platform");
3605 else
3606 libpq_append_conn_error(conn, "could not get peer credentials: %s",
3607 strerror_r(errno, sebuf, sizeof(sebuf)));
3608 goto error_return;
3609 }
3610
3611#ifndef WIN32
3612 remote_username = pg_fe_getusername(uid,
3613 &conn->errorMessage);
3614 if (remote_username == NULL)
3615 goto error_return; /* message already logged */
3616
3617 if (strcmp(remote_username, conn->requirepeer) != 0)
3618 {
3619 libpq_append_conn_error(conn, "requirepeer specifies \"%s\", but actual peer user name is \"%s\"",
3620 conn->requirepeer, remote_username);
3621 free(remote_username);
3622 goto error_return;
3623 }
3624 free(remote_username);
3625#else /* WIN32 */
3626 /* should have failed with ENOSYS above */
3627 Assert(false);
3628#endif /* WIN32 */
3629 }
3630
3631 /*
3632 * Make sure we can write before advancing to next step.
3633 */
3634 conn->status = CONNECTION_MADE;
3635 return PGRES_POLLING_WRITING;
3636 }
3637
3638 case CONNECTION_MADE:
3639 {
3640 char *startpacket;
3641 int packetlen;
3642
3643#ifdef ENABLE_GSS
3644
3645 /*
3646 * If GSSAPI encryption is enabled, send a packet to the
3647 * server asking for GSSAPI Encryption and proceed with GSSAPI
3648 * handshake. We will come back here after GSSAPI encryption
3649 * has been established, with conn->gctx set.
3650 */
3651 if (conn->current_enc_method == ENC_GSSAPI && !conn->gctx)
3652 {
3653 ProtocolVersion pv = pg_hton32(NEGOTIATE_GSS_CODE);
3654
3655 if (pqPacketSend(conn, 0, &pv, sizeof(pv)) != STATUS_OK)
3656 {
3657 libpq_append_conn_error(conn, "could not send GSSAPI negotiation packet: %s",
3658 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3659 goto error_return;
3660 }
3661
3662 /* Ok, wait for response */
3663 conn->status = CONNECTION_GSS_STARTUP;
3664 return PGRES_POLLING_READING;
3665 }
3666#endif
3667
3668#ifdef USE_SSL
3669
3670 /*
3671 * If SSL is enabled, start the SSL negotiation. We will come
3672 * back here after SSL encryption has been established, with
3673 * ssl_in_use set.
3674 */
3675 if (conn->current_enc_method == ENC_SSL && !conn->ssl_in_use)
3676 {
3677 /*
3678 * If traditional postgres SSL negotiation is used, send
3679 * the SSL request. In direct negotiation, jump straight
3680 * into the SSL handshake.
3681 */
3682 if (conn->sslnegotiation[0] == 'p')
3683 {
3684 ProtocolVersion pv;
3685
3686 /*
3687 * Send the SSL request packet.
3688 *
3689 * Theoretically, this could block, but it really
3690 * shouldn't since we only got here if the socket is
3691 * write-ready.
3692 */
3693 pv = pg_hton32(NEGOTIATE_SSL_CODE);
3694 if (pqPacketSend(conn, 0, &pv, sizeof(pv)) != STATUS_OK)
3695 {
3696 libpq_append_conn_error(conn, "could not send SSL negotiation packet: %s",
3697 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3698 goto error_return;
3699 }
3700 /* Ok, wait for response */
3701 conn->status = CONNECTION_SSL_STARTUP;
3702 return PGRES_POLLING_READING;
3703 }
3704 else
3705 {
3706 Assert(conn->sslnegotiation[0] == 'd');
3707 conn->status = CONNECTION_SSL_STARTUP;
3708 return PGRES_POLLING_WRITING;
3709 }
3710 }
3711#endif /* USE_SSL */
3712
3713 /*
3714 * For cancel requests this is as far as we need to go in the
3715 * connection establishment. Now we can actually send our
3716 * cancellation request.
3717 */
3718 if (conn->cancelRequest)
3719 {
3720 if (PQsendCancelRequest(conn) != STATUS_OK)
3721 {
3722 libpq_append_conn_error(conn, "could not send cancel packet: %s",
3723 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3724 goto error_return;
3725 }
3726 conn->status = CONNECTION_AWAITING_RESPONSE;
3727 return PGRES_POLLING_READING;
3728 }
3729
3730 /*
3731 * We have now established encryption, or we are happy to
3732 * proceed without.
3733 */
3734
3735 /* Build the startup packet. */
3736 startpacket = pqBuildStartupPacket3(conn, &packetlen,
3737 EnvironmentOptions);
3738 if (!startpacket)
3739 {
3740 libpq_append_conn_error(conn, "out of memory");
3741 goto error_return;
3742 }
3743
3744 /*
3745 * Send the startup packet.
3746 *
3747 * Theoretically, this could block, but it really shouldn't
3748 * since we only got here if the socket is write-ready.
3749 */
3750 if (pqPacketSend(conn, 0, startpacket, packetlen) != STATUS_OK)
3751 {
3752 libpq_append_conn_error(conn, "could not send startup packet: %s",
3753 SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
3754 free(startpacket);
3755 goto error_return;
3756 }
3757
3758 free(startpacket);
3759
3760 conn->status = CONNECTION_AWAITING_RESPONSE;
3761 return PGRES_POLLING_READING;
3762 }
3763
3764 /*
3765 * Handle SSL negotiation: wait for postmaster messages and
3766 * respond as necessary.
3767 */
3768 case CONNECTION_SSL_STARTUP:
3769 {
3770#ifdef USE_SSL
3771 PostgresPollingStatusType pollres;
3772
3773 /*
3774 * On first time through with traditional SSL negotiation, get
3775 * the postmaster's response to our SSLRequest packet. With
3776 * sslnegotiation='direct', go straight to initiating SSL.
3777 */
3778 if (!conn->ssl_in_use && conn->sslnegotiation[0] == 'p')
3779 {
3780 /*
3781 * We use pqReadData here since it has the logic to
3782 * distinguish no-data-yet from connection closure. Since
3783 * conn->ssl isn't set, a plain recv() will occur.
3784 */
3785 char SSLok;
3786 int rdresult;
3787
3788 rdresult = pqReadData(conn);
3789 if (rdresult < 0)
3790 {
3791 /* errorMessage is already filled in */
3792 goto error_return;
3793 }
3794 if (rdresult == 0)
3795 {
3796 /* caller failed to wait for data */
3797 return PGRES_POLLING_READING;
3798 }
3799 if (pqGetc(&SSLok, conn) < 0)
3800 {
3801 /* should not happen really */
3802 return PGRES_POLLING_READING;
3803 }
3804 if (SSLok == 'S')
3805 {
3806 if (conn->Pfdebug)
3807 pqTraceOutputCharResponse(conn, "SSLResponse",
3808 SSLok);
3809 /* mark byte consumed */
3810 conn->inStart = conn->inCursor;
3811 }
3812 else if (SSLok == 'N')
3813 {
3814 if (conn->Pfdebug)
3815 pqTraceOutputCharResponse(conn, "SSLResponse",
3816 SSLok);
3817 /* mark byte consumed */
3818 conn->inStart = conn->inCursor;
3819
3820 /*
3821 * The connection is still valid, so if it's OK to
3822 * continue without SSL, we can proceed using this
3823 * connection. Otherwise return with an error.
3824 */
3825 ENCRYPTION_NEGOTIATION_FAILED(libpq_gettext("server does not support SSL, but SSL was required"));
3826 }
3827 else if (SSLok == 'E')
3828 {
3829 /*
3830 * Server failure of some sort, such as failure to
3831 * fork a backend process. Don't bother retrieving
3832 * the error message; we should not trust it as the
3833 * server has not been authenticated yet.
3834 */
3835 libpq_append_conn_error(conn, "server sent an error response during SSL exchange");
3836 goto error_return;
3837 }
3838 else
3839 {
3840 libpq_append_conn_error(conn, "received invalid response to SSL negotiation: %c",
3841 SSLok);
3842 goto error_return;
3843 }
3844 }
3845
3846 /*
3847 * Begin or continue the SSL negotiation process.
3848 */
3849 pollres = pqsecure_open_client(conn);
3850 if (pollres == PGRES_POLLING_OK)
3851 {
3852 /*
3853 * At this point we should have no data already buffered.
3854 * If we do, it was received before we performed the SSL
3855 * handshake, so it wasn't encrypted and indeed may have
3856 * been injected by a man-in-the-middle.
3857 */
3858 if (conn->inCursor != conn->inEnd)
3859 {
3860 libpq_append_conn_error(conn, "received unencrypted data after SSL response");
3861 goto error_return;
3862 }
3863
3864 /* SSL handshake done, ready to send startup packet */
3865 conn->status = CONNECTION_MADE;
3866 return PGRES_POLLING_WRITING;
3867 }
3868 if (pollres == PGRES_POLLING_FAILED)
3869 {
3870 /*
3871 * SSL handshake failed. We will retry with a plaintext
3872 * connection, if permitted by sslmode.
3873 */
3874 CONNECTION_FAILED();
3875 }
3876 /* Else, return POLLING_READING or POLLING_WRITING status */
3877 return pollres;
3878#else /* !USE_SSL */
3879 /* can't get here */
3880 goto error_return;
3881#endif /* USE_SSL */
3882 }
3883
3884 case CONNECTION_GSS_STARTUP:
3885 {
3886#ifdef ENABLE_GSS
3887 PostgresPollingStatusType pollres;
3888
3889 /*
3890 * If we haven't yet, get the postmaster's response to our
3891 * negotiation packet
3892 */
3893 if (!conn->gctx)
3894 {
3895 char gss_ok;
3896 int rdresult = pqReadData(conn);
3897
3898 if (rdresult < 0)
3899 /* pqReadData fills in error message */
3900 goto error_return;
3901 else if (rdresult == 0)
3902 /* caller failed to wait for data */
3903 return PGRES_POLLING_READING;
3904 if (pqGetc(&gss_ok, conn) < 0)
3905 /* shouldn't happen... */
3906 return PGRES_POLLING_READING;
3907
3908 if (gss_ok == 'E')
3909 {
3910 /*
3911 * Server failure of some sort, possibly protocol
3912 * version support failure. Don't bother retrieving
3913 * the error message; we should not trust it anyway as
3914 * the server has not authenticated yet.
3915 *
3916 * Note that unlike on an error response to
3917 * SSLRequest, we allow falling back to SSL or
3918 * plaintext connection here. GSS support was
3919 * introduced in PostgreSQL version 12, so an error
3920 * response might mean that we are connecting to a
3921 * pre-v12 server.
3922 */
3923 libpq_append_conn_error(conn, "server sent an error response during GSS encryption exchange");
3924 CONNECTION_FAILED();
3925 }
3926
3927 /* mark byte consumed */
3928 conn->inStart = conn->inCursor;
3929
3930 if (gss_ok == 'N')
3931 {
3932 if (conn->Pfdebug)
3933 pqTraceOutputCharResponse(conn, "GSSENCResponse",
3934 gss_ok);
3935
3936 /*
3937 * The connection is still valid, so if it's OK to
3938 * continue without GSS, we can proceed using this
3939 * connection. Otherwise return with an error.
3940 */
3941 ENCRYPTION_NEGOTIATION_FAILED(libpq_gettext("server doesn't support GSSAPI encryption, but it was required"));
3942 }
3943 else if (gss_ok != 'G')
3944 {
3945 libpq_append_conn_error(conn, "received invalid response to GSSAPI negotiation: %c",
3946 gss_ok);
3947 goto error_return;
3948 }
3949
3950 if (conn->Pfdebug)
3951 pqTraceOutputCharResponse(conn, "GSSENCResponse",
3952 gss_ok);
3953 }
3954
3955 /* Begin or continue GSSAPI negotiation */
3956 pollres = pqsecure_open_gss(conn);
3957 if (pollres == PGRES_POLLING_OK)
3958 {
3959 /*
3960 * At this point we should have no data already buffered.
3961 * If we do, it was received before we performed the GSS
3962 * handshake, so it wasn't encrypted and indeed may have
3963 * been injected by a man-in-the-middle.
3964 */
3965 if (conn->inCursor != conn->inEnd)
3966 {
3967 libpq_append_conn_error(conn, "received unencrypted data after GSSAPI encryption response");
3968 goto error_return;
3969 }
3970
3971 /* All set for startup packet */
3972 conn->status = CONNECTION_MADE;
3973 return PGRES_POLLING_WRITING;
3974 }
3975 else if (pollres == PGRES_POLLING_FAILED)
3976 {
3977 /*
3978 * GSS handshake failed. We will retry with an SSL or
3979 * plaintext connection, if permitted by the options.
3980 */
3981 CONNECTION_FAILED();
3982 }
3983 /* Else, return POLLING_READING or POLLING_WRITING status */
3984 return pollres;
3985#else /* !ENABLE_GSS */
3986 /* unreachable */
3987 goto error_return;
3988#endif /* ENABLE_GSS */
3989 }
3990
3991 /*
3992 * Handle authentication exchange: wait for postmaster messages
3993 * and respond as necessary.
3994 */
3995 case CONNECTION_AWAITING_RESPONSE:
3996 {
3997 char beresp;
3998 int msgLength;
3999 int avail;
4000 AuthRequest areq;
4001 int res;
4002 bool async;
4003
4004 /*
4005 * Scan the message from current point (note that if we find
4006 * the message is incomplete, we will return without advancing
4007 * inStart, and resume here next time).
4008 */
4009 conn->inCursor = conn->inStart;
4010
4011 /* Read type byte */
4012 if (pqGetc(&beresp, conn))
4013 {
4014 /* We'll come back when there is more data */
4015 return PGRES_POLLING_READING;
4016 }
4017
4018 /*
4019 * Validate message type: we expect only an authentication
4020 * request, NegotiateProtocolVersion, or an error here.
4021 * Anything else probably means it's not Postgres on the other
4022 * end at all.
4023 */
4024 if (beresp != PqMsg_AuthenticationRequest &&
4025 beresp != PqMsg_ErrorResponse &&
4026 beresp != PqMsg_NegotiateProtocolVersion)
4027 {
4028 libpq_append_conn_error(conn, "expected authentication request from server, but received %c",
4029 beresp);
4030 goto error_return;
4031 }
4032
4033 /* Read message length word */
4034 if (pqGetInt(&msgLength, 4, conn))
4035 {
4036 /* We'll come back when there is more data */
4037 return PGRES_POLLING_READING;
4038 }
4039
4040 /*
4041 * Try to validate message length before using it.
4042 *
4043 * Authentication requests can't be very large, although GSS
4044 * auth requests may not be that small. Same for
4045 * NegotiateProtocolVersion.
4046 *
4047 * Errors can be a little larger, but not huge. If we see a
4048 * large apparent length in an error, it means we're really
4049 * talking to a pre-3.0-protocol server; cope. (Before
4050 * version 14, the server also used the old protocol for
4051 * errors that happened before processing the startup packet.)
4052 */
4053 if (beresp == PqMsg_AuthenticationRequest &&
4054 (msgLength < 8 || msgLength > 2000))
4055 {
4056 libpq_append_conn_error(conn, "received invalid authentication request");
4057 goto error_return;
4058 }
4059 if (beresp == PqMsg_NegotiateProtocolVersion &&
4060 (msgLength < 8 || msgLength > 2000))
4061 {
4062 libpq_append_conn_error(conn, "received invalid protocol negotiation message");
4063 goto error_return;
4064 }
4065
4066#define MAX_ERRLEN 30000
4067 if (beresp == PqMsg_ErrorResponse &&
4068 (msgLength < 8 || msgLength > MAX_ERRLEN))
4069 {
4070 /* Handle error from a pre-3.0 server */
4071 conn->inCursor = conn->inStart + 1; /* reread data */
4072 if (pqGets_append(&conn->errorMessage, conn))
4073 {
4074 /*
4075 * We may not have authenticated the server yet, so
4076 * don't let the buffer grow forever.
4077 */
4078 avail = conn->inEnd - conn->inCursor;
4079 if (avail > MAX_ERRLEN)
4080 {
4081 libpq_append_conn_error(conn, "received invalid error message");
4082 goto error_return;
4083 }
4084
4085 /* We'll come back when there is more data */
4086 return PGRES_POLLING_READING;
4087 }
4088 /* OK, we read the message; mark data consumed */
4089 pqParseDone(conn, conn->inCursor);
4090
4091 /*
4092 * Before 7.2, the postmaster didn't always end its
4093 * messages with a newline, so add one if needed to
4094 * conform to libpq conventions.
4095 */
4096 if (conn->errorMessage.len == 0 ||
4097 conn->errorMessage.data[conn->errorMessage.len - 1] != '\n')
4098 {
4099 appendPQExpBufferChar(&conn->errorMessage, '\n');
4100 }
4101
4102 goto error_return;
4103 }
4104#undef MAX_ERRLEN
4105
4106 /*
4107 * Can't process if message body isn't all here yet.
4108 *
4109 * After this check passes, any further EOF during parsing
4110 * implies that the server sent a bad/truncated message.
4111 * Reading more bytes won't help in that case, so don't return
4112 * PGRES_POLLING_READING after this point.
4113 */
4114 msgLength -= 4;
4115 avail = conn->inEnd - conn->inCursor;
4116 if (avail < msgLength)
4117 {
4118 /*
4119 * Before returning, try to enlarge the input buffer if
4120 * needed to hold the whole message; see notes in
4121 * pqParseInput3.
4122 */
4123 if (pqCheckInBufferSpace(conn->inCursor + (size_t) msgLength,
4124 conn))
4125 goto error_return;
4126 /* We'll come back when there is more data */
4127 return PGRES_POLLING_READING;
4128 }
4129
4130 /* Handle errors. */
4131 if (beresp == PqMsg_ErrorResponse)
4132 {
4133 if (pqGetErrorNotice3(conn, true))
4134 {
4135 libpq_append_conn_error(conn, "received invalid error message");
4136 goto error_return;
4137 }
4138 /* OK, we read the message; mark data consumed */
4139 pqParseDone(conn, conn->inCursor);
4140
4141 /*
4142 * If error is "cannot connect now", try the next host if
4143 * any (but we don't want to consider additional addresses
4144 * for this host, nor is there much point in changing SSL
4145 * or GSS mode). This is helpful when dealing with
4146 * standby servers that might not be in hot-standby state.
4147 */
4148 if (strcmp(conn->last_sqlstate,
4149 ERRCODE_CANNOT_CONNECT_NOW) == 0)
4150 {
4151 conn->try_next_host = true;
4152 goto keep_going;
4153 }
4154
4155 /* Check to see if we should mention pgpassfile */
4156 pgpassfileWarning(conn);
4157
4158 /*
4159 * ...and whether we should mention grease. If the error
4160 * message contains the PG_PROTOCOL_GREASE number (in
4161 * major.minor, decimal, or hex format) or a complaint
4162 * about a protocol violation before we've even started an
4163 * authentication exchange, it's probably caused by a
4164 * grease interaction.
4165 */
4166 if (conn->max_pversion == PG_PROTOCOL_GREASE &&
4167 !conn->auth_req_received)
4168 {
4169 const char *sqlstate = PQresultErrorField(conn->result,
4170 PG_DIAG_SQLSTATE);
4171
4172 if ((sqlstate &&
4173 strcmp(sqlstate, ERRCODE_PROTOCOL_VIOLATION) == 0) ||
4174 (conn->errorMessage.len > 0 &&
4175 (strstr(conn->errorMessage.data, "3.9999") ||
4176 strstr(conn->errorMessage.data, "206607") ||
4177 strstr(conn->errorMessage.data, "3270F") ||
4178 strstr(conn->errorMessage.data, "3270f"))))
4179 {
4180 libpq_append_grease_info(conn);
4181 }
4182 }
4183
4184 CONNECTION_FAILED();
4185 }
4186 /* Handle NegotiateProtocolVersion */
4187 else if (beresp == PqMsg_NegotiateProtocolVersion)
4188 {
4189 if (conn->pversion_negotiated)
4190 {
4191 libpq_append_conn_error(conn, "received duplicate protocol negotiation message");
4192 goto error_return;
4193 }
4194 if (pqGetNegotiateProtocolVersion3(conn))
4195 {
4196 /* pqGetNegotiateProtocolVersion3 set error already */
4197 goto error_return;
4198 }
4199 conn->pversion_negotiated = true;
4200
4201 /* OK, we read the message; mark data consumed */
4202 pqParseDone(conn, conn->inCursor);
4203
4204 goto keep_going;
4205 }
4206
4207 /* It is an authentication request. */
4208 conn->auth_req_received = true;
4209
4210 /* Get the type of request. */
4211 if (pqGetInt((int *) &areq, 4, conn))
4212 {
4213 /* can't happen because we checked the length already */
4214 libpq_append_conn_error(conn, "received invalid authentication request");
4215 goto error_return;
4216 }
4217 msgLength -= 4;
4218
4219 /*
4220 * Process the rest of the authentication request message, and
4221 * respond to it if necessary.
4222 *
4223 * Note that conn->pghost must be non-NULL if we are going to
4224 * avoid the Kerberos code doing a hostname look-up.
4225 */
4226 res = pg_fe_sendauth(areq, msgLength, conn, &async);
4227
4228 if (async && (res == STATUS_OK))
4229 {
4230 /*
4231 * We'll come back later once we're ready to respond.
4232 * Don't consume the request yet.
4233 */
4234 conn->status = CONNECTION_AUTHENTICATING;
4235 goto keep_going;
4236 }
4237
4238 /*
4239 * OK, we have processed the message; mark data consumed. We
4240 * don't call pqParseDone here because we already traced this
4241 * message inside pg_fe_sendauth.
4242 */
4243 conn->inStart = conn->inCursor;
4244
4245 if (res != STATUS_OK)
4246 {
4247 /*
4248 * OAuth connections may perform two-step discovery, where
4249 * the first connection is a dummy.
4250 */
4251 if (conn->sasl == &pg_oauth_mech && conn->oauth_want_retry)
4252 {
4253 need_new_connection = true;
4254 goto keep_going;
4255 }
4256
4257 goto error_return;
4258 }
4259
4260 /*
4261 * Just make sure that any data sent by pg_fe_sendauth is
4262 * flushed out. Although this theoretically could block, it
4263 * really shouldn't since we don't send large auth responses.
4264 */
4265 if (pqFlush(conn))
4266 goto error_return;
4267
4268 if (areq == AUTH_REQ_OK)
4269 {
4270 /* We are done with authentication exchange */
4271 conn->status = CONNECTION_AUTH_OK;
4272
4273 /*
4274 * Set asyncStatus so that PQgetResult will think that
4275 * what comes back next is the result of a query. See
4276 * below.
4277 */
4278 conn->asyncStatus = PGASYNC_BUSY;
4279 }
4280
4281 /* Look to see if we have more data yet. */
4282 goto keep_going;
4283 }
4284
4285 case CONNECTION_AUTHENTICATING:
4286 {
4287 PostgresPollingStatusType status;
4288
4289 if (!conn->async_auth || !conn->cleanup_async_auth)
4290 {
4291 /* programmer error; should not happen */
4292 libpq_append_conn_error(conn,
4293 "internal error: async authentication has no handler");
4294 goto error_return;
4295 }
4296
4297 /* Drive some external authentication work. */
4298 status = conn->async_auth(conn);
4299
4300 if (status == PGRES_POLLING_FAILED)
4301 goto error_return;
4302
4303 if (status == PGRES_POLLING_OK)
4304 {
4305 /* Done. Tear down the async implementation. */
4306 conn->cleanup_async_auth(conn);
4307 conn->cleanup_async_auth = NULL;
4308
4309 /*
4310 * Cleanup must unset altsock, both as an indication that
4311 * it's been released, and to stop pqSocketCheck from
4312 * looking at the wrong socket after async auth is done.
4313 */
4314 if (conn->altsock != PGINVALID_SOCKET)
4315 {
4316 Assert(false);
4317 libpq_append_conn_error(conn,
4318 "internal error: async cleanup did not release polling socket");
4319 goto error_return;
4320 }
4321
4322 /*
4323 * Reenter the authentication exchange with the server. We
4324 * didn't consume the message that started external
4325 * authentication, so it'll be reprocessed as if we just
4326 * received it.
4327 */
4328 conn->status = CONNECTION_AWAITING_RESPONSE;
4329
4330 goto keep_going;
4331 }
4332
4333 /*
4334 * Caller needs to poll some more. conn->async_auth() should
4335 * have assigned an altsock to poll on.
4336 */
4337 if (conn->altsock == PGINVALID_SOCKET)
4338 {
4339 Assert(false);
4340 libpq_append_conn_error(conn,
4341 "internal error: async authentication did not set a socket for polling");
4342 goto error_return;
4343 }
4344
4345 return status;
4346 }
4347
4348 case CONNECTION_AUTH_OK:
4349 {
4350 /*
4351 * Now we expect to hear from the backend. A ReadyForQuery
4352 * message indicates that startup is successful, but we might
4353 * also get an Error message indicating failure. (Notice
4354 * messages indicating nonfatal warnings are also allowed by
4355 * the protocol, as are ParameterStatus and BackendKeyData
4356 * messages.) Easiest way to handle this is to let
4357 * PQgetResult() read the messages. We just have to fake it
4358 * out about the state of the connection, by setting
4359 * asyncStatus = PGASYNC_BUSY (done above).
4360 */
4361
4362 if (PQisBusy(conn))
4363 return PGRES_POLLING_READING;
4364
4365 res = PQgetResult(conn);
4366
4367 /*
4368 * NULL return indicating we have gone to IDLE state is
4369 * expected
4370 */
4371 if (res)
4372 {
4373 if (res->resultStatus != PGRES_FATAL_ERROR)
4374 libpq_append_conn_error(conn, "unexpected message from server during startup");
4375 else if (conn->send_appname &&
4376 (conn->appname || conn->fbappname))
4377 {
4378 /*
4379 * If we tried to send application_name, check to see
4380 * if the error is about that --- pre-9.0 servers will
4381 * reject it at this stage of the process. If so,
4382 * close the connection and retry without sending
4383 * application_name. We could possibly get a false
4384 * SQLSTATE match here and retry uselessly, but there
4385 * seems no great harm in that; we'll just get the
4386 * same error again if it's unrelated.
4387 */
4388 const char *sqlstate;
4389
4390 sqlstate = PQresultErrorField(res, PG_DIAG_SQLSTATE);
4391 if (sqlstate &&
4392 strcmp(sqlstate, ERRCODE_APPNAME_UNKNOWN) == 0)
4393 {
4394 PQclear(res);
4395 conn->send_appname = false;
4396 need_new_connection = true;
4397 goto keep_going;
4398 }
4399 }
4400
4401 /*
4402 * if the resultStatus is FATAL, then conn->errorMessage
4403 * already has a copy of the error; needn't copy it back.
4404 * But add a newline if it's not there already, since
4405 * postmaster error messages may not have one.
4406 */
4407 if (conn->errorMessage.len <= 0 ||
4408 conn->errorMessage.data[conn->errorMessage.len - 1] != '\n')
4409 appendPQExpBufferChar(&conn->errorMessage, '\n');
4410 PQclear(res);
4411 goto error_return;
4412 }
4413
4414 if (conn->max_pversion == PG_PROTOCOL_GREASE &&
4415 conn->pversion == PG_PROTOCOL_GREASE)
4416 {
4417 libpq_append_conn_error(conn, "server incorrectly accepted \"grease\" protocol version 3.9999 without negotiation");
4418 libpq_append_grease_info(conn);
4419 goto error_return;
4420 }
4421
4422 /* Almost there now ... */
4423 conn->status = CONNECTION_CHECK_TARGET;
4424 goto keep_going;
4425 }
4426
4427 case CONNECTION_CHECK_TARGET:
4428 {
4429 /*
4430 * If a read-write, read-only, primary, or standby connection
4431 * is required, see if we have one.
4432 */
4433 if (conn->target_server_type == SERVER_TYPE_READ_WRITE ||
4434 conn->target_server_type == SERVER_TYPE_READ_ONLY)
4435 {
4436 bool read_only_server;
4437
4438 /*
4439 * If the server didn't report
4440 * "default_transaction_read_only" or "in_hot_standby" at
4441 * startup, we must determine its state by sending the
4442 * query "SHOW transaction_read_only". This GUC exists in
4443 * all server versions that support 3.0 protocol.
4444 */
4445 if (conn->default_transaction_read_only == PG_BOOL_UNKNOWN ||
4446 conn->in_hot_standby == PG_BOOL_UNKNOWN)
4447 {
4448 /*
4449 * We use PQsendQueryContinue so that
4450 * conn->errorMessage does not get cleared. We need
4451 * to preserve any error messages related to previous
4452 * hosts we have tried and failed to connect to.
4453 */
4454 conn->status = CONNECTION_OK;
4455 if (!PQsendQueryContinue(conn,
4456 "SHOW transaction_read_only"))
4457 goto error_return;
4458 /* We'll return to this state when we have the answer */
4459 conn->status = CONNECTION_CHECK_WRITABLE;
4460 return PGRES_POLLING_READING;
4461 }
4462
4463 /* OK, we can make the test */
4464 read_only_server =
4465 (conn->default_transaction_read_only == PG_BOOL_YES ||
4466 conn->in_hot_standby == PG_BOOL_YES);
4467
4468 if ((conn->target_server_type == SERVER_TYPE_READ_WRITE) ?
4469 read_only_server : !read_only_server)
4470 {
4471 /* Wrong server state, reject and try the next host */
4472 if (conn->target_server_type == SERVER_TYPE_READ_WRITE)
4473 libpq_append_conn_error(conn, "session is read-only");
4474 else
4475 libpq_append_conn_error(conn, "session is not read-only");
4476
4477 /* Close connection politely. */
4478 conn->status = CONNECTION_OK;
4479 sendTerminateConn(conn);
4480
4481 /*
4482 * Try next host if any, but we don't want to consider
4483 * additional addresses for this host.
4484 */
4485 conn->try_next_host = true;
4486 goto keep_going;
4487 }
4488 }
4489 else if (conn->target_server_type == SERVER_TYPE_PRIMARY ||
4490 conn->target_server_type == SERVER_TYPE_STANDBY ||
4491 conn->target_server_type == SERVER_TYPE_PREFER_STANDBY)
4492 {
4493 /*
4494 * If the server didn't report "in_hot_standby" at
4495 * startup, we must determine its state by sending the
4496 * query "SELECT pg_catalog.pg_is_in_recovery()". Servers
4497 * before 9.0 don't have that function, but by the same
4498 * token they don't have any standby mode, so we may just
4499 * assume the result.
4500 */
4501 if (conn->sversion < 90000)
4502 conn->in_hot_standby = PG_BOOL_NO;
4503
4504 if (conn->in_hot_standby == PG_BOOL_UNKNOWN)
4505 {
4506 /*
4507 * We use PQsendQueryContinue so that
4508 * conn->errorMessage does not get cleared. We need
4509 * to preserve any error messages related to previous
4510 * hosts we have tried and failed to connect to.
4511 */
4512 conn->status = CONNECTION_OK;
4513 if (!PQsendQueryContinue(conn,
4514 "SELECT pg_catalog.pg_is_in_recovery()"))
4515 goto error_return;
4516 /* We'll return to this state when we have the answer */
4517 conn->status = CONNECTION_CHECK_STANDBY;
4518 return PGRES_POLLING_READING;
4519 }
4520
4521 /* OK, we can make the test */
4522 if ((conn->target_server_type == SERVER_TYPE_PRIMARY) ?
4523 (conn->in_hot_standby == PG_BOOL_YES) :
4524 (conn->in_hot_standby == PG_BOOL_NO))
4525 {
4526 /* Wrong server state, reject and try the next host */
4527 if (conn->target_server_type == SERVER_TYPE_PRIMARY)
4528 libpq_append_conn_error(conn, "server is in hot standby mode");
4529 else
4530 libpq_append_conn_error(conn, "server is not in hot standby mode");
4531
4532 /* Close connection politely. */
4533 conn->status = CONNECTION_OK;
4534 sendTerminateConn(conn);
4535
4536 /*
4537 * Try next host if any, but we don't want to consider
4538 * additional addresses for this host.
4539 */
4540 conn->try_next_host = true;
4541 goto keep_going;
4542 }
4543 }
4544
4545 /* Don't hold onto any OAuth tokens longer than necessary. */
4546 pqClearOAuthToken(conn);
4547
4548 /*
4549 * For non cancel requests we can release the address list
4550 * now. For cancel requests we never actually resolve
4551 * addresses and instead the addrinfo exists for the lifetime
4552 * of the connection.
4553 */
4554 if (!conn->cancelRequest)
4555 release_conn_addrinfo(conn);
4556
4557 /*
4558 * Contents of conn->errorMessage are no longer interesting
4559 * (and it seems some clients expect it to be empty after a
4560 * successful connection).
4561 */
4562 pqClearConnErrorState(conn);
4563
4564 /* We are open for business! */
4565 conn->status = CONNECTION_OK;
4566 return PGRES_POLLING_OK;
4567 }
4568
4569 case CONNECTION_CONSUME:
4570 {
4571 /*
4572 * This state just makes sure the connection is idle after
4573 * we've obtained the result of a SHOW or SELECT query. Once
4574 * we're clear, return to CONNECTION_CHECK_TARGET state to
4575 * decide what to do next. We must transiently set status =
4576 * CONNECTION_OK in order to use the result-consuming
4577 * subroutines.
4578 */
4579 conn->status = CONNECTION_OK;
4580 if (!PQconsumeInput(conn))
4581 goto error_return;
4582
4583 if (PQisBusy(conn))
4584 {
4585 conn->status = CONNECTION_CONSUME;
4586 return PGRES_POLLING_READING;
4587 }
4588
4589 /* Call PQgetResult() again until we get a NULL result */
4590 res = PQgetResult(conn);
4591 if (res != NULL)
4592 {
4593 PQclear(res);
4594 conn->status = CONNECTION_CONSUME;
4595 return PGRES_POLLING_READING;
4596 }
4597
4598 conn->status = CONNECTION_CHECK_TARGET;
4599 goto keep_going;
4600 }
4601
4602 case CONNECTION_CHECK_WRITABLE:
4603 {
4604 /*
4605 * Waiting for result of "SHOW transaction_read_only". We
4606 * must transiently set status = CONNECTION_OK in order to use
4607 * the result-consuming subroutines.
4608 */
4609 conn->status = CONNECTION_OK;
4610 if (!PQconsumeInput(conn))
4611 goto error_return;
4612
4613 if (PQisBusy(conn))
4614 {
4615 conn->status = CONNECTION_CHECK_WRITABLE;
4616 return PGRES_POLLING_READING;
4617 }
4618
4619 res = PQgetResult(conn);
4620 if (res && PQresultStatus(res) == PGRES_TUPLES_OK &&
4621 PQntuples(res) == 1)
4622 {
4623 char *val = PQgetvalue(res, 0, 0);
4624
4625 /*
4626 * "transaction_read_only = on" proves that at least one
4627 * of default_transaction_read_only and in_hot_standby is
4628 * on, but we don't actually know which. We don't care
4629 * though for the purpose of identifying a read-only
4630 * session, so satisfy the CONNECTION_CHECK_TARGET code by
4631 * claiming they are both on. On the other hand, if it's
4632 * a read-write session, they are certainly both off.
4633 */
4634 if (strncmp(val, "on", 2) == 0)
4635 {
4636 conn->default_transaction_read_only = PG_BOOL_YES;
4637 conn->in_hot_standby = PG_BOOL_YES;
4638 }
4639 else
4640 {
4641 conn->default_transaction_read_only = PG_BOOL_NO;
4642 conn->in_hot_standby = PG_BOOL_NO;
4643 }
4644 PQclear(res);
4645
4646 /* Finish reading messages before continuing */
4647 conn->status = CONNECTION_CONSUME;
4648 goto keep_going;
4649 }
4650
4651 /* Something went wrong with "SHOW transaction_read_only". */
4652 PQclear(res);
4653
4654 /* Append error report to conn->errorMessage. */
4655 libpq_append_conn_error(conn, "\"%s\" failed",
4656 "SHOW transaction_read_only");
4657
4658 /* Close connection politely. */
4659 conn->status = CONNECTION_OK;
4660 sendTerminateConn(conn);
4661
4662 /* Try next host. */
4663 conn->try_next_host = true;
4664 goto keep_going;
4665 }
4666
4667 case CONNECTION_CHECK_STANDBY:
4668 {
4669 /*
4670 * Waiting for result of "SELECT pg_is_in_recovery()". We
4671 * must transiently set status = CONNECTION_OK in order to use
4672 * the result-consuming subroutines.
4673 */
4674 conn->status = CONNECTION_OK;
4675 if (!PQconsumeInput(conn))
4676 goto error_return;
4677
4678 if (PQisBusy(conn))
4679 {
4680 conn->status = CONNECTION_CHECK_STANDBY;
4681 return PGRES_POLLING_READING;
4682 }
4683
4684 res = PQgetResult(conn);
4685 if (res && PQresultStatus(res) == PGRES_TUPLES_OK &&
4686 PQntuples(res) == 1)
4687 {
4688 char *val = PQgetvalue(res, 0, 0);
4689
4690 if (strncmp(val, "t", 1) == 0)
4691 conn->in_hot_standby = PG_BOOL_YES;
4692 else
4693 conn->in_hot_standby = PG_BOOL_NO;
4694 PQclear(res);
4695
4696 /* Finish reading messages before continuing */
4697 conn->status = CONNECTION_CONSUME;
4698 goto keep_going;
4699 }
4700
4701 /* Something went wrong with "SELECT pg_is_in_recovery()". */
4702 PQclear(res);
4703
4704 /* Append error report to conn->errorMessage. */
4705 libpq_append_conn_error(conn, "\"%s\" failed",
4706 "SELECT pg_is_in_recovery()");
4707
4708 /* Close connection politely. */
4709 conn->status = CONNECTION_OK;
4710 sendTerminateConn(conn);
4711
4712 /* Try next host. */
4713 conn->try_next_host = true;
4714 goto keep_going;
4715 }
4716
4717 default:
4718 libpq_append_conn_error(conn,
4719 "invalid connection state %d, probably indicative of memory corruption",
4720 conn->status);
4721 goto error_return;
4722 }
4723
4724 /* Unreachable */
4725
4726error_return:
4727
4728 /*
4729 * We used to close the socket at this point, but that makes it awkward
4730 * for those above us if they wish to remove this socket from their own
4731 * records (an fd_set for example). We'll just have this socket closed
4732 * when PQfinish is called (which is compulsory even after an error, since
4733 * the connection structure must be freed).
4734 */
4735 conn->status = CONNECTION_BAD;
4736 return PGRES_POLLING_FAILED;
4737}
4738
4739/*
4740 * Initialize the state machine for negotiating encryption
4741 */
4742static bool
4743init_allowed_encryption_methods(PGconn *conn)
4744{
4745 if (conn->raddr.addr.ss_family == AF_UNIX)
4746 {
4747 /* Don't request SSL or GSSAPI over Unix sockets */
4748 conn->allowed_enc_methods &= ~(ENC_SSL | ENC_GSSAPI);
4749
4750 /*
4751 * XXX: we probably should not do this. sslmode=require works
4752 * differently
4753 */
4754 if (conn->gssencmode[0] == 'r')
4755 {
4756 libpq_append_conn_error(conn,
4757 "GSSAPI encryption required but it is not supported over a local socket");
4758 conn->allowed_enc_methods = 0;
4759 conn->current_enc_method = ENC_ERROR;
4760 return false;
4761 }
4762
4763 conn->allowed_enc_methods = ENC_PLAINTEXT;
4764 conn->current_enc_method = ENC_PLAINTEXT;
4765 return true;
4766 }
4767
4768 /* initialize based on sslmode and gssencmode */
4769 conn->allowed_enc_methods = 0;
4770
4771#ifdef USE_SSL
4772 /* sslmode anything but 'disable', and GSSAPI not required */
4773 if (conn->sslmode[0] != 'd' && conn->gssencmode[0] != 'r')
4774 {
4775 conn->allowed_enc_methods |= ENC_SSL;
4776 }
4777#endif
4778
4779#ifdef ENABLE_GSS
4780 if (conn->gssencmode[0] != 'd')
4781 conn->allowed_enc_methods |= ENC_GSSAPI;
4782#endif
4783
4784 if ((conn->sslmode[0] == 'd' || conn->sslmode[0] == 'p' || conn->sslmode[0] == 'a') &&
4785 (conn->gssencmode[0] == 'd' || conn->gssencmode[0] == 'p'))
4786 {
4787 conn->allowed_enc_methods |= ENC_PLAINTEXT;
4788 }
4789
4790 return select_next_encryption_method(conn, false);
4791}
4792
4793/*
4794 * Out-of-line portion of the ENCRYPTION_NEGOTIATION_FAILED() macro in the
4795 * PQconnectPoll state machine.
4796 *
4797 * Return value:
4798 * 0: connection failed and we are out of encryption methods to try. return an error
4799 * 1: Retry with next connection method. The TCP connection is still valid and in
4800 * known state, so we can proceed with the negotiating next method without
4801 * reconnecting.
4802 * 2: Disconnect, and retry with next connection method.
4803 *
4804 * conn->current_enc_method is updated to the next method to try.
4805 */
4806#if defined(USE_SSL) || defined(ENABLE_GSS)
4807static int
4808encryption_negotiation_failed(PGconn *conn)
4809{
4810 Assert((conn->failed_enc_methods & conn->current_enc_method) == 0);
4811 conn->failed_enc_methods |= conn->current_enc_method;
4812
4813 if (select_next_encryption_method(conn, true))
4814 {
4815 /* An existing connection cannot be reused for direct SSL */
4816 if (conn->current_enc_method == ENC_SSL && conn->sslnegotiation[0] == 'd')
4817 return 2;
4818 else
4819 return 1;
4820 }
4821 else
4822 return 0;
4823}
4824#endif
4825
4826/*
4827 * Out-of-line portion of the CONNECTION_FAILED() macro
4828 *
4829 * Returns true, if we should reconnect and retry with a different encryption
4830 * method. conn->current_enc_method is updated to the next method to try.
4831 */
4832static bool
4840
4841/*
4842 * Choose the next encryption method to try. If this is a retry,
4843 * conn->failed_enc_methods has already been updated. The function sets
4844 * conn->current_enc_method to the next method to try. Returns false if no
4845 * encryption methods remain.
4846 */
4847static bool
4848select_next_encryption_method(PGconn *conn, bool have_valid_connection)
4849{
4850 int remaining_methods;
4851
4852#define SELECT_NEXT_METHOD(method) \
4853 do { \
4854 if ((remaining_methods & method) != 0) \
4855 { \
4856 conn->current_enc_method = method; \
4857 return true; \
4858 } \
4859 } while (false)
4860
4861 remaining_methods = conn->allowed_enc_methods & ~conn->failed_enc_methods;
4862
4863 /*
4864 * Try GSSAPI before SSL
4865 */
4866#ifdef ENABLE_GSS
4867 if ((remaining_methods & ENC_GSSAPI) != 0)
4868 {
4869 /*
4870 * If GSSAPI encryption is enabled, then call pg_GSS_have_cred_cache()
4871 * which will return true if we can acquire credentials (and give us a
4872 * handle to use in conn->gcred), and then send a packet to the server
4873 * asking for GSSAPI Encryption (and skip past SSL negotiation and
4874 * regular startup below).
4875 */
4876 if (!conn->gctx)
4877 {
4878 if (!pg_GSS_have_cred_cache(&conn->gcred))
4879 {
4880 conn->allowed_enc_methods &= ~ENC_GSSAPI;
4881 remaining_methods &= ~ENC_GSSAPI;
4882
4883 if (conn->gssencmode[0] == 'r')
4884 {
4885 libpq_append_conn_error(conn,
4886 "GSSAPI encryption required but no credential cache");
4887 }
4888 }
4889 }
4890 }
4891
4892 SELECT_NEXT_METHOD(ENC_GSSAPI);
4893#endif
4894
4895 /*
4896 * The order between SSL encryption and plaintext depends on sslmode. With
4897 * sslmode=allow, try plaintext connection before SSL. With
4898 * sslmode=prefer, it's the other way round. With other modes, we only try
4899 * plaintext or SSL connections so the order they're listed here doesn't
4900 * matter.
4901 */
4902 if (conn->sslmode[0] == 'a')
4903 SELECT_NEXT_METHOD(ENC_PLAINTEXT);
4904
4905 SELECT_NEXT_METHOD(ENC_SSL);
4906
4907 if (conn->sslmode[0] != 'a')
4908 SELECT_NEXT_METHOD(ENC_PLAINTEXT);
4909
4910 /* No more options */
4911 conn->current_enc_method = ENC_ERROR;
4912 return false;
4913#undef SELECT_NEXT_METHOD
4914}
4915
4916/*
4917 * internal_ping
4918 * Determine if a server is running and if we can connect to it.
4919 *
4920 * The argument is a connection that's been started, but not completed.
4921 */
4922static PGPing
4923internal_ping(PGconn *conn)
4924{
4925 /* Say "no attempt" if we never got to PQconnectPoll */
4926 if (!conn || !conn->options_valid)
4927 return PQPING_NO_ATTEMPT;
4928
4929 /* Attempt to complete the connection */
4930 if (conn->status != CONNECTION_BAD)
4931 (void) pqConnectDBComplete(conn);
4932
4933 /* Definitely OK if we succeeded */
4934 if (conn->status != CONNECTION_BAD)
4935 return PQPING_OK;
4936
4937 /*
4938 * Here begins the interesting part of "ping": determine the cause of the
4939 * failure in sufficient detail to decide what to return. We do not want
4940 * to report that the server is not up just because we didn't have a valid
4941 * password, for example. In fact, any sort of authentication request
4942 * implies the server is up. (We need this check since the libpq side of
4943 * things might have pulled the plug on the connection before getting an
4944 * error as such from the postmaster.)
4945 */
4946 if (conn->auth_req_received)
4947 return PQPING_OK;
4948
4949 /*
4950 * If we failed to get any ERROR response from the postmaster, report
4951 * PQPING_NO_RESPONSE. This result could be somewhat misleading for a
4952 * pre-7.4 server, since it won't send back a SQLSTATE, but those are long
4953 * out of support. Another corner case where the server could return a
4954 * failure without a SQLSTATE is fork failure, but PQPING_NO_RESPONSE
4955 * isn't totally unreasonable for that anyway. We expect that every other
4956 * failure case in a modern server will produce a report with a SQLSTATE.
4957 *
4958 * NOTE: whenever we get around to making libpq generate SQLSTATEs for
4959 * client-side errors, we should either not store those into
4960 * last_sqlstate, or add an extra flag so we can tell client-side errors
4961 * apart from server-side ones.
4962 */
4963 if (strlen(conn->last_sqlstate) != 5)
4964 return PQPING_NO_RESPONSE;
4965
4966 /*
4967 * Report PQPING_REJECT if server says it's not accepting connections.
4968 */
4969 if (strcmp(conn->last_sqlstate, ERRCODE_CANNOT_CONNECT_NOW) == 0)
4970 return PQPING_REJECT;
4971
4972 /*
4973 * Any other SQLSTATE can be taken to indicate that the server is up.
4974 * Presumably it didn't like our username, password, or database name; or
4975 * perhaps it had some transient failure, but that should not be taken as
4976 * meaning "it's down".
4977 */
4978 return PQPING_OK;
4979}
4980
4981
4982/*
4983 * pqMakeEmptyPGconn
4984 * - create a PGconn data structure with (as yet) no interesting data
4985 */
4986PGconn *
4987pqMakeEmptyPGconn(void)
4988{
4989 PGconn *conn;
4990
4991#ifdef WIN32
4992
4993 /*
4994 * Make sure socket support is up and running in this process.
4995 *
4996 * Note: the Windows documentation says that we should eventually do a
4997 * matching WSACleanup() call, but experience suggests that that is at
4998 * least as likely to cause problems as fix them. So we don't.
4999 */
5000 static bool wsastartup_done = false;
5001
5002 if (!wsastartup_done)
5003 {
5004 WSADATA wsaData;
5005
5006 if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0)
5007 return NULL;
5008 wsastartup_done = true;
5009 }
5010
5011 /* Forget any earlier error */
5012 WSASetLastError(0);
5013#endif /* WIN32 */
5014
5015 conn = (PGconn *) malloc(sizeof(PGconn));
5016 if (conn == NULL)
5017 return conn;
5018
5019 /* Zero all pointers and booleans */
5020 MemSet(conn, 0, sizeof(PGconn));
5021
5022 /* install default notice hooks */
5023 conn->noticeHooks.noticeRec = defaultNoticeReceiver;
5024 conn->noticeHooks.noticeProc = defaultNoticeProcessor;
5025
5026 conn->status = CONNECTION_BAD;
5027 conn->asyncStatus = PGASYNC_IDLE;
5028 conn->pipelineStatus = PQ_PIPELINE_OFF;
5029 conn->xactStatus = PQTRANS_IDLE;
5030 conn->options_valid = false;
5031 conn->nonblocking = false;
5032 conn->client_encoding = PG_SQL_ASCII;
5033 conn->std_strings = false; /* unless server says differently */
5034 conn->default_transaction_read_only = PG_BOOL_UNKNOWN;
5035 conn->in_hot_standby = PG_BOOL_UNKNOWN;
5036 conn->scram_sha_256_iterations = SCRAM_SHA_256_DEFAULT_ITERATIONS;
5037 conn->verbosity = PQERRORS_DEFAULT;
5038 conn->show_context = PQSHOW_CONTEXT_ERRORS;
5039 conn->sock = PGINVALID_SOCKET;
5040 conn->altsock = PGINVALID_SOCKET;
5041 conn->Pfdebug = NULL;
5042
5043 /*
5044 * We try to send at least 8K at a time, which is the usual size of pipe
5045 * buffers on Unix systems. That way, when we are sending a large amount
5046 * of data, we avoid incurring extra kernel context swaps for partial
5047 * bufferloads. The output buffer is initially made 16K in size, and we
5048 * try to dump it after accumulating 8K.
5049 *
5050 * With the same goal of minimizing context swaps, the input buffer will
5051 * be enlarged anytime it has less than 8K free, so we initially allocate
5052 * twice that.
5053 */
5054 conn->inBufSize = 16 * 1024;
5055 conn->inBuffer = (char *) malloc(conn->inBufSize);
5056 conn->outBufSize = 16 * 1024;
5057 conn->outBuffer = (char *) malloc(conn->outBufSize);
5058 conn->rowBufLen = 32;
5059 conn->rowBuf = (PGdataValue *) malloc(conn->rowBufLen * sizeof(PGdataValue));
5060 initPQExpBuffer(&conn->errorMessage);
5061 initPQExpBuffer(&conn->workBuffer);
5062
5063 if (conn->inBuffer == NULL ||
5064 conn->outBuffer == NULL ||
5065 conn->rowBuf == NULL ||
5066 PQExpBufferBroken(&conn->errorMessage) ||
5067 PQExpBufferBroken(&conn->workBuffer))
5068 {
5069 /* out of memory already :-( */
5070 freePGconn(conn);
5071 conn = NULL;
5072 }
5073
5074 return conn;
5075}
5076
5077/*
5078 * freePGconn
5079 * - free an idle (closed) PGconn data structure
5080 *
5081 * NOTE: this should not overlap any functionality with pqClosePGconn().
5082 * Clearing/resetting of transient state belongs there; what we do here is
5083 * release data that is to be held for the life of the PGconn structure.
5084 * If a value ought to be cleared/freed during PQreset(), do it there not here.
5085 */
5086static void
5087freePGconn(PGconn *conn)
5088{
5089 /* let any event procs clean up their state data */
5090 for (int i = 0; i < conn->nEvents; i++)
5091 {
5092 PGEventConnDestroy evt;
5093
5094 evt.conn = conn;
5095 (void) conn->events[i].proc(PGEVT_CONNDESTROY, &evt,
5096 conn->events[i].passThrough);
5097 free(conn->events[i].name);
5098 }
5099
5100 /* free everything not freed in pqClosePGconn */
5101 free(conn->pghost);
5102 free(conn->pghostaddr);
5103 free(conn->pgport);
5104 free(conn->connect_timeout);
5105 free(conn->pgtcp_user_timeout);
5106 free(conn->client_encoding_initial);
5107 free(conn->pgoptions);
5108 free(conn->appname);
5109 free(conn->fbappname);
5110 free(conn->dbName);
5111 free(conn->replication);
5112 free(conn->pgservice);
5113 free(conn->pgservicefile);
5114 free(conn->pguser);
5115 if (conn->pgpass)
5116 {
5117 explicit_bzero(conn->pgpass, strlen(conn->pgpass));
5118 free(conn->pgpass);
5119 }
5120 free(conn->pgpassfile);
5121 free(conn->channel_binding);
5122 free(conn->keepalives);
5123 free(conn->keepalives_idle);
5124 free(conn->keepalives_interval);
5125 free(conn->keepalives_count);
5126 free(conn->sslmode);
5127 free(conn->sslnegotiation);
5128 free(conn->sslcompression);
5129 free(conn->sslkey);
5130 free(conn->sslcert);
5131 if (conn->sslpassword)
5132 {
5133 explicit_bzero(conn->sslpassword, strlen(conn->sslpassword));
5134 free(conn->sslpassword);
5135 }
5136 free(conn->sslcertmode);
5137 free(conn->sslrootcert);
5138 free(conn->sslcrl);
5139 free(conn->sslcrldir);
5140 free(conn->sslsni);
5141 free(conn->requirepeer);
5142 free(conn->gssencmode);
5143 free(conn->krbsrvname);
5144 free(conn->gsslib);
5145 free(conn->gssdelegation);
5146 free(conn->min_protocol_version);
5147 free(conn->max_protocol_version);
5148 free(conn->ssl_min_protocol_version);
5149 free(conn->ssl_max_protocol_version);
5150 free(conn->target_session_attrs);
5151 free(conn->require_auth);
5152 free(conn->load_balance_hosts);
5153 free(conn->scram_client_key);
5154 free(conn->scram_server_key);
5155 free(conn->sslkeylogfile);
5156 free(conn->oauth_issuer);
5157 free(conn->oauth_issuer_id);
5158 free(conn->oauth_discovery_uri);
5159 free(conn->oauth_client_id);
5160 free(conn->oauth_client_secret);
5161 free(conn->oauth_scope);
5162 /* Note that conn->Pfdebug is not ours to close or free */
5163 free(conn->events);
5164 pqReleaseConnHosts(conn);
5165 free(conn->connip);
5166 release_conn_addrinfo(conn);
5167 free(conn->scram_client_key_binary);
5168 free(conn->scram_server_key_binary);
5169 /* if this is a cancel connection, be_cancel_key may still be allocated */
5170 free(conn->be_cancel_key);
5171 free(conn->inBuffer);
5172 free(conn->outBuffer);
5173 free(conn->rowBuf);
5174 termPQExpBuffer(&conn->errorMessage);
5175 termPQExpBuffer(&conn->workBuffer);
5176
5177 free(conn);
5178}
5179
5180/*
5181 * pqReleaseConnHosts
5182 * - Free the host list in the PGconn.
5183 */
5184void
5185pqReleaseConnHosts(PGconn *conn)
5186{
5187 if (conn->connhost)
5188 {
5189 for (int i = 0; i < conn->nconnhost; ++i)
5190 {
5191 free(conn->connhost[i].host);
5192 free(conn->connhost[i].hostaddr);
5193 free(conn->connhost[i].port);
5194 if (conn->connhost[i].password != NULL)
5195 {
5196 explicit_bzero(conn->connhost[i].password,
5197 strlen(conn->connhost[i].password));
5198 free(conn->connhost[i].password);
5199 }
5200 }
5201 free(conn->connhost);
5202 conn->connhost = NULL;
5203 }
5204}
5205
5206/*
5207 * store_conn_addrinfo
5208 * - copy addrinfo to PGconn object
5209 *
5210 * Copies the addrinfos from addrlist to the PGconn object such that the
5211 * addrinfos can be manipulated by libpq. Returns a positive integer on
5212 * failure, otherwise zero.
5213 */
5214static int
5215store_conn_addrinfo(PGconn *conn, struct addrinfo *addrlist)
5216{
5217 struct addrinfo *ai = addrlist;
5218
5219 conn->whichaddr = 0;
5220
5221 conn->naddr = 0;
5222 while (ai)
5223 {
5224 ai = ai->ai_next;
5225 conn->naddr++;
5226 }
5227
5228 conn->addr = calloc(conn->naddr, sizeof(AddrInfo));
5229 if (conn->addr == NULL)
5230 {
5231 libpq_append_conn_error(conn, "out of memory");
5232 return 1;
5233 }
5234
5235 ai = addrlist;
5236 for (int i = 0; i < conn->naddr; i++)
5237 {
5238 conn->addr[i].family = ai->ai_family;
5239
5240 memcpy(&conn->addr[i].addr.addr, ai->ai_addr,
5241 ai->ai_addrlen);
5242 conn->addr[i].addr.salen = ai->ai_addrlen;
5243 ai = ai->ai_next;
5244 }
5245
5246 return 0;
5247}
5248
5249/*
5250 * release_conn_addrinfo
5251 * - Free any addrinfo list in the PGconn.
5252 */
5253static void
5254release_conn_addrinfo(PGconn *conn)
5255{
5256 if (conn->addr)
5257 {
5258 free(conn->addr);
5259 conn->addr = NULL;
5260 }
5261}
5262
5263/*
5264 * sendTerminateConn
5265 * - Send a terminate message to backend.
5266 */
5267static void
5268sendTerminateConn(PGconn *conn)
5269{
5270 /*
5271 * The Postgres cancellation protocol does not have a notion of a
5272 * Terminate message, so don't send one.
5273 */
5274 if (conn->cancelRequest)
5275 return;
5276
5277 /*
5278 * Note that the protocol doesn't allow us to send Terminate messages
5279 * during the startup phase.
5280 */
5281 if (conn->sock != PGINVALID_SOCKET && conn->status == CONNECTION_OK)
5282 {
5283 /*
5284 * Try to send "close connection" message to backend. Ignore any
5285 * error.
5286 */
5287 pqPutMsgStart(PqMsg_Terminate, conn);
5288 pqPutMsgEnd(conn);
5289 (void) pqFlush(conn);
5290 }
5291}
5292
5293/*
5294 * pqClosePGconn
5295 * - properly close a connection to the backend
5296 *
5297 * This should reset or release all transient state, but NOT the connection
5298 * parameters. On exit, the PGconn should be in condition to start a fresh
5299 * connection with the same parameters (see PQreset()).
5300 */
5301void
5302pqClosePGconn(PGconn *conn)
5303{
5304 /*
5305 * If possible, send Terminate message to close the connection politely.
5306 */
5307 sendTerminateConn(conn);
5308
5309 /*
5310 * Must reset the blocking status so a possible reconnect will work.
5311 *
5312 * Don't call PQsetnonblocking() because it will fail if it's unable to
5313 * flush the connection.
5314 */
5315 conn->nonblocking = false;
5316
5317 /*
5318 * Close the connection, reset all transient state, flush I/O buffers.
5319 * Note that this includes clearing conn's error state; we're no longer
5320 * interested in any failures associated with the old connection, and we
5321 * want a clean slate for any new connection attempt.
5322 */
5323 pqDropConnection(conn, true);
5324 conn->status = CONNECTION_BAD; /* Well, not really _bad_ - just absent */
5325 conn->asyncStatus = PGASYNC_IDLE;
5326 conn->xactStatus = PQTRANS_IDLE;
5327 conn->pipelineStatus = PQ_PIPELINE_OFF;
5328 pqClearOAuthToken(conn);
5329 pqClearAsyncResult(conn); /* deallocate result */
5330 pqClearConnErrorState(conn);
5331
5332 /*
5333 * Release addrinfo, but since cancel requests never change their addrinfo
5334 * we don't do that. Otherwise we would have to rebuild it during a
5335 * PQcancelReset.
5336 */
5337 if (!conn->cancelRequest)
5338 release_conn_addrinfo(conn);
5339
5340 /* Reset all state obtained from server, too */
5341 pqDropServerData(conn);
5342}
5343
5344/*
5345 * PQfinish: properly close a connection to the backend. Also frees
5346 * the PGconn data structure so it shouldn't be re-used after this.
5347 */
5348void
5349PQfinish(PGconn *conn)
5350{
5351 if (conn)
5352 {
5353 pqClosePGconn(conn);
5354 freePGconn(conn);
5355 }
5356}
5357
5358/*
5359 * PQreset: resets the connection to the backend by closing the
5360 * existing connection and creating a new one.
5361 */
5362void
5363PQreset(PGconn *conn)
5364{
5365 if (conn)
5366 {
5367 pqClosePGconn(conn);
5368
5369 if (pqConnectDBStart(conn) && pqConnectDBComplete(conn))
5370 {
5371 /*
5372 * Notify event procs of successful reset.
5373 */
5374 int i;
5375
5376 for (i = 0; i < conn->nEvents; i++)
5377 {
5378 PGEventConnReset evt;
5379
5380 evt.conn = conn;
5381 (void) conn->events[i].proc(PGEVT_CONNRESET, &evt,
5382 conn->events[i].passThrough);
5383 }
5384 }
5385 }
5386}
5387
5388
5389/*
5390 * PQresetStart:
5391 * resets the connection to the backend
5392 * closes the existing connection and makes a new one
5393 * Returns 1 on success, 0 on failure.
5394 */
5395int
5396PQresetStart(PGconn *conn)
5397{
5398 if (conn)
5399 {
5400 pqClosePGconn(conn);
5401
5402 return pqConnectDBStart(conn);
5403 }
5404
5405 return 0;
5406}
5407
5408
5409/*
5410 * PQresetPoll:
5411 * resets the connection to the backend
5412 * closes the existing connection and makes a new one
5413 */
5414PostgresPollingStatusType
5415PQresetPoll(PGconn *conn)
5416{
5417 if (conn)
5418 {
5419 PostgresPollingStatusType status = PQconnectPoll(conn);
5420
5421 if (status == PGRES_POLLING_OK)
5422 {
5423 /*
5424 * Notify event procs of successful reset.
5425 */
5426 int i;
5427
5428 for (i = 0; i < conn->nEvents; i++)
5429 {
5430 PGEventConnReset evt;
5431
5432 evt.conn = conn;
5433 (void) conn->events[i].proc(PGEVT_CONNRESET, &evt,
5434 conn->events[i].passThrough);
5435 }
5436 }
5437
5438 return status;
5439 }
5440
5441 return PGRES_POLLING_FAILED;
5442}
5443
5444/*
5445 * pqPacketSend() -- convenience routine to send a message to server.
5446 *
5447 * pack_type: the single-byte message type code. (Pass zero for startup
5448 * packets, which have no message type code.)
5449 *
5450 * buf, buf_len: contents of message. The given length includes only what
5451 * is in buf; the message type and message length fields are added here.
5452 *
5453 * RETURNS: STATUS_ERROR if the write fails, STATUS_OK otherwise.
5454 * SIDE_EFFECTS: may block.
5455 */
5456int
5457pqPacketSend(PGconn *conn, char pack_type,
5458 const void *buf, size_t buf_len)
5459{
5460 /* Start the message. */
5461 if (pqPutMsgStart(pack_type, conn))
5462 return STATUS_ERROR;
5463
5464 /* Send the message body. */
5465 if (pqPutnchar(buf, buf_len, conn))
5466 return STATUS_ERROR;
5467
5468 /* Finish the message. */
5469 if (pqPutMsgEnd(conn))
5470 return STATUS_ERROR;
5471
5472 /* Flush to ensure backend gets it. */
5473 if (pqFlush(conn))
5474 return STATUS_ERROR;
5475
5476 return STATUS_OK;
5477}
5478
5479#ifdef USE_LDAP
5480
5481#define LDAP_URL "ldap://"
5482#define LDAP_DEF_PORT 389
5483#define PGLDAP_TIMEOUT 2
5484
5485#define ld_is_sp_tab(x) ((x) == ' ' || (x) == '\t')
5486#define ld_is_nl_cr(x) ((x) == '\r' || (x) == '\n')
5487
5488
5489/*
5490 * ldapServiceLookup
5491 *
5492 * Search the LDAP URL passed as first argument, treat the result as a
5493 * string of connection options that are parsed and added to the array of
5494 * options passed as second argument.
5495 *
5496 * LDAP URLs must conform to RFC 1959 without escape sequences.
5497 * ldap://host:port/dn?attributes?scope?filter?extensions
5498 *
5499 * Returns
5500 * 0 if the lookup was successful,
5501 * 1 if the connection to the LDAP server could be established but
5502 * the search was unsuccessful,
5503 * 2 if a connection could not be established, and
5504 * 3 if a fatal error occurred.
5505 *
5506 * An error message is appended to *errorMessage for return codes 1 and 3.
5507 */
5508static int
5509ldapServiceLookup(const char *purl, PQconninfoOption *options,
5510 PQExpBuffer errorMessage)
5511{
5512 int port = LDAP_DEF_PORT,
5513 scope,
5514 rc,
5515 size,
5516 state,
5517 oldstate,
5518 i;
5519#ifndef WIN32
5520 int msgid;
5521#endif
5522 bool found_keyword;
5523 char *url,
5524 *hostname,
5525 *portstr,
5526 *endptr,
5527 *dn,
5528 *scopestr,
5529 *filter,
5530 *result,
5531 *p,
5532 *p1 = NULL,
5533 *optname = NULL,
5534 *optval = NULL;
5535 char *attrs[2] = {NULL, NULL};
5536 LDAP *ld = NULL;
5537 LDAPMessage *res,
5538 *entry;
5539 struct berval **values;
5540 LDAP_TIMEVAL time = {PGLDAP_TIMEOUT, 0};
5541 int ldapversion = LDAP_VERSION3;
5542
5543 if ((url = strdup(purl)) == NULL)
5544 {
5545 libpq_append_error(errorMessage, "out of memory");
5546 return 3;
5547 }
5548
5549 /*
5550 * Parse URL components, check for correctness. Basically, url has '\0'
5551 * placed at component boundaries and variables are pointed at each
5552 * component.
5553 */
5554
5555 if (pg_strncasecmp(url, LDAP_URL, strlen(LDAP_URL)) != 0)
5556 {
5557 libpq_append_error(errorMessage,
5558 "invalid LDAP URL \"%s\": scheme must be ldap://", purl);
5559 free(url);
5560 return 3;
5561 }
5562
5563 /* hostname */
5564 hostname = url + strlen(LDAP_URL);
5565 if (*hostname == '/') /* no hostname? */
5566 hostname = DefaultHost; /* the default */
5567
5568 /* dn, "distinguished name" */
5569 p = strchr(url + strlen(LDAP_URL), '/');
5570 if (p == NULL || *(p + 1) == '\0' || *(p + 1) == '?')
5571 {
5572 libpq_append_error(errorMessage,
5573 "invalid LDAP URL \"%s\": missing distinguished name",
5574 purl);
5575 free(url);
5576 return 3;
5577 }
5578 *p = '\0'; /* terminate hostname */
5579 dn = p + 1;
5580
5581 /* attribute */
5582 if ((p = strchr(dn, '?')) == NULL || *(p + 1) == '\0' || *(p + 1) == '?')
5583 {
5584 libpq_append_error(errorMessage,
5585 "invalid LDAP URL \"%s\": must have exactly one attribute",
5586 purl);
5587 free(url);
5588 return 3;
5589 }
5590 *p = '\0';
5591 attrs[0] = p + 1;
5592
5593 /* scope */
5594 if ((p = strchr(attrs[0], '?')) == NULL || *(p + 1) == '\0' || *(p + 1) == '?')
5595 {
5596 libpq_append_error(errorMessage,
5597 "invalid LDAP URL \"%s\": must have search scope (base/one/sub)",
5598 purl);
5599 free(url);
5600 return 3;
5601 }
5602 *p = '\0';
5603 scopestr = p + 1;
5604
5605 /* filter */
5606 if ((p = strchr(scopestr, '?')) == NULL || *(p + 1) == '\0' || *(p + 1) == '?')
5607 {
5608 libpq_append_error(errorMessage,
5609 "invalid LDAP URL \"%s\": no filter",
5610 purl);
5611 free(url);
5612 return 3;
5613 }
5614 *p = '\0';
5615 filter = p + 1;
5616 if ((p = strchr(filter, '?')) != NULL)
5617 *p = '\0';
5618
5619 /* port number? */
5620 if ((p1 = strchr(hostname, ':')) != NULL)
5621 {
5622 long lport;
5623
5624 *p1 = '\0';
5625 portstr = p1 + 1;
5626 errno = 0;
5627 lport = strtol(portstr, &endptr, 10);
5628 if (*portstr == '\0' || *endptr != '\0' || errno || lport < 0 || lport > 65535)
5629 {
5630 libpq_append_error(errorMessage,
5631 "invalid LDAP URL \"%s\": invalid port number",
5632 purl);
5633 free(url);
5634 return 3;
5635 }
5636 port = (int) lport;
5637 }
5638
5639 /* Allow only one attribute */
5640 if (strchr(attrs[0], ',') != NULL)
5641 {
5642 libpq_append_error(errorMessage,
5643 "invalid LDAP URL \"%s\": must have exactly one attribute",
5644 purl);
5645 free(url);
5646 return 3;
5647 }
5648
5649 /* set scope */
5650 if (pg_strcasecmp(scopestr, "base") == 0)
5651 scope = LDAP_SCOPE_BASE;
5652 else if (pg_strcasecmp(scopestr, "one") == 0)
5653 scope = LDAP_SCOPE_ONELEVEL;
5654 else if (pg_strcasecmp(scopestr, "sub") == 0)
5655 scope = LDAP_SCOPE_SUBTREE;
5656 else
5657 {
5658 libpq_append_error(errorMessage,
5659 "invalid LDAP URL \"%s\": must have search scope (base/one/sub)",
5660 purl);
5661 free(url);
5662 return 3;
5663 }
5664
5665 /* initialize LDAP structure */
5666 if ((ld = ldap_init(hostname, port)) == NULL)
5667 {
5668 libpq_append_error(errorMessage, "could not create LDAP structure");
5669 free(url);
5670 return 3;
5671 }
5672
5673 if ((rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldapversion)) != LDAP_SUCCESS)
5674 {
5675 libpq_append_error(errorMessage, "could not set LDAP protocol version: %s",
5676 ldap_err2string(rc));
5677 free(url);
5678 ldap_unbind(ld);
5679 return 3;
5680 }
5681
5682 /*
5683 * Perform an explicit anonymous bind.
5684 *
5685 * LDAP does not require that an anonymous bind is performed explicitly,
5686 * but we want to distinguish between the case where LDAP bind does not
5687 * succeed within PGLDAP_TIMEOUT seconds (return 2 to continue parsing the
5688 * service control file) and the case where querying the LDAP server fails
5689 * (return 1 to end parsing).
5690 *
5691 * Unfortunately there is no way of setting a timeout that works for both
5692 * Windows and OpenLDAP.
5693 */
5694#ifdef WIN32
5695 /* the nonstandard ldap_connect function performs an anonymous bind */
5696 if (ldap_connect(ld, &time) != LDAP_SUCCESS)
5697 {
5698 /* error or timeout in ldap_connect */
5699 free(url);
5700 ldap_unbind(ld);
5701 return 2;
5702 }
5703#else /* !WIN32 */
5704 /* in OpenLDAP, use the LDAP_OPT_NETWORK_TIMEOUT option */
5705 if (ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, &time) != LDAP_SUCCESS)
5706 {
5707 free(url);
5708 ldap_unbind(ld);
5709 return 3;
5710 }
5711
5712 /* anonymous bind */
5713 if ((msgid = ldap_simple_bind(ld, NULL, NULL)) == -1)
5714 {
5715 /* error or network timeout */
5716 free(url);
5717 ldap_unbind(ld);
5718 return 2;
5719 }
5720
5721 /* wait some time for the connection to succeed */
5722 res = NULL;
5723 if ((rc = ldap_result(ld, msgid, LDAP_MSG_ALL, &time, &res)) == -1 ||
5724 res == NULL)
5725 {
5726 /* error or timeout */
5727 if (res != NULL)
5728 ldap_msgfree(res);
5729 free(url);
5730 ldap_unbind(ld);
5731 return 2;
5732 }
5733 ldap_msgfree(res);
5734
5735 /* reset timeout */
5736 time.tv_sec = -1;
5737 if (ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, &time) != LDAP_SUCCESS)
5738 {
5739 free(url);
5740 ldap_unbind(ld);
5741 return 3;
5742 }
5743#endif /* WIN32 */
5744
5745 /* search */
5746 res = NULL;
5747 if ((rc = ldap_search_st(ld, dn, scope, filter, attrs, 0, &time, &res))
5748 != LDAP_SUCCESS)
5749 {
5750 if (res != NULL)
5751 ldap_msgfree(res);
5752 libpq_append_error(errorMessage, "lookup on LDAP server failed: %s", ldap_err2string(rc));
5753 ldap_unbind(ld);
5754 free(url);
5755 return 1;
5756 }
5757
5758 /* complain if there was not exactly one result */
5759 if ((rc = ldap_count_entries(ld, res)) != 1)
5760 {
5761 if (rc > 1)
5762 libpq_append_error(errorMessage, "more than one entry found on LDAP lookup");
5763 else
5764 libpq_append_error(errorMessage, "no entry found on LDAP lookup");
5765 ldap_msgfree(res);
5766 ldap_unbind(ld);
5767 free(url);
5768 return 1;
5769 }
5770
5771 /* get entry */
5772 if ((entry = ldap_first_entry(ld, res)) == NULL)
5773 {
5774 /* should never happen */
5775 libpq_append_error(errorMessage, "no entry found on LDAP lookup");
5776 ldap_msgfree(res);
5777 ldap_unbind(ld);
5778 free(url);
5779 return 1;
5780 }
5781
5782 /* get values */
5783 if ((values = ldap_get_values_len(ld, entry, attrs[0])) == NULL)
5784 {
5785 libpq_append_error(errorMessage, "attribute has no values on LDAP lookup");
5786 ldap_msgfree(res);
5787 ldap_unbind(ld);
5788 free(url);
5789 return 1;
5790 }
5791
5792 ldap_msgfree(res);
5793 free(url);
5794
5795 if (values[0] == NULL)
5796 {
5797 libpq_append_error(errorMessage, "attribute has no values on LDAP lookup");
5798 ldap_value_free_len(values);
5799 ldap_unbind(ld);
5800 return 1;
5801 }
5802
5803 /* concatenate values into a single string with newline terminators */
5804 size = 1; /* for the trailing null */
5805 for (i = 0; values[i] != NULL; i++)
5806 {
5807 if (values[i]->bv_len >= INT_MAX ||
5808 size > (INT_MAX - (values[i]->bv_len + 1)))
5809 {
5810 libpq_append_error(errorMessage,
5811 "connection info string size exceeds the maximum allowed (%d)",
5812 INT_MAX);
5813 ldap_value_free_len(values);
5814 ldap_unbind(ld);
5815 return 3;
5816 }
5817
5818 size += values[i]->bv_len + 1;
5819 }
5820
5821 if ((result = malloc(size)) == NULL)
5822 {
5823 libpq_append_error(errorMessage, "out of memory");
5824 ldap_value_free_len(values);
5825 ldap_unbind(ld);
5826 return 3;
5827 }
5828 p = result;
5829 for (i = 0; values[i] != NULL; i++)
5830 {
5831 memcpy(p, values[i]->bv_val, values[i]->bv_len);
5832 p += values[i]->bv_len;
5833 *(p++) = '\n';
5834 }
5835 *p = '\0';
5836
5837 ldap_value_free_len(values);
5838 ldap_unbind(ld);
5839
5840 /* parse result string */
5841 oldstate = state = 0;
5842 for (p = result; *p != '\0'; ++p)
5843 {
5844 switch (state)
5845 {
5846 case 0: /* between entries */
5847 if (!ld_is_sp_tab(*p) && !ld_is_nl_cr(*p))
5848 {
5849 optname = p;
5850 state = 1;
5851 }
5852 break;
5853 case 1: /* in option name */
5854 if (ld_is_sp_tab(*p))
5855 {
5856 *p = '\0';
5857 state = 2;
5858 }
5859 else if (ld_is_nl_cr(*p))
5860 {
5861 libpq_append_error(errorMessage,
5862 "missing \"=\" after \"%s\" in connection info string",
5863 optname);
5864 free(result);
5865 return 3;
5866 }
5867 else if (*p == '=')
5868 {
5869 *p = '\0';
5870 state = 3;
5871 }
5872 break;
5873 case 2: /* after option name */
5874 if (*p == '=')
5875 {
5876 state = 3;
5877 }
5878 else if (!ld_is_sp_tab(*p))
5879 {
5880 libpq_append_error(errorMessage,
5881 "missing \"=\" after \"%s\" in connection info string",
5882 optname);
5883 free(result);
5884 return 3;
5885 }
5886 break;
5887 case 3: /* before option value */
5888 if (*p == '\'')
5889 {
5890 optval = p + 1;
5891 p1 = p + 1;
5892 state = 5;
5893 }
5894 else if (ld_is_nl_cr(*p))
5895 {
5896 optval = optname + strlen(optname); /* empty */
5897 state = 0;
5898 }
5899 else if (!ld_is_sp_tab(*p))
5900 {
5901 optval = p;
5902 state = 4;
5903 }
5904 break;
5905 case 4: /* in unquoted option value */
5906 if (ld_is_sp_tab(*p) || ld_is_nl_cr(*p))
5907 {
5908 *p = '\0';
5909 state = 0;
5910 }
5911 break;
5912 case 5: /* in quoted option value */
5913 if (*p == '\'')
5914 {
5915 *p1 = '\0';
5916 state = 0;
5917 }
5918 else if (*p == '\\')
5919 state = 6;
5920 else
5921 *(p1++) = *p;
5922 break;
5923 case 6: /* in quoted option value after escape */
5924 *(p1++) = *p;
5925 state = 5;
5926 break;
5927 }
5928
5929 if (state == 0 && oldstate != 0)
5930 {
5931 found_keyword = false;
5932 for (i = 0; options[i].keyword; i++)
5933 {
5934 if (strcmp(options[i].keyword, optname) == 0)
5935 {
5936 if (options[i].val == NULL)
5937 {
5938 options[i].val = strdup(optval);
5939 if (!options[i].val)
5940 {
5941 libpq_append_error(errorMessage, "out of memory");
5942 free(result);
5943 return 3;
5944 }
5945 }
5946 found_keyword = true;
5947 break;
5948 }
5949 }
5950 if (!found_keyword)
5951 {
5952 libpq_append_error(errorMessage, "invalid connection option \"%s\"", optname);
5953 free(result);
5954 return 1;
5955 }
5956 optname = NULL;
5957 optval = NULL;
5958 }
5959 oldstate = state;
5960 }
5961
5962 free(result);
5963
5964 if (state == 5 || state == 6)
5965 {
5966 libpq_append_error(errorMessage,
5967 "unterminated quoted string in connection info string");
5968 return 3;
5969 }
5970
5971 return 0;
5972}
5973
5974#endif /* USE_LDAP */
5975
5976/*
5977 * parseServiceInfo: if a service name has been given, look it up and absorb
5978 * connection options from it into *options.
5979 *
5980 * Returns 0 on success, nonzero on failure. On failure, if errorMessage
5981 * isn't null, also store an error message there. (Note: the only reason
5982 * this function and related ones don't dump core on errorMessage == NULL
5983 * is the undocumented fact that appendPQExpBuffer does nothing when passed
5984 * a null PQExpBuffer pointer.)
5985 */
5986static int
5987parseServiceInfo(PQconninfoOption *options, PQExpBuffer errorMessage)
5988{
5989 const char *service = conninfo_getval(options, "service");
5990 const char *service_fname = conninfo_getval(options, "servicefile");
5991 char serviceFile[MAXPGPATH];
5992 char *env;
5993 bool group_found = false;
5994 int status;
5995 struct stat stat_buf;
5996
5997 /*
5998 * We have to special-case the environment variable PGSERVICE here, since
5999 * this is and should be called before inserting environment defaults for
6000 * other connection options.
6001 */
6002 if (service == NULL)
6003 service = getenv("PGSERVICE");
6004
6005 /* If no service name given, nothing to do */
6006 if (service == NULL)
6007 return 0;
6008
6009 /*
6010 * First, try the "servicefile" option in connection string. Then, try
6011 * the PGSERVICEFILE environment variable. Finally, check
6012 * ~/.pg_service.conf (if that exists).
6013 */
6014 if (service_fname != NULL)
6015 strlcpy(serviceFile, service_fname, sizeof(serviceFile));
6016 else if ((env = getenv("PGSERVICEFILE")) != NULL)
6017 strlcpy(serviceFile, env, sizeof(serviceFile));
6018 else
6019 {
6020 char homedir[MAXPGPATH];
6021
6022 if (!pqGetHomeDirectory(homedir, sizeof(homedir)))
6023 goto next_file;
6024 snprintf(serviceFile, MAXPGPATH, "%s/%s", homedir, ".pg_service.conf");
6025 if (stat(serviceFile, &stat_buf) != 0)
6026 goto next_file;
6027 }
6028
6029 status = parseServiceFile(serviceFile, service, options, errorMessage, &group_found);
6030 if (group_found || status != 0)
6031 return status;
6032
6033next_file:
6034
6035 /*
6036 * This could be used by any application so we can't use the binary
6037 * location to find our config files.
6038 */
6039 snprintf(serviceFile, MAXPGPATH, "%s/pg_service.conf",
6040 getenv("PGSYSCONFDIR") ? getenv("PGSYSCONFDIR") : SYSCONFDIR);
6041 if (stat(serviceFile, &stat_buf) != 0)
6042 goto last_file;
6043
6044 status = parseServiceFile(serviceFile, service, options, errorMessage, &group_found);
6045 if (status != 0)
6046 return status;
6047
6048last_file:
6049 if (!group_found)
6050 {
6051 libpq_append_error(errorMessage, "definition of service \"%s\" not found", service);
6052 return 3;
6053 }
6054
6055 return 0;
6056}
6057
6058static int
6059parseServiceFile(const char *serviceFile,
6060 const char *service,
6061 PQconninfoOption *options,
6062 PQExpBuffer errorMessage,
6063 bool *group_found)
6064{
6065 int result = 0,
6066 linenr = 0,
6067 i;
6068 FILE *f;
6069 char *line;
6070 char buf[1024];
6071
6072 *group_found = false;
6073
6074 f = fopen(serviceFile, "r");
6075 if (f == NULL)
6076 {
6077 libpq_append_error(errorMessage, "service file \"%s\" not found", serviceFile);
6078 return 1;
6079 }
6080
6081 while ((line = fgets(buf, sizeof(buf), f)) != NULL)
6082 {
6083 int len;
6084
6085 linenr++;
6086
6087 if (strlen(line) >= sizeof(buf) - 1)
6088 {
6089 libpq_append_error(errorMessage,
6090 "line %d too long in service file \"%s\"",
6091 linenr,
6092 serviceFile);
6093 result = 2;
6094 goto exit;
6095 }
6096
6097 /* ignore whitespace at end of line, especially the newline */
6098 len = strlen(line);
6099 while (len > 0 && isspace((unsigned char) line[len - 1]))
6100 line[--len] = '\0';
6101
6102 /* ignore leading whitespace too */
6103 while (*line && isspace((unsigned char) line[0]))
6104 line++;
6105
6106 /* ignore comments and empty lines */
6107 if (line[0] == '\0' || line[0] == '#')
6108 continue;
6109
6110 /* Check for right groupname */
6111 if (line[0] == '[')
6112 {
6113 if (*group_found)
6114 {
6115 /* end of desired group reached; return success */
6116 goto exit;
6117 }
6118
6119 if (strncmp(line + 1, service, strlen(service)) == 0 &&
6120 line[strlen(service) + 1] == ']')
6121 *group_found = true;
6122 else
6123 *group_found = false;
6124 }
6125 else
6126 {
6127 if (*group_found)
6128 {
6129 /*
6130 * Finally, we are in the right group and can parse the line
6131 */
6132 char *key,
6133 *val;
6134 bool found_keyword;
6135
6136#ifdef USE_LDAP
6137 if (strncmp(line, "ldap", 4) == 0)
6138 {
6139 int rc = ldapServiceLookup(line, options, errorMessage);
6140
6141 /* if rc = 2, go on reading for fallback */
6142 switch (rc)
6143 {
6144 case 0:
6145 goto exit;
6146 case 1:
6147 case 3:
6148 result = 3;
6149 goto exit;
6150 case 2:
6151 continue;
6152 }
6153 }
6154#endif
6155
6156 key = line;
6157 val = strchr(line, '=');
6158 if (val == NULL)
6159 {
6160 libpq_append_error(errorMessage,
6161 "syntax error in service file \"%s\", line %d",
6162 serviceFile,
6163 linenr);
6164 result = 3;
6165 goto exit;
6166 }
6167 *val++ = '\0';
6168
6169 if (strcmp(key, "service") == 0)
6170 {
6171 libpq_append_error(errorMessage,
6172 "nested \"service\" specifications not supported in service file \"%s\", line %d",
6173 serviceFile,
6174 linenr);
6175 result = 3;
6176 goto exit;
6177 }
6178
6179 if (strcmp(key, "servicefile") == 0)
6180 {
6181 libpq_append_error(errorMessage,
6182 "nested \"servicefile\" specifications not supported in service file \"%s\", line %d",
6183 serviceFile,
6184 linenr);
6185 result = 3;
6186 goto exit;
6187 }
6188
6189 /*
6190 * Set the parameter --- but don't override any previous
6191 * explicit setting.
6192 */
6193 found_keyword = false;
6194 for (i = 0; options[i].keyword; i++)
6195 {
6196 if (strcmp(options[i].keyword, key) == 0)
6197 {
6198 if (options[i].val == NULL)
6199 options[i].val = strdup(val);
6200 if (!options[i].val)
6201 {
6202 libpq_append_error(errorMessage, "out of memory");
6203 result = 3;
6204 goto exit;
6205 }
6206 found_keyword = true;
6207 break;
6208 }
6209 }
6210
6211 if (!found_keyword)
6212 {
6213 libpq_append_error(errorMessage,
6214 "syntax error in service file \"%s\", line %d",
6215 serviceFile,
6216 linenr);
6217 result = 3;
6218 goto exit;
6219 }
6220 }
6221 }
6222 }
6223
6224exit:
6225
6226 /*
6227 * If a service has been successfully found, set the "servicefile" option
6228 * if not already set. This matters when we use a default service file or
6229 * PGSERVICEFILE, where we want to be able track the value.
6230 */
6231 if (*group_found && result == 0)
6232 {
6233 for (i = 0; options[i].keyword; i++)
6234 {
6235 if (strcmp(options[i].keyword, "servicefile") != 0)
6236 continue;
6237
6238 /* If value is already set, nothing to do */
6239 if (options[i].val != NULL)
6240 break;
6241
6242 options[i].val = strdup(serviceFile);
6243 if (options[i].val == NULL)
6244 {
6245 libpq_append_error(errorMessage, "out of memory");
6246 result = 3;
6247 }
6248 break;
6249 }
6250 }
6251
6252 fclose(f);
6253
6254 return result;
6255}
6256
6257
6258/*
6259 * PQconninfoParse
6260 *
6261 * Parse a string like PQconnectdb() would do and return the
6262 * resulting connection options array. NULL is returned on failure.
6263 * The result contains only options specified directly in the string,
6264 * not any possible default values.
6265 *
6266 * If errmsg isn't NULL, *errmsg is set to NULL on success, or a malloc'd
6267 * string on failure (use PQfreemem to free it). In out-of-memory conditions
6268 * both *errmsg and the result could be NULL.
6269 *
6270 * NOTE: the returned array is dynamically allocated and should
6271 * be freed when no longer needed via PQconninfoFree().
6272 */
6273PQconninfoOption *
6274PQconninfoParse(const char *conninfo, char **errmsg)
6275{
6276 PQExpBufferData errorBuf;
6277 PQconninfoOption *connOptions;
6278
6279 if (errmsg)
6280 *errmsg = NULL; /* default */
6281 initPQExpBuffer(&errorBuf);
6282 if (PQExpBufferDataBroken(errorBuf))
6283 return NULL; /* out of memory already :-( */
6284 connOptions = parse_connection_string(conninfo, &errorBuf, false);
6285 if (connOptions == NULL && errmsg)
6286 *errmsg = errorBuf.data;
6287 else
6288 termPQExpBuffer(&errorBuf);
6289 return connOptions;
6290}
6291
6292/*
6293 * Build a working copy of the constant PQconninfoOptions array.
6294 */
6295static PQconninfoOption *
6296conninfo_init(PQExpBuffer errorMessage)
6297{
6298 PQconninfoOption *options;
6299 PQconninfoOption *opt_dest;
6300 const internalPQconninfoOption *cur_opt;
6301
6302 /*
6303 * Get enough memory for all options in PQconninfoOptions, even if some
6304 * end up being filtered out.
6305 */
6306 options = (PQconninfoOption *) malloc(sizeof(PQconninfoOption) * sizeof(PQconninfoOptions) / sizeof(PQconninfoOptions[0]));
6307 if (options == NULL)
6308 {
6309 libpq_append_error(errorMessage, "out of memory");
6310 return NULL;
6311 }
6312 opt_dest = options;
6313
6314 for (cur_opt = PQconninfoOptions; cur_opt->keyword; cur_opt++)
6315 {
6316 /* Only copy the public part of the struct, not the full internal */
6317 memcpy(opt_dest, cur_opt, sizeof(PQconninfoOption));
6318 opt_dest++;
6319 }
6320 MemSet(opt_dest, 0, sizeof(PQconninfoOption));
6321
6322 return options;
6323}
6324
6325/*
6326 * Connection string parser
6327 *
6328 * Returns a malloc'd PQconninfoOption array, if parsing is successful.
6329 * Otherwise, NULL is returned and an error message is added to errorMessage.
6330 *
6331 * If use_defaults is true, default values are filled in (from a service file,
6332 * environment variables, etc).
6333 */
6334static PQconninfoOption *
6335parse_connection_string(const char *connstr, PQExpBuffer errorMessage,
6336 bool use_defaults)
6337{
6338 /* Parse as URI if connection string matches URI prefix */
6339 if (uri_prefix_length(connstr) != 0)
6340 return conninfo_uri_parse(connstr, errorMessage, use_defaults);
6341
6342 /* Parse as default otherwise */
6343 return conninfo_parse(connstr, errorMessage, use_defaults);
6344}
6345
6346/*
6347 * Checks if connection string starts with either of the valid URI prefix
6348 * designators.
6349 *
6350 * Returns the URI prefix length, 0 if the string doesn't contain a URI prefix.
6351 *
6352 * XXX this is duplicated in psql/common.c.
6353 */
6354static int
6355uri_prefix_length(const char *connstr)
6356{
6357 if (strncmp(connstr, uri_designator,
6358 sizeof(uri_designator) - 1) == 0)
6359 return sizeof(uri_designator) - 1;
6360
6361 if (strncmp(connstr, short_uri_designator,
6362 sizeof(short_uri_designator) - 1) == 0)
6363 return sizeof(short_uri_designator) - 1;
6364
6365 return 0;
6366}
6367
6368/*
6369 * Recognized connection string either starts with a valid URI prefix or
6370 * contains a "=" in it.
6371 *
6372 * Must be consistent with parse_connection_string: anything for which this
6373 * returns true should at least look like it's parseable by that routine.
6374 *
6375 * XXX this is duplicated in psql/common.c
6376 */
6377static bool
6378recognized_connection_string(const char *connstr)
6379{
6380 return uri_prefix_length(connstr) != 0 || strchr(connstr, '=') != NULL;
6381}
6382
6383/*
6384 * Subroutine for parse_connection_string
6385 *
6386 * Deal with a string containing key=value pairs.
6387 */
6388static PQconninfoOption *
6389conninfo_parse(const char *conninfo, PQExpBuffer errorMessage,
6390 bool use_defaults)
6391{
6392 char *pname;
6393 char *pval;
6394 char *buf;
6395 char *cp;
6396 char *cp2;
6397 PQconninfoOption *options;
6398
6399 /* Make a working copy of PQconninfoOptions */
6400 options = conninfo_init(errorMessage);
6401 if (options == NULL)
6402 return NULL;
6403
6404 /* Need a modifiable copy of the input string */
6405 if ((buf = strdup(conninfo)) == NULL)
6406 {
6407 libpq_append_error(errorMessage, "out of memory");
6408 PQconninfoFree(options);
6409 return NULL;
6410 }
6411 cp = buf;
6412
6413 while (*cp)
6414 {
6415 /* Skip blanks before the parameter name */
6416 if (isspace((unsigned char) *cp))
6417 {
6418 cp++;
6419 continue;
6420 }
6421
6422 /* Get the parameter name */
6423 pname = cp;
6424 while (*cp)
6425 {
6426 if (*cp == '=')
6427 break;
6428 if (isspace((unsigned char) *cp))
6429 {
6430 *cp++ = '\0';
6431 while (*cp)
6432 {
6433 if (!isspace((unsigned char) *cp))
6434 break;
6435 cp++;
6436 }
6437 break;
6438 }
6439 cp++;
6440 }
6441
6442 /* Check that there is a following '=' */
6443 if (*cp != '=')
6444 {
6445 libpq_append_error(errorMessage,
6446 "missing \"=\" after \"%s\" in connection info string",
6447 pname);
6448 PQconninfoFree(options);
6449 free(buf);
6450 return NULL;
6451 }
6452 *cp++ = '\0';
6453
6454 /* Skip blanks after the '=' */
6455 while (*cp)
6456 {
6457 if (!isspace((unsigned char) *cp))
6458 break;
6459 cp++;
6460 }
6461
6462 /* Get the parameter value */
6463 pval = cp;
6464
6465 if (*cp != '\'')
6466 {
6467 cp2 = pval;
6468 while (*cp)
6469 {
6470 if (isspace((unsigned char) *cp))
6471 {
6472 *cp++ = '\0';
6473 break;
6474 }
6475 if (*cp == '\\')
6476 {
6477 cp++;
6478 if (*cp != '\0')
6479 *cp2++ = *cp++;
6480 }
6481 else
6482 *cp2++ = *cp++;
6483 }
6484 *cp2 = '\0';
6485 }
6486 else
6487 {
6488 cp2 = pval;
6489 cp++;
6490 for (;;)
6491 {
6492 if (*cp == '\0')
6493 {
6494 libpq_append_error(errorMessage, "unterminated quoted string in connection info string");
6495 PQconninfoFree(options);
6496 free(buf);
6497 return NULL;
6498 }
6499 if (*cp == '\\')
6500 {
6501 cp++;
6502 if (*cp != '\0')
6503 *cp2++ = *cp++;
6504 continue;
6505 }
6506 if (*cp == '\'')
6507 {
6508 *cp2 = '\0';
6509 cp++;
6510 break;
6511 }
6512 *cp2++ = *cp++;
6513 }
6514 }
6515
6516 /*
6517 * Now that we have the name and the value, store the record.
6518 */
6519 if (!conninfo_storeval(options, pname, pval, errorMessage, false, false))
6520 {
6521 PQconninfoFree(options);
6522 free(buf);
6523 return NULL;
6524 }
6525 }
6526
6527 /* Done with the modifiable input string */
6528 free(buf);
6529
6530 /*
6531 * Add in defaults if the caller wants that.
6532 */
6533 if (use_defaults)
6534 {
6535 if (!conninfo_add_defaults(options, errorMessage))
6536 {
6537 PQconninfoFree(options);
6538 return NULL;
6539 }
6540 }
6541
6542 return options;
6543}
6544
6545/*
6546 * Conninfo array parser routine
6547 *
6548 * If successful, a malloc'd PQconninfoOption array is returned.
6549 * If not successful, NULL is returned and an error message is
6550 * appended to errorMessage.
6551 * Defaults are supplied (from a service file, environment variables, etc)
6552 * for unspecified options, but only if use_defaults is true.
6553 *
6554 * If expand_dbname is non-zero, and the value passed for the first occurrence
6555 * of "dbname" keyword is a connection string (as indicated by
6556 * recognized_connection_string) then parse and process it, overriding any
6557 * previously processed conflicting keywords. Subsequent keywords will take
6558 * precedence, however. In-tree programs generally specify expand_dbname=true,
6559 * so command-line arguments naming a database can use a connection string.
6560 * Some code acquires arbitrary database names from known-literal sources like
6561 * PQdb(), PQconninfoParse() and pg_database.datname. When connecting to such
6562 * a database, in-tree code first wraps the name in a connection string.
6563 */
6564static PQconninfoOption *
6565conninfo_array_parse(const char *const *keywords, const char *const *values,
6566 PQExpBuffer errorMessage, bool use_defaults,
6567 int expand_dbname)
6568{
6569 PQconninfoOption *options;
6570 PQconninfoOption *dbname_options = NULL;
6571 PQconninfoOption *option;
6572 int i = 0;
6573
6574 /*
6575 * If expand_dbname is non-zero, check keyword "dbname" to see if val is
6576 * actually a recognized connection string.
6577 */
6578 while (expand_dbname && keywords[i])
6579 {
6580 const char *pname = keywords[i];
6581 const char *pvalue = values[i];
6582
6583 /* first find "dbname" if any */
6584 if (strcmp(pname, "dbname") == 0 && pvalue)
6585 {
6586 /*
6587 * If value is a connection string, parse it, but do not use
6588 * defaults here -- those get picked up later. We only want to
6589 * override for those parameters actually passed.
6590 */
6591 if (recognized_connection_string(pvalue))
6592 {
6593 dbname_options = parse_connection_string(pvalue, errorMessage, false);
6594 if (dbname_options == NULL)
6595 return NULL;
6596 }
6597 break;
6598 }
6599 ++i;
6600 }
6601
6602 /* Make a working copy of PQconninfoOptions */
6603 options = conninfo_init(errorMessage);
6604 if (options == NULL)
6605 {
6606 PQconninfoFree(dbname_options);
6607 return NULL;
6608 }
6609
6610 /* Parse the keywords/values arrays */
6611 i = 0;
6612 while (keywords[i])
6613 {
6614 const char *pname = keywords[i];
6615 const char *pvalue = values[i];
6616
6617 if (pvalue != NULL && pvalue[0] != '\0')
6618 {
6619 /* Search for the param record */
6620 for (option = options; option->keyword != NULL; option++)
6621 {
6622 if (strcmp(option->keyword, pname) == 0)
6623 break;
6624 }
6625
6626 /* Check for invalid connection option */
6627 if (option->keyword == NULL)
6628 {
6629 libpq_append_error(errorMessage, "invalid connection option \"%s\"", pname);
6630 PQconninfoFree(options);
6631 PQconninfoFree(dbname_options);
6632 return NULL;
6633 }
6634
6635 /*
6636 * If we are on the first dbname parameter, and we have a parsed
6637 * connection string, copy those parameters across, overriding any
6638 * existing previous settings.
6639 */
6640 if (strcmp(pname, "dbname") == 0 && dbname_options)
6641 {
6642 PQconninfoOption *str_option;
6643
6644 for (str_option = dbname_options; str_option->keyword != NULL; str_option++)
6645 {
6646 if (str_option->val != NULL)
6647 {
6648 int k;
6649
6650 for (k = 0; options[k].keyword; k++)
6651 {
6652 if (strcmp(options[k].keyword, str_option->keyword) == 0)
6653 {
6654 free(options[k].val);
6655 options[k].val = strdup(str_option->val);
6656 if (!options[k].val)
6657 {
6658 libpq_append_error(errorMessage, "out of memory");
6659 PQconninfoFree(options);
6660 PQconninfoFree(dbname_options);
6661 return NULL;
6662 }
6663 break;
6664 }
6665 }
6666 }
6667 }
6668
6669 /*
6670 * Forget the parsed connection string, so that any subsequent
6671 * dbname parameters will not be expanded.
6672 */
6673 PQconninfoFree(dbname_options);
6674 dbname_options = NULL;
6675 }
6676 else
6677 {
6678 /*
6679 * Store the value, overriding previous settings
6680 */
6681 free(option->val);
6682 option->val = strdup(pvalue);
6683 if (!option->val)
6684 {
6685 libpq_append_error(errorMessage, "out of memory");
6686 PQconninfoFree(options);
6687 PQconninfoFree(dbname_options);
6688 return NULL;
6689 }
6690 }
6691 }
6692 ++i;
6693 }
6694 PQconninfoFree(dbname_options);
6695
6696 /*
6697 * Add in defaults if the caller wants that.
6698 */
6699 if (use_defaults)
6700 {
6701 if (!conninfo_add_defaults(options, errorMessage))
6702 {
6703 PQconninfoFree(options);
6704 return NULL;
6705 }
6706 }
6707
6708 return options;
6709}
6710
6711/*
6712 * Add the default values for any unspecified options to the connection
6713 * options array.
6714 *
6715 * Defaults are obtained from a service file, environment variables, etc.
6716 *
6717 * Returns true if successful, otherwise false; errorMessage, if supplied,
6718 * is filled in upon failure. Note that failure to locate a default value
6719 * is not an error condition here --- we just leave the option's value as
6720 * NULL.
6721 */
6722static bool
6723conninfo_add_defaults(PQconninfoOption *options, PQExpBuffer errorMessage)
6724{
6725 PQconninfoOption *option;
6726 PQconninfoOption *sslmode_default = NULL,
6727 *sslrootcert = NULL;
6728 char *tmp;
6729
6730 /*
6731 * If there's a service spec, use it to obtain any not-explicitly-given
6732 * parameters. Ignore error if no error message buffer is passed because
6733 * there is no way to pass back the failure message.
6734 */
6735 if (parseServiceInfo(options, errorMessage) != 0 && errorMessage)
6736 return false;
6737
6738 /*
6739 * Get the fallback resources for parameters not specified in the conninfo
6740 * string nor the service.
6741 */
6742 for (option = options; option->keyword != NULL; option++)
6743 {
6744 if (strcmp(option->keyword, "sslrootcert") == 0)
6745 sslrootcert = option; /* save for later */
6746
6747 if (option->val != NULL)
6748 continue; /* Value was in conninfo or service */
6749
6750 /*
6751 * Try to get the environment variable fallback
6752 */
6753 if (option->envvar != NULL)
6754 {
6755 if ((tmp = getenv(option->envvar)) != NULL)
6756 {
6757 option->val = strdup(tmp);
6758 if (!option->val)
6759 {
6760 if (errorMessage)
6761 libpq_append_error(errorMessage, "out of memory");
6762 return false;
6763 }
6764 continue;
6765 }
6766 }
6767
6768 /*
6769 * Interpret the deprecated PGREQUIRESSL environment variable. Per
6770 * tradition, translate values starting with "1" to sslmode=require,
6771 * and ignore other values. Given both PGREQUIRESSL=1 and PGSSLMODE,
6772 * PGSSLMODE takes precedence; the opposite was true before v9.3.
6773 */
6774 if (strcmp(option->keyword, "sslmode") == 0)
6775 {
6776 const char *requiresslenv = getenv("PGREQUIRESSL");
6777
6778 if (requiresslenv != NULL && requiresslenv[0] == '1')
6779 {
6780 option->val = strdup("require");
6781 if (!option->val)
6782 {
6783 if (errorMessage)
6784 libpq_append_error(errorMessage, "out of memory");
6785 return false;
6786 }
6787 continue;
6788 }
6789
6790 /*
6791 * sslmode is not specified. Let it be filled in with the compiled
6792 * default for now, but if sslrootcert=system, we'll override the
6793 * default later before returning.
6794 */
6795 sslmode_default = option;
6796 }
6797
6798 /*
6799 * No environment variable specified or the variable isn't set - try
6800 * compiled-in default
6801 */
6802 if (option->compiled != NULL)
6803 {
6804 option->val = strdup(option->compiled);
6805 if (!option->val)
6806 {
6807 if (errorMessage)
6808 libpq_append_error(errorMessage, "out of memory");
6809 return false;
6810 }
6811 continue;
6812 }
6813
6814 /*
6815 * Special handling for "user" option. Note that if pg_fe_getauthname
6816 * fails, we just leave the value as NULL; there's no need for this to
6817 * be an error condition if the caller provides a user name. The only
6818 * reason we do this now at all is so that callers of PQconndefaults
6819 * will see a correct default (barring error, of course).
6820 */
6821 if (strcmp(option->keyword, "user") == 0)
6822 {
6823 option->val = pg_fe_getauthname(NULL);
6824 continue;
6825 }
6826 }
6827
6828 /*
6829 * Special handling for sslrootcert=system with no sslmode explicitly
6830 * defined. In this case we want to strengthen the default sslmode to
6831 * verify-full.
6832 */
6833 if (sslmode_default && sslrootcert)
6834 {
6835 if (sslrootcert->val && strcmp(sslrootcert->val, "system") == 0)
6836 {
6837 free(sslmode_default->val);
6838
6839 sslmode_default->val = strdup("verify-full");
6840 if (!sslmode_default->val)
6841 {
6842 if (errorMessage)
6843 libpq_append_error(errorMessage, "out of memory");
6844 return false;
6845 }
6846 }
6847 }
6848
6849 return true;
6850}
6851
6852/*
6853 * Subroutine for parse_connection_string
6854 *
6855 * Deal with a URI connection string.
6856 */
6857static PQconninfoOption *
6858conninfo_uri_parse(const char *uri, PQExpBuffer errorMessage,
6859 bool use_defaults)
6860{
6861 PQconninfoOption *options;
6862
6863 /* Make a working copy of PQconninfoOptions */
6864 options = conninfo_init(errorMessage);
6865 if (options == NULL)
6866 return NULL;
6867
6868 if (!conninfo_uri_parse_options(options, uri, errorMessage))
6869 {
6870 PQconninfoFree(options);
6871 return NULL;
6872 }
6873
6874 /*
6875 * Add in defaults if the caller wants that.
6876 */
6877 if (use_defaults)
6878 {
6879 if (!conninfo_add_defaults(options, errorMessage))
6880 {
6881 PQconninfoFree(options);
6882 return NULL;
6883 }
6884 }
6885
6886 return options;
6887}
6888
6889/*
6890 * conninfo_uri_parse_options
6891 * Actual URI parser.
6892 *
6893 * If successful, returns true while the options array is filled with parsed
6894 * options from the URI.
6895 * If not successful, returns false and fills errorMessage accordingly.
6896 *
6897 * Parses the connection URI string in 'uri' according to the URI syntax (RFC
6898 * 3986):
6899 *
6900 * postgresql://[user[:password]@][netloc][:port][/dbname][?param1=value1&...]
6901 *
6902 * where "netloc" is a hostname, an IPv4 address, or an IPv6 address surrounded
6903 * by literal square brackets. As an extension, we also allow multiple
6904 * netloc[:port] specifications, separated by commas:
6905 *
6906 * postgresql://[user[:password]@][netloc][:port][,...][/dbname][?param1=value1&...]
6907 *
6908 * Any of the URI parts might use percent-encoding (%xy).
6909 */
6910static bool
6911conninfo_uri_parse_options(PQconninfoOption *options, const char *uri,
6912 PQExpBuffer errorMessage)
6913{
6914 int prefix_len;
6915 char *p;
6916 char *buf = NULL;
6917 char *start;
6918 char prevchar = '\0';
6919 char *user = NULL;
6920 char *host = NULL;
6921 bool retval = false;
6922 PQExpBufferData hostbuf;
6923 PQExpBufferData portbuf;
6924
6925 initPQExpBuffer(&hostbuf);
6926 initPQExpBuffer(&portbuf);
6927 if (PQExpBufferDataBroken(hostbuf) || PQExpBufferDataBroken(portbuf))
6928 {
6929 libpq_append_error(errorMessage, "out of memory");
6930 goto cleanup;
6931 }
6932
6933 /* need a modifiable copy of the input URI */
6934 buf = strdup(uri);
6935 if (buf == NULL)
6936 {
6937 libpq_append_error(errorMessage, "out of memory");
6938 goto cleanup;
6939 }
6940 start = buf;
6941
6942 /* Skip the URI prefix */
6943 prefix_len = uri_prefix_length(uri);
6944 if (prefix_len == 0)
6945 {
6946 /* Should never happen */
6947 libpq_append_error(errorMessage,
6948 "invalid URI propagated to internal parser routine: \"%s\"",
6949 uri);
6950 goto cleanup;
6951 }
6952 start += prefix_len;
6953 p = start;
6954
6955 /* Look ahead for possible user credentials designator */
6956 while (*p && *p != '@' && *p != '/')
6957 ++p;
6958 if (*p == '@')
6959 {
6960 /*
6961 * Found username/password designator, so URI should be of the form
6962 * "scheme://user[:password]@[netloc]".
6963 */
6964 user = start;
6965
6966 p = user;
6967 while (*p != ':' && *p != '@')
6968 ++p;
6969
6970 /* Save last char and cut off at end of user name */
6971 prevchar = *p;
6972 *p = '\0';
6973
6974 if (*user &&
6975 !conninfo_storeval(options, "user", user,
6976 errorMessage, false, true))
6977 goto cleanup;
6978
6979 if (prevchar == ':')
6980 {
6981 const char *password = p + 1;
6982
6983 while (*p != '@')
6984 ++p;
6985 *p = '\0';
6986
6987 if (*password &&
6988 !conninfo_storeval(options, "password", password,
6989 errorMessage, false, true))
6990 goto cleanup;
6991 }
6992
6993 /* Advance past end of parsed user name or password token */
6994 ++p;
6995 }
6996 else
6997 {
6998 /*
6999 * No username/password designator found. Reset to start of URI.
7000 */
7001 p = start;
7002 }
7003
7004 /*
7005 * There may be multiple netloc[:port] pairs, each separated from the next
7006 * by a comma. When we initially enter this loop, "p" has been
7007 * incremented past optional URI credential information at this point and
7008 * now points at the "netloc" part of the URI. On subsequent loop
7009 * iterations, "p" has been incremented past the comma separator and now
7010 * points at the start of the next "netloc".
7011 */
7012 for (;;)
7013 {
7014 /*
7015 * Look for IPv6 address.
7016 */
7017 if (*p == '[')
7018 {
7019 host = ++p;
7020 while (*p && *p != ']')
7021 ++p;
7022 if (!*p)
7023 {
7024 libpq_append_error(errorMessage,
7025 "end of string reached when looking for matching \"]\" in IPv6 host address in URI: \"%s\"",
7026 uri);
7027 goto cleanup;
7028 }
7029 if (p == host)
7030 {
7031 libpq_append_error(errorMessage,
7032 "IPv6 host address may not be empty in URI: \"%s\"",
7033 uri);
7034 goto cleanup;
7035 }
7036
7037 /* Cut off the bracket and advance */
7038 *(p++) = '\0';
7039
7040 /*
7041 * The address may be followed by a port specifier or a slash or a
7042 * query or a separator comma.
7043 */
7044 if (*p && *p != ':' && *p != '/' && *p != '?' && *p != ',')
7045 {
7046 libpq_append_error(errorMessage,
7047 "unexpected character \"%c\" at position %d in URI (expected \":\" or \"/\"): \"%s\"",
7048 *p, (int) (p - buf + 1), uri);
7049 goto cleanup;
7050 }
7051 }
7052 else
7053 {
7054 /* not an IPv6 address: DNS-named or IPv4 netloc */
7055 host = p;
7056
7057 /*
7058 * Look for port specifier (colon) or end of host specifier
7059 * (slash) or query (question mark) or host separator (comma).
7060 */
7061 while (*p && *p != ':' && *p != '/' && *p != '?' && *p != ',')
7062 ++p;
7063 }
7064
7065 /* Save the hostname terminator before we null it */
7066 prevchar = *p;
7067 *p = '\0';
7068
7069 appendPQExpBufferStr(&hostbuf, host);
7070
7071 if (prevchar == ':')
7072 {
7073 const char *port = ++p; /* advance past host terminator */
7074
7075 while (*p && *p != '/' && *p != '?' && *p != ',')
7076 ++p;
7077
7078 prevchar = *p;
7079 *p = '\0';
7080
7081 appendPQExpBufferStr(&portbuf, port);
7082 }
7083
7084 if (prevchar != ',')
7085 break;
7086 ++p; /* advance past comma separator */
7087 appendPQExpBufferChar(&hostbuf, ',');
7088 appendPQExpBufferChar(&portbuf, ',');
7089 }
7090
7091 /* Save final values for host and port. */
7092 if (PQExpBufferDataBroken(hostbuf) || PQExpBufferDataBroken(portbuf))
7093 goto cleanup;
7094 if (hostbuf.data[0] &&
7095 !conninfo_storeval(options, "host", hostbuf.data,
7096 errorMessage, false, true))
7097 goto cleanup;
7098 if (portbuf.data[0] &&
7099 !conninfo_storeval(options, "port", portbuf.data,
7100 errorMessage, false, true))
7101 goto cleanup;
7102
7103 if (prevchar && prevchar != '?')
7104 {
7105 const char *dbname = ++p; /* advance past host terminator */
7106
7107 /* Look for query parameters */
7108 while (*p && *p != '?')
7109 ++p;
7110
7111 prevchar = *p;
7112 *p = '\0';
7113
7114 /*
7115 * Avoid setting dbname to an empty string, as it forces the default
7116 * value (username) and ignores $PGDATABASE, as opposed to not setting
7117 * it at all.
7118 */
7119 if (*dbname &&
7120 !conninfo_storeval(options, "dbname", dbname,
7121 errorMessage, false, true))
7122 goto cleanup;
7123 }
7124
7125 if (prevchar)
7126 {
7127 ++p; /* advance past terminator */
7128
7129 if (!conninfo_uri_parse_params(p, options, errorMessage))
7130 goto cleanup;
7131 }
7132
7133 /* everything parsed okay */
7134 retval = true;
7135
7136cleanup:
7137 termPQExpBuffer(&hostbuf);
7138 termPQExpBuffer(&portbuf);
7139 free(buf);
7140 return retval;
7141}
7142
7143/*
7144 * Connection URI parameters parser routine
7145 *
7146 * If successful, returns true while connOptions is filled with parsed
7147 * parameters. Otherwise, returns false and fills errorMessage appropriately.
7148 *
7149 * Destructively modifies 'params' buffer.
7150 */
7151static bool
7152conninfo_uri_parse_params(char *params,
7153 PQconninfoOption *connOptions,
7154 PQExpBuffer errorMessage)
7155{
7156 while (*params)
7157 {
7158 char *keyword = params;
7159 char *value = NULL;
7160 char *p = params;
7161 bool malloced = false;
7162 int oldmsglen;
7163
7164 /*
7165 * Scan the params string for '=' and '&', marking the end of keyword
7166 * and value respectively.
7167 */
7168 for (;;)
7169 {
7170 if (*p == '=')
7171 {
7172 /* Was there '=' already? */
7173 if (value != NULL)
7174 {
7175 libpq_append_error(errorMessage,
7176 "extra key/value separator \"=\" in URI query parameter: \"%s\"",
7177 keyword);
7178 return false;
7179 }
7180 /* Cut off keyword, advance to value */
7181 *p++ = '\0';
7182 value = p;
7183 }
7184 else if (*p == '&' || *p == '\0')
7185 {
7186 /*
7187 * If not at the end, cut off value and advance; leave p
7188 * pointing to start of the next parameter, if any.
7189 */
7190 if (*p != '\0')
7191 *p++ = '\0';
7192 /* Was there '=' at all? */
7193 if (value == NULL)
7194 {
7195 libpq_append_error(errorMessage,
7196 "missing key/value separator \"=\" in URI query parameter: \"%s\"",
7197 keyword);
7198 return false;
7199 }
7200 /* Got keyword and value, go process them. */
7201 break;
7202 }
7203 else
7204 ++p; /* Advance over all other bytes. */
7205 }
7206
7207 keyword = conninfo_uri_decode(keyword, errorMessage);
7208 if (keyword == NULL)
7209 {
7210 /* conninfo_uri_decode already set an error message */
7211 return false;
7212 }
7213 value = conninfo_uri_decode(value, errorMessage);
7214 if (value == NULL)
7215 {
7216 /* conninfo_uri_decode already set an error message */
7217 free(keyword);
7218 return false;
7219 }
7220 malloced = true;
7221
7222 /*
7223 * Special keyword handling for improved JDBC compatibility.
7224 */
7225 if (strcmp(keyword, "ssl") == 0 &&
7226 strcmp(value, "true") == 0)
7227 {
7228 free(keyword);
7229 free(value);
7230 malloced = false;
7231
7232 keyword = "sslmode";
7233 value = "require";
7234 }
7235
7236 /*
7237 * Store the value if the corresponding option exists; ignore
7238 * otherwise. At this point both keyword and value are not
7239 * URI-encoded.
7240 */
7241 oldmsglen = errorMessage->len;
7242 if (!conninfo_storeval(connOptions, keyword, value,
7243 errorMessage, true, false))
7244 {
7245 /* Insert generic message if conninfo_storeval didn't give one. */
7246 if (errorMessage->len == oldmsglen)
7247 libpq_append_error(errorMessage,
7248 "invalid URI query parameter: \"%s\"",
7249 keyword);
7250 /* And fail. */
7251 if (malloced)
7252 {
7253 free(keyword);
7254 free(value);
7255 }
7256 return false;
7257 }
7258
7259 if (malloced)
7260 {
7261 free(keyword);
7262 free(value);
7263 }
7264
7265 /* Proceed to next key=value pair, if any */
7266 params = p;
7267 }
7268
7269 return true;
7270}
7271
7272/*
7273 * Connection URI decoder routine
7274 *
7275 * If successful, returns the malloc'd decoded string.
7276 * If not successful, returns NULL and fills errorMessage accordingly.
7277 *
7278 * The string is decoded by replacing any percent-encoded tokens with
7279 * corresponding characters, while preserving any non-encoded characters. A
7280 * percent-encoded token is a character triplet: a percent sign, followed by a
7281 * pair of hexadecimal digits (0-9A-F), where lower- and upper-case letters are
7282 * treated identically.
7283 */
7284static char *
7285conninfo_uri_decode(const char *str, PQExpBuffer errorMessage)
7286{
7287 char *buf; /* result */
7288 char *p; /* output location */
7289 const char *q = str; /* input location */
7290
7291 buf = malloc(strlen(str) + 1);
7292 if (buf == NULL)
7293 {
7294 libpq_append_error(errorMessage, "out of memory");
7295 return NULL;
7296 }
7297 p = buf;
7298
7299 /* skip leading whitespaces */
7300 for (const char *s = q; *s == ' '; s++)
7301 {
7302 q++;
7303 continue;
7304 }
7305
7306 for (;;)
7307 {
7308 if (*q != '%')
7309 {
7310 /* if found a whitespace or NUL, the string ends */
7311 if (*q == ' ' || *q == '\0')
7312 goto end;
7313
7314 /* copy character */
7315 *(p++) = *(q++);
7316 }
7317 else
7318 {
7319 int hi;
7320 int lo;
7321 int c;
7322
7323 ++q; /* skip the percent sign itself */
7324
7325 /*
7326 * Possible EOL will be caught by the first call to
7327 * get_hexdigit(), so we never dereference an invalid q pointer.
7328 */
7329 if (!(get_hexdigit(*q++, &hi) && get_hexdigit(*q++, &lo)))
7330 {
7331 libpq_append_error(errorMessage,
7332 "invalid percent-encoded token: \"%s\"",
7333 str);
7334 free(buf);
7335 return NULL;
7336 }
7337
7338 c = (hi << 4) | lo;
7339 if (c == 0)
7340 {
7341 libpq_append_error(errorMessage,
7342 "forbidden value %%00 in percent-encoded value: \"%s\"",
7343 str);
7344 free(buf);
7345 return NULL;
7346 }
7347 *(p++) = c;
7348 }
7349 }
7350
7351end:
7352
7353 /* skip trailing whitespaces */
7354 for (const char *s = q; *s == ' '; s++)
7355 {
7356 q++;
7357 continue;
7358 }
7359
7360 /* Not at the end of the string yet? Fail. */
7361 if (*q != '\0')
7362 {
7363 libpq_append_error(errorMessage,
7364 "unexpected spaces found in \"%s\", use percent-encoded spaces (%%20) instead",
7365 str);
7366 free(buf);
7367 return NULL;
7368 }
7369
7370 /* Copy NUL terminator */
7371 *p = '\0';
7372
7373 return buf;
7374}
7375
7376/*
7377 * Convert hexadecimal digit character to its integer value.
7378 *
7379 * If successful, returns true and value is filled with digit's base 16 value.
7380 * If not successful, returns false.
7381 *
7382 * Lower- and upper-case letters in the range A-F are treated identically.
7383 */
7384static bool
7385get_hexdigit(char digit, int *value)
7386{
7387 if ('0' <= digit && digit <= '9')
7388 *value = digit - '0';
7389 else if ('A' <= digit && digit <= 'F')
7390 *value = digit - 'A' + 10;
7391 else if ('a' <= digit && digit <= 'f')
7392 *value = digit - 'a' + 10;
7393 else
7394 return false;
7395
7396 return true;
7397}
7398
7399/*
7400 * Find an option value corresponding to the keyword in the connOptions array.
7401 *
7402 * If successful, returns a pointer to the corresponding option's value.
7403 * If not successful, returns NULL.
7404 */
7405static const char *
7406conninfo_getval(PQconninfoOption *connOptions,
7407 const char *keyword)
7408{
7409 PQconninfoOption *option;
7410
7411 option = conninfo_find(connOptions, keyword);
7412
7413 return option ? option->val : NULL;
7414}
7415
7416/*
7417 * Store a (new) value for an option corresponding to the keyword in
7418 * connOptions array.
7419 *
7420 * If uri_decode is true, the value is URI-decoded. The keyword is always
7421 * assumed to be non URI-encoded.
7422 *
7423 * If successful, returns a pointer to the corresponding PQconninfoOption,
7424 * which value is replaced with a strdup'd copy of the passed value string.
7425 * The existing value for the option is free'd before replacing, if any.
7426 *
7427 * If not successful, returns NULL and fills errorMessage accordingly.
7428 * However, if the reason of failure is an invalid keyword being passed and
7429 * ignoreMissing is true, errorMessage will be left untouched.
7430 */
7431static PQconninfoOption *
7432conninfo_storeval(PQconninfoOption *connOptions,
7433 const char *keyword, const char *value,
7434 PQExpBuffer errorMessage, bool ignoreMissing,
7435 bool uri_decode)
7436{
7437 PQconninfoOption *option;
7438 char *value_copy;
7439
7440 /*
7441 * For backwards compatibility, requiressl=1 gets translated to
7442 * sslmode=require, and requiressl=0 gets translated to sslmode=prefer
7443 * (which is the default for sslmode).
7444 */
7445 if (strcmp(keyword, "requiressl") == 0)
7446 {
7447 keyword = "sslmode";
7448 if (value[0] == '1')
7449 value = "require";
7450 else
7451 value = "prefer";
7452 }
7453
7454 option = conninfo_find(connOptions, keyword);
7455 if (option == NULL)
7456 {
7457 if (!ignoreMissing)
7458 libpq_append_error(errorMessage,
7459 "invalid connection option \"%s\"",
7460 keyword);
7461 return NULL;
7462 }
7463
7464 if (uri_decode)
7465 {
7466 value_copy = conninfo_uri_decode(value, errorMessage);
7467 if (value_copy == NULL)
7468 /* conninfo_uri_decode already set an error message */
7469 return NULL;
7470 }
7471 else
7472 {
7473 value_copy = strdup(value);
7474 if (value_copy == NULL)
7475 {
7476 libpq_append_error(errorMessage, "out of memory");
7477 return NULL;
7478 }
7479 }
7480
7481 free(option->val);
7482 option->val = value_copy;
7483
7484 return option;
7485}
7486
7487/*
7488 * Find a PQconninfoOption option corresponding to the keyword in the
7489 * connOptions array.
7490 *
7491 * If successful, returns a pointer to the corresponding PQconninfoOption
7492 * structure.
7493 * If not successful, returns NULL.
7494 */
7495static PQconninfoOption *
7496conninfo_find(PQconninfoOption *connOptions, const char *keyword)
7497{
7498 PQconninfoOption *option;
7499
7500 for (option = connOptions; option->keyword != NULL; option++)
7501 {
7502 if (strcmp(option->keyword, keyword) == 0)
7503 return option;
7504 }
7505
7506 return NULL;
7507}
7508
7509
7510/*
7511 * Return the connection options used for the connection
7512 */
7513PQconninfoOption *
7514PQconninfo(PGconn *conn)
7515{
7516 PQExpBufferData errorBuf;
7517 PQconninfoOption *connOptions;
7518
7519 if (conn == NULL)
7520 return NULL;
7521
7522 /*
7523 * We don't actually report any errors here, but callees want a buffer,
7524 * and we prefer not to trash the conn's errorMessage.
7525 */
7526 initPQExpBuffer(&errorBuf);
7527 if (PQExpBufferDataBroken(errorBuf))
7528 return NULL; /* out of memory already :-( */
7529
7530 connOptions = conninfo_init(&errorBuf);
7531
7532 if (connOptions != NULL)
7533 {
7534 const internalPQconninfoOption *option;
7535
7536 for (option = PQconninfoOptions; option->keyword; option++)
7537 {
7538 char **connmember;
7539
7540 if (option->connofs < 0)
7541 continue;
7542
7543 connmember = (char **) ((char *) conn + option->connofs);
7544
7545 if (*connmember)
7546 conninfo_storeval(connOptions, option->keyword, *connmember,
7547 &errorBuf, true, false);
7548 }
7549 }
7550
7551 termPQExpBuffer(&errorBuf);
7552
7553 return connOptions;
7554}
7555
7556
7557void
7558PQconninfoFree(PQconninfoOption *connOptions)
7559{
7560 if (connOptions == NULL)
7561 return;
7562
7563 for (PQconninfoOption *option = connOptions; option->keyword != NULL; option++)
7564 free(option->val);
7565 free(connOptions);
7566}
7567
7568
7569/* =========== accessor functions for PGconn ========= */
7570char *
7571PQdb(const PGconn *conn)
7572{
7573 if (!conn)
7574 return NULL;
7575 return conn->dbName;
7576}
7577
7578char *
7579PQuser(const PGconn *conn)
7580{
7581 if (!conn)
7582 return NULL;
7583 return conn->pguser;
7584}
7585
7586char *
7587PQpass(const PGconn *conn)
7588{
7589 char *password = NULL;
7590
7591 if (!conn)
7592 return NULL;
7593 if (conn->connhost != NULL)
7594 password = conn->connhost[conn->whichhost].password;
7595 if (password == NULL)
7596 password = conn->pgpass;
7597 /* Historically we've returned "" not NULL for no password specified */
7598 if (password == NULL)
7599 password = "";
7600 return password;
7601}
7602
7603char *
7604PQhost(const PGconn *conn)
7605{
7606 if (!conn)
7607 return NULL;
7608
7609 if (conn->connhost != NULL)
7610 {
7611 /*
7612 * Return the verbatim host value provided by user, or hostaddr in its
7613 * lack.
7614 */
7615 if (conn->connhost[conn->whichhost].host != NULL &&
7616 conn->connhost[conn->whichhost].host[0] != '\0')
7617 return conn->connhost[conn->whichhost].host;
7618 else if (conn->connhost[conn->whichhost].hostaddr != NULL &&
7619 conn->connhost[conn->whichhost].hostaddr[0] != '\0')
7620 return conn->connhost[conn->whichhost].hostaddr;
7621 }
7622
7623 return "";
7624}
7625
7626char *
7627PQhostaddr(const PGconn *conn)
7628{
7629 if (!conn)
7630 return NULL;
7631
7632 /* Return the parsed IP address */
7633 if (conn->connhost != NULL && conn->connip != NULL)
7634 return conn->connip;
7635
7636 return "";
7637}
7638
7639char *
7640PQport(const PGconn *conn)
7641{
7642 if (!conn)
7643 return NULL;
7644
7645 if (conn->connhost != NULL &&
7646 conn->connhost[conn->whichhost].port != NULL &&
7647 conn->connhost[conn->whichhost].port[0] != '\0')
7648 return conn->connhost[conn->whichhost].port;
7649
7650 return DEF_PGPORT_STR;
7651}
7652
7653/*
7654 * No longer does anything, but the function remains for API backwards
7655 * compatibility.
7656 */
7657char *
7658PQtty(const PGconn *conn)
7659{
7660 if (!conn)
7661 return NULL;
7662 return "";
7663}
7664
7665char *
7666PQoptions(const PGconn *conn)
7667{
7668 if (!conn)
7669 return NULL;
7670 return conn->pgoptions;
7671}
7672
7673ConnStatusType
7674PQstatus(const PGconn *conn)
7675{
7676 if (!conn)
7677 return CONNECTION_BAD;
7678 return conn->status;
7679}
7680
7681PGTransactionStatusType
7682PQtransactionStatus(const PGconn *conn)
7683{
7684 if (!conn || conn->status != CONNECTION_OK)
7685 return PQTRANS_UNKNOWN;
7686 if (conn->asyncStatus != PGASYNC_IDLE)
7687 return PQTRANS_ACTIVE;
7688 return conn->xactStatus;
7689}
7690
7691const char *
7692PQparameterStatus(const PGconn *conn, const char *paramName)
7693{
7694 const pgParameterStatus *pstatus;
7695
7696 if (!conn || !paramName)
7697 return NULL;
7698 for (pstatus = conn->pstatus; pstatus != NULL; pstatus = pstatus->next)
7699 {
7700 if (strcmp(pstatus->name, paramName) == 0)
7701 return pstatus->value;
7702 }
7703 return NULL;
7704}
7705
7706int
7707PQprotocolVersion(const PGconn *conn)
7708{
7709 if (!conn)
7710 return 0;
7711 if (conn->status == CONNECTION_BAD)
7712 return 0;
7713 return PG_PROTOCOL_MAJOR(conn->pversion);
7714}
7715
7716int
7717PQfullProtocolVersion(const PGconn *conn)
7718{
7719 if (!conn)
7720 return 0;
7721 if (conn->status == CONNECTION_BAD)
7722 return 0;
7723 return PG_PROTOCOL_FULL(conn->pversion);
7724}
7725
7726int
7727PQserverVersion(const PGconn *conn)
7728{
7729 if (!conn)
7730 return 0;
7731 if (conn->status == CONNECTION_BAD)
7732 return 0;
7733 return conn->sversion;
7734}
7735
7736char *
7737PQerrorMessage(const PGconn *conn)
7738{
7739 if (!conn)
7740 return libpq_gettext("connection pointer is NULL\n");
7741
7742 /*
7743 * The errorMessage buffer might be marked "broken" due to having
7744 * previously failed to allocate enough memory for the message. In that
7745 * case, tell the application we ran out of memory.
7746 */
7747 if (PQExpBufferBroken(&conn->errorMessage))
7748 return libpq_gettext("out of memory\n");
7749
7750 return conn->errorMessage.data;
7751}
7752
7753/*
7754 * In Windows, socket values are unsigned, and an invalid socket value
7755 * (INVALID_SOCKET) is ~0, which equals -1 in comparisons (with no compiler
7756 * warning). Ideally we would return an unsigned value for PQsocket() on
7757 * Windows, but that would cause the function's return value to differ from
7758 * Unix, so we just return -1 for invalid sockets.
7759 * http://msdn.microsoft.com/en-us/library/windows/desktop/cc507522%28v=vs.85%29.aspx
7760 * http://stackoverflow.com/questions/10817252/why-is-invalid-socket-defined-as-0-in-winsock2-h-c
7761 */
7762int
7763PQsocket(const PGconn *conn)
7764{
7765 if (!conn)
7766 return -1;
7767 if (conn->altsock != PGINVALID_SOCKET)
7768 return conn->altsock;
7769 return (conn->sock != PGINVALID_SOCKET) ? conn->sock : -1;
7770}
7771
7772int
7773PQbackendPID(const PGconn *conn)
7774{
7775 if (!conn || conn->status != CONNECTION_OK)
7776 return 0;
7777 return conn->be_pid;
7778}
7779
7780PGpipelineStatus
7781PQpipelineStatus(const PGconn *conn)
7782{
7783 if (!conn)
7784 return PQ_PIPELINE_OFF;
7785
7786 return conn->pipelineStatus;
7787}
7788
7789int
7790PQconnectionNeedsPassword(const PGconn *conn)
7791{
7792 char *password;
7793
7794 if (!conn)
7795 return false;
7796 password = PQpass(conn);
7797 if (conn->password_needed &&
7798 (password == NULL || password[0] == '\0'))
7799 return true;
7800 else
7801 return false;
7802}
7803
7804int
7805PQconnectionUsedPassword(const PGconn *conn)
7806{
7807 if (!conn)
7808 return false;
7809 if (conn->password_needed)
7810 return true;
7811 else
7812 return false;
7813}
7814
7815int
7816PQconnectionUsedGSSAPI(const PGconn *conn)
7817{
7818 if (!conn)
7819 return false;
7820 if (conn->gssapi_used)
7821 return true;
7822 else
7823 return false;
7824}
7825
7826int
7827PQclientEncoding(const PGconn *conn)
7828{
7829 if (!conn || conn->status != CONNECTION_OK)
7830 return -1;
7831 return conn->client_encoding;
7832}
7833
7834int
7835PQsetClientEncoding(PGconn *conn, const char *encoding)
7836{
7837 char qbuf[128];
7838 static const char query[] = "set client_encoding to '%s'";
7839 PGresult *res;
7840 int status;
7841
7842 if (!conn || conn->status != CONNECTION_OK)
7843 return -1;
7844
7845 if (!encoding)
7846 return -1;
7847
7848 /* Resolve special "auto" value from the locale */
7849 if (strcmp(encoding, "auto") == 0)
7850 encoding = pg_encoding_to_char(pg_get_encoding_from_locale(NULL, true));
7851
7852 /* check query buffer overflow */
7853 if (sizeof(qbuf) < (sizeof(query) + strlen(encoding)))
7854 return -1;
7855
7856 /* ok, now send a query */
7857 sprintf(qbuf, query, encoding);
7858 res = PQexec(conn, qbuf);
7859
7860 if (res == NULL)
7861 return -1;
7862 if (res->resultStatus != PGRES_COMMAND_OK)
7863 status = -1;
7864 else
7865 {
7866 /*
7867 * We rely on the backend to report the parameter value, and we'll
7868 * change state at that time.
7869 */
7870 status = 0; /* everything is ok */
7871 }
7872 PQclear(res);
7873 return status;
7874}
7875
7876PGVerbosity
7877PQsetErrorVerbosity(PGconn *conn, PGVerbosity verbosity)
7878{
7879 PGVerbosity old;
7880
7881 if (!conn)
7882 return PQERRORS_DEFAULT;
7883 old = conn->verbosity;
7884 conn->verbosity = verbosity;
7885 return old;
7886}
7887
7888PGContextVisibility
7889PQsetErrorContextVisibility(PGconn *conn, PGContextVisibility show_context)
7890{
7891 PGContextVisibility old;
7892
7893 if (!conn)
7894 return PQSHOW_CONTEXT_ERRORS;
7895 old = conn->show_context;
7896 conn->show_context = show_context;
7897 return old;
7898}
7899
7900PQnoticeReceiver
7901PQsetNoticeReceiver(PGconn *conn, PQnoticeReceiver proc, void *arg)
7902{
7903 PQnoticeReceiver old;
7904
7905 if (conn == NULL)
7906 return NULL;
7907
7908 old = conn->noticeHooks.noticeRec;
7909 if (proc)
7910 {
7911 conn->noticeHooks.noticeRec = proc;
7912 conn->noticeHooks.noticeRecArg = arg;
7913 }
7914 return old;
7915}
7916
7917PQnoticeProcessor
7918PQsetNoticeProcessor(PGconn *conn, PQnoticeProcessor proc, void *arg)
7919{
7920 PQnoticeProcessor old;
7921
7922 if (conn == NULL)
7923 return NULL;
7924
7925 old = conn->noticeHooks.noticeProc;
7926 if (proc)
7927 {
7928 conn->noticeHooks.noticeProc = proc;
7929 conn->noticeHooks.noticeProcArg = arg;
7930 }
7931 return old;
7932}
7933
7934/*
7935 * The default notice message receiver just gets the standard notice text
7936 * and sends it to the notice processor. This two-level setup exists
7937 * mostly for backwards compatibility; perhaps we should deprecate use of
7938 * PQsetNoticeProcessor?
7939 */
7940static void
7941defaultNoticeReceiver(void *arg, const PGresult *res)
7942{
7943 (void) arg; /* not used */
7944 if (res->noticeHooks.noticeProc != NULL)
7945 res->noticeHooks.noticeProc(res->noticeHooks.noticeProcArg,
7946 PQresultErrorMessage(res));
7947}
7948
7949/*
7950 * The default notice message processor just prints the
7951 * message on stderr. Applications can override this if they
7952 * want the messages to go elsewhere (a window, for example).
7953 * Note that simply discarding notices is probably a bad idea.
7954 */
7955static void
7956defaultNoticeProcessor(void *arg, const char *message)
7957{
7958 (void) arg; /* not used */
7959 /* Note: we expect the supplied string to end with a newline already. */
7960 fprintf(stderr, "%s", message);
7961}
7962
7963/*
7964 * returns a pointer to the next token or NULL if the current
7965 * token doesn't match
7966 */
7967static char *
7968pwdfMatchesString(char *buf, const char *token)
7969{
7970 char *tbuf;
7971 const char *ttok;
7972 bool bslash = false;
7973
7974 if (buf == NULL || token == NULL)
7975 return NULL;
7976 tbuf = buf;
7977 ttok = token;
7978 if (tbuf[0] == '*' && tbuf[1] == ':')
7979 return tbuf + 2;
7980 while (*tbuf != 0)
7981 {
7982 if (*tbuf == '\\' && !bslash)
7983 {
7984 tbuf++;
7985 bslash = true;
7986 }
7987 if (*tbuf == ':' && *ttok == 0 && !bslash)
7988 return tbuf + 1;
7989 bslash = false;
7990 if (*ttok == 0)
7991 return NULL;
7992 if (*tbuf == *ttok)
7993 {
7994 tbuf++;
7995 ttok++;
7996 }
7997 else
7998 return NULL;
7999 }
8000 return NULL;
8001}
8002
8003/*
8004 * Get a password from the password file. Return value is malloc'd.
8005 *
8006 * On failure, *errmsg is set to an error to be returned. It is
8007 * left NULL on success, or if no password could be found.
8008 */
8009static char *
8010passwordFromFile(const char *hostname, const char *port,
8011 const char *dbname, const char *username,
8012 const char *pgpassfile, const char **errmsg)
8013{
8014 FILE *fp;
8015#ifndef WIN32
8016 struct stat stat_buf;
8017#endif
8018 PQExpBufferData buf;
8019
8020 *errmsg = NULL;
8021
8022 if (dbname == NULL || dbname[0] == '\0')
8023 return NULL;
8024
8025 if (username == NULL || username[0] == '\0')
8026 return NULL;
8027
8028 /* 'localhost' matches pghost of '' or the default socket directory */
8029 if (hostname == NULL || hostname[0] == '\0')
8030 hostname = DefaultHost;
8031 else if (is_unixsock_path(hostname))
8032
8033 /*
8034 * We should probably use canonicalize_path(), but then we have to
8035 * bring path.c into libpq, and it doesn't seem worth it.
8036 */
8037 if (strcmp(hostname, DEFAULT_PGSOCKET_DIR) == 0)
8038 hostname = DefaultHost;
8039
8040 if (port == NULL || port[0] == '\0')
8041 port = DEF_PGPORT_STR;
8042
8043 /* If password file cannot be opened, ignore it. */
8044 fp = fopen(pgpassfile, "r");
8045 if (fp == NULL)
8046 return NULL;
8047
8048#ifndef WIN32
8049 if (fstat(fileno(fp), &stat_buf) != 0)
8050 {
8051 fclose(fp);
8052 return NULL;
8053 }
8054
8055 if (!S_ISREG(stat_buf.st_mode))
8056 {
8057 fprintf(stderr,
8058 libpq_gettext("WARNING: password file \"%s\" is not a plain file\n"),
8059 pgpassfile);
8060 fclose(fp);
8061 return NULL;
8062 }
8063
8064 /* If password file is insecure, alert the user and ignore it. */
8065 if (stat_buf.st_mode & (S_IRWXG | S_IRWXO))
8066 {
8067 fprintf(stderr,
8068 libpq_gettext("WARNING: password file \"%s\" has group or world access; permissions should be u=rw (0600) or less\n"),
8069 pgpassfile);
8070 fclose(fp);
8071 return NULL;
8072 }
8073#else
8074
8075 /*
8076 * On Win32, the directory is protected, so we don't have to check the
8077 * file.
8078 */
8079#endif
8080
8081 /* Use an expansible buffer to accommodate any reasonable line length */
8082 initPQExpBuffer(&buf);
8083
8084 while (!feof(fp) && !ferror(fp))
8085 {
8086 /* Make sure there's a reasonable amount of room in the buffer */
8087 if (!enlargePQExpBuffer(&buf, 128))
8088 {
8089 *errmsg = libpq_gettext("out of memory");
8090 break;
8091 }
8092
8093 /* Read some data, appending it to what we already have */
8094 if (fgets(buf.data + buf.len, buf.maxlen - buf.len, fp) == NULL)
8095 break;
8096 buf.len += strlen(buf.data + buf.len);
8097
8098 /* If we don't yet have a whole line, loop around to read more */
8099 if (!(buf.len > 0 && buf.data[buf.len - 1] == '\n') && !feof(fp))
8100 continue;
8101
8102 /* ignore comments */
8103 if (buf.data[0] != '#')
8104 {
8105 char *t = buf.data;
8106 int len;
8107
8108 /* strip trailing newline and carriage return */
8109 len = pg_strip_crlf(t);
8110
8111 if (len > 0 &&
8112 (t = pwdfMatchesString(t, hostname)) != NULL &&
8113 (t = pwdfMatchesString(t, port)) != NULL &&
8114 (t = pwdfMatchesString(t, dbname)) != NULL &&
8115 (t = pwdfMatchesString(t, username)) != NULL)
8116 {
8117 /* Found a match. */
8118 char *ret,
8119 *p1,
8120 *p2;
8121
8122 ret = strdup(t);
8123
8124 fclose(fp);
8125 explicit_bzero(buf.data, buf.maxlen);
8126 termPQExpBuffer(&buf);
8127
8128 if (!ret)
8129 {
8130 *errmsg = libpq_gettext("out of memory");
8131 return NULL;
8132 }
8133
8134 /* De-escape password. */
8135 for (p1 = p2 = ret; *p1 != ':' && *p1 != '\0'; ++p1, ++p2)
8136 {
8137 if (*p1 == '\\' && p1[1] != '\0')
8138 ++p1;
8139 *p2 = *p1;
8140 }
8141 *p2 = '\0';
8142
8143 return ret;
8144 }
8145 }
8146
8147 /* No match, reset buffer to prepare for next line. */
8148 buf.len = 0;
8149 }
8150
8151 fclose(fp);
8152 explicit_bzero(buf.data, buf.maxlen);
8153 termPQExpBuffer(&buf);
8154 return NULL;
8155}
8156
8157
8158/*
8159 * If the connection failed due to bad password, we should mention
8160 * if we got the password from the pgpassfile.
8161 */
8162static void
8163pgpassfileWarning(PGconn *conn)
8164{
8165 /* If it was 'invalid authorization', add pgpassfile mention */
8166 /* only works with >= 9.0 servers */
8167 if (conn->password_needed &&
8168 conn->connhost[conn->whichhost].password != NULL &&
8169 conn->result)
8170 {
8171 const char *sqlstate = PQresultErrorField(conn->result,
8172 PG_DIAG_SQLSTATE);
8173
8174 if (sqlstate && strcmp(sqlstate, ERRCODE_INVALID_PASSWORD) == 0)
8175 libpq_append_conn_error(conn, "password retrieved from file \"%s\"",
8176 conn->pgpassfile);
8177 }
8178}
8179
8180/*
8181 * Check if the SSL protocol value given in input is valid or not.
8182 * This is used as a sanity check routine for the connection parameters
8183 * ssl_min_protocol_version and ssl_max_protocol_version.
8184 */
8185static bool
8186sslVerifyProtocolVersion(const char *version)
8187{
8188 /*
8189 * An empty string and a NULL value are considered valid as it is
8190 * equivalent to ignoring the parameter.
8191 */
8192 if (!version || strlen(version) == 0)
8193 return true;
8194
8195 if (pg_strcasecmp(version, "TLSv1") == 0 ||
8196 pg_strcasecmp(version, "TLSv1.1") == 0 ||
8197 pg_strcasecmp(version, "TLSv1.2") == 0 ||
8198 pg_strcasecmp(version, "TLSv1.3") == 0)
8199 return true;
8200
8201 /* anything else is wrong */
8202 return false;
8203}
8204
8205
8206/*
8207 * Ensure that the SSL protocol range given in input is correct. The check
8208 * is performed on the input string to keep it TLS backend agnostic. Input
8209 * to this function is expected verified with sslVerifyProtocolVersion().
8210 */
8211static bool
8212sslVerifyProtocolRange(const char *min, const char *max)
8213{
8214 Assert(sslVerifyProtocolVersion(min) &&
8215 sslVerifyProtocolVersion(max));
8216
8217 /* If at least one of the bounds is not set, the range is valid */
8218 if (min == NULL || max == NULL || strlen(min) == 0 || strlen(max) == 0)
8219 return true;
8220
8221 /*
8222 * If the minimum version is the lowest one we accept, then all options
8223 * for the maximum are valid.
8224 */
8225 if (pg_strcasecmp(min, "TLSv1") == 0)
8226 return true;
8227
8228 /*
8229 * The minimum bound is valid, and cannot be TLSv1, so using TLSv1 for the
8230 * maximum is incorrect.
8231 */
8232 if (pg_strcasecmp(max, "TLSv1") == 0)
8233 return false;
8234
8235 /*
8236 * At this point we know that we have a mix of TLSv1.1 through 1.3
8237 * versions.
8238 */
8239 if (pg_strcasecmp(min, max) > 0)
8240 return false;
8241
8242 return true;
8243}
8244
8245
8246/*
8247 * Obtain user's home directory, return in given buffer
8248 *
8249 * On Unix, this actually returns the user's home directory. On Windows
8250 * it returns the PostgreSQL-specific application data folder.
8251 *
8252 * This is essentially the same as get_home_path(), but we don't use that
8253 * because we don't want to pull path.c into libpq (it pollutes application
8254 * namespace).
8255 *
8256 * Returns true on success, false on failure to obtain the directory name.
8257 *
8258 * CAUTION: although in most situations failure is unexpected, there are users
8259 * who like to run applications in a home-directory-less environment. On
8260 * failure, you almost certainly DO NOT want to report an error. Just act as
8261 * though whatever file you were hoping to find in the home directory isn't
8262 * there (which it isn't).
8263 */
8264bool
8265pqGetHomeDirectory(char *buf, int bufsize)
8266{
8267#ifndef WIN32
8268 const char *home;
8269
8270 home = getenv("HOME");
8271 if (home && home[0])
8272 {
8273 strlcpy(buf, home, bufsize);
8274 return true;
8275 }
8276 else
8277 {
8278 struct passwd pwbuf;
8279 struct passwd *pw;
8280 char tmpbuf[1024];
8281 int rc;
8282
8283 rc = getpwuid_r(geteuid(), &pwbuf, tmpbuf, sizeof tmpbuf, &pw);
8284 if (rc != 0 || !pw)
8285 return false;
8286 strlcpy(buf, pw->pw_dir, bufsize);
8287 return true;
8288 }
8289#else
8290 char tmppath[MAX_PATH];
8291
8292 ZeroMemory(tmppath, sizeof(tmppath));
8293 if (SHGetFolderPath(NULL, CSIDL_APPDATA, NULL, 0, tmppath) != S_OK)
8294 return false;
8295 snprintf(buf, bufsize, "%s/postgresql", tmppath);
8296 return true;
8297#endif
8298}
8299
8300/*
8301 * Parse and try to interpret "value" as an integer value, and if successful,
8302 * store it in *result, complaining if there is any trailing garbage or an
8303 * overflow. This allows any number of leading and trailing whitespaces.
8304 */
8305bool
8306pqParseIntParam(const char *value, int *result, PGconn *conn,
8307 const char *context)
8308{
8309 char *end;
8310 long numval;
8311
8312 Assert(value != NULL);
8313
8314 *result = 0;
8315
8316 /* strtol(3) skips leading whitespaces */
8317 errno = 0;
8318 numval = strtol(value, &end, 10);
8319
8320 /*
8321 * If no progress was done during the parsing or an error happened, fail.
8322 * This tests properly for overflows of the result.
8323 */
8324 if (value == end || errno != 0 || numval != (int) numval)
8325 goto error;
8326
8327 /*
8328 * Skip any trailing whitespace; if anything but whitespace remains before
8329 * the terminating character, fail
8330 */
8331 while (*end != '\0' && isspace((unsigned char) *end))
8332 end++;
8333
8334 if (*end != '\0')
8335 goto error;
8336
8337 *result = numval;
8338 return true;
8339
8340error:
8341 libpq_append_conn_error(conn, "invalid integer value \"%s\" for connection option \"%s\"",
8342 value, context);
8343 return false;
8344}
8345
8346/*
8347 * Parse and try to interpret "value" as a ProtocolVersion value, and if
8348 * successful, store it in *result.
8349 */
8350static bool
8351pqParseProtocolVersion(const char *value, ProtocolVersion *result, PGconn *conn,
8352 const char *context)
8353{
8354 if (strcmp(value, "latest") == 0)
8355 {
8356 *result = PG_PROTOCOL_LATEST;
8357 return true;
8358 }
8359 if (strcmp(value, "3.0") == 0)
8360 {
8361 *result = PG_PROTOCOL(3, 0);
8362 return true;
8363 }
8364
8365 /* 3.1 never existed, we went straight from 3.0 to 3.2 */
8366
8367 if (strcmp(value, "3.2") == 0)
8368 {
8369 *result = PG_PROTOCOL(3, 2);
8370 return true;
8371 }
8372
8373 libpq_append_conn_error(conn, "invalid %s value: \"%s\"",
8374 context, value);
8375 return false;
8376}
8377
8378/*
8379 * To keep the API consistent, the locking stubs are always provided, even
8380 * if they are not required.
8381 *
8382 * Since we neglected to provide any error-return convention in the
8383 * pgthreadlock_t API, we can't do much except Assert upon failure of any
8384 * mutex primitive. Fortunately, such failures appear to be nonexistent in
8385 * the field.
8386 */
8387
8388static void
8389default_threadlock(int acquire)
8390{
8391 static pthread_mutex_t singlethread_lock = PTHREAD_MUTEX_INITIALIZER;
8392
8393 if (acquire)
8394 {
8395 if (pthread_mutex_lock(&singlethread_lock))
8396 Assert(false);
8397 }
8398 else
8399 {
8400 if (pthread_mutex_unlock(&singlethread_lock))
8401 Assert(false);
8402 }
8403}
8404
8405pgthreadlock_t
8406PQregisterThreadLock(pgthreadlock_t newhandler)
8407{
8408 pgthreadlock_t prev = pg_g_threadlock;
8409
8410 if (newhandler)
8411 pg_g_threadlock = newhandler;
8412 else
8413 pg_g_threadlock = default_threadlock;
8414
8415 return prev;
8416}
pg_b64_dec_len
int pg_b64_dec_len(int srclen)
Definition base64.c:239
pg_b64_decode
int pg_b64_decode(const char *src, int len, uint8 *dst, int dstlen)
Definition base64.c:116
ssl_min_protocol_version
int ssl_min_protocol_version
Definition be-secure.c:61
ssl_max_protocol_version
int ssl_max_protocol_version
Definition be-secure.c:62
values
static Datum values[MAXATTR]
Definition bootstrap.c:147
cleanup
static void cleanup(void)
Definition bootstrap.c:838
STATUS_OK
#define STATUS_OK
Definition c.h:1207
Assert
#define Assert(condition)
Definition c.h:906
uint64
uint64_t uint64
Definition c.h:580
uint32
uint32_t uint32
Definition c.h:579
lengthof
#define lengthof(array)
Definition c.h:836
MemSet
#define MemSet(start, val, len)
Definition c.h:1056
StaticAssertDecl
#define StaticAssertDecl(condition, errmessage)
Definition c.h:971
STATUS_ERROR
#define STATUS_ERROR
Definition c.h:1208
fprintf
#define fprintf(file, fmt, msg)
Definition cubescan.l:21
cur
struct cursor * cur
Definition ecpg.c:29
arg
Datum arg
Definition elog.c:1322
errmsg
int errmsg(const char *fmt,...)
Definition elog.c:1093
err
void err(int eval, const char *fmt,...)
Definition err.c:43
pg_oauth_mech
const pg_fe_sasl_mech pg_oauth_mech
Definition fe-auth-oauth.c:40
pqClearOAuthToken
void pqClearOAuthToken(PGconn *conn)
Definition fe-auth-oauth.c:1385
pg_scram_mech
const pg_fe_sasl_mech pg_scram_mech
Definition fe-auth-scram.c:33
pg_fe_sendauth
int pg_fe_sendauth(AuthRequest areq, int payloadlen, PGconn *conn, bool *async)
Definition fe-auth.c:1066
pg_fe_getauthname
char * pg_fe_getauthname(PQExpBuffer errorMessage)
Definition fe-auth.c:1344
pg_fe_getusername
char * pg_fe_getusername(uid_t user_id, PQExpBuffer errorMessage)
Definition fe-auth.c:1286
PQsendCancelRequest
int PQsendCancelRequest(PGconn *cancelConn)
Definition fe-cancel.c:472
PQcancelPoll
PostgresPollingStatusType PQcancelPoll(PGcancelConn *cancelConn)
Definition fe-cancel.c:226
pqFreeCommandQueue
static void pqFreeCommandQueue(PGcmdQueueEntry *queue)
Definition fe-connect.c:633
MAX_ERRLEN
#define MAX_ERRLEN
PQserverVersion
int PQserverVersion(const PGconn *conn)
Definition fe-connect.c:7727
conninfo_getval
static const char * conninfo_getval(PQconninfoOption *connOptions, const char *keyword)
Definition fe-connect.c:7406
PQprotocolVersion
int PQprotocolVersion(const PGconn *conn)
Definition fe-connect.c:7707
pqDropConnection
void pqDropConnection(PGconn *conn, bool flushInput)
Definition fe-connect.c:533
PQresetStart
int PQresetStart(PGconn *conn)
Definition fe-connect.c:5396
connectOptions1
static bool connectOptions1(PGconn *conn, const char *conninfo)
Definition fe-connect.c:1079
EnvironmentOptions
static const PQEnvironmentOption EnvironmentOptions[]
Definition fe-connect.c:425
CONNECTION_FAILED
#define CONNECTION_FAILED()
pqConnectOptions2
bool pqConnectOptions2(PGconn *conn)
Definition fe-connect.c:1253
conninfo_init
static PQconninfoOption * conninfo_init(PQExpBuffer errorMessage)
Definition fe-connect.c:6296
sendTerminateConn
static void sendTerminateConn(PGconn *conn)
Definition fe-connect.c:5268
PQoptions
char * PQoptions(const PGconn *conn)
Definition fe-connect.c:7666
setKeepalivesCount
static int setKeepalivesCount(PGconn *conn)
Definition fe-connect.c:2581
parse_connection_string
static PQconninfoOption * parse_connection_string(const char *connstr, PQExpBuffer errorMessage, bool use_defaults)
Definition fe-connect.c:6335
useKeepalives
static int useKeepalives(PGconn *conn)
Definition fe-connect.c:2494
PQdb
char * PQdb(const PGconn *conn)
Definition fe-connect.c:7571
defaultNoticeReceiver
static void defaultNoticeReceiver(void *arg, const PGresult *res)
Definition fe-connect.c:7941
uri_prefix_length
static int uri_prefix_length(const char *connstr)
Definition fe-connect.c:6355
pqParseProtocolVersion
static bool pqParseProtocolVersion(const char *value, ProtocolVersion *result, PGconn *conn, const char *context)
Definition fe-connect.c:8351
store_conn_addrinfo
static int store_conn_addrinfo(PGconn *conn, struct addrinfo *addrlist)
Definition fe-connect.c:5215
parseServiceFile
static int parseServiceFile(const char *serviceFile, const char *service, PQconninfoOption *options, PQExpBuffer errorMessage, bool *group_found)
Definition fe-connect.c:6059
connectFailureMessage
static void connectFailureMessage(PGconn *conn, int errorno)
Definition fe-connect.c:2474
DefaultHost
#define DefaultHost
Definition fe-connect.c:121
sslVerifyProtocolRange
static bool sslVerifyProtocolRange(const char *min, const char *max)
Definition fe-connect.c:8212
default_threadlock
static void default_threadlock(int acquire)
Definition fe-connect.c:8389
PQfullProtocolVersion
int PQfullProtocolVersion(const PGconn *conn)
Definition fe-connect.c:7717
libpq_prng_init
static void libpq_prng_init(PGconn *conn)
Definition fe-connect.c:1175
PQreset
void PQreset(PGconn *conn)
Definition fe-connect.c:5363
pqClosePGconn
void pqClosePGconn(PGconn *conn)
Definition fe-connect.c:5302
passwordFromFile
static char * passwordFromFile(const char *hostname, const char *port, const char *dbname, const char *username, const char *pgpassfile, const char **errmsg)
Definition fe-connect.c:8010
pqGetHomeDirectory
bool pqGetHomeDirectory(char *buf, int bufsize)
Definition fe-connect.c:8265
DefaultSSLMode
#define DefaultSSLMode
Definition fe-connect.c:134
internalPQconninfoOption
struct _internalPQconninfoOption internalPQconninfoOption
short_uri_designator
static const char short_uri_designator[]
Definition fe-connect.c:452
DefaultGSSMode
#define DefaultGSSMode
Definition fe-connect.c:142
release_conn_addrinfo
static void release_conn_addrinfo(PGconn *conn)
Definition fe-connect.c:5254
PQport
char * PQport(const PGconn *conn)
Definition fe-connect.c:7640
PQtransactionStatus
PGTransactionStatusType PQtransactionStatus(const PGconn *conn)
Definition fe-connect.c:7682
count_comma_separated_elems
static int count_comma_separated_elems(const char *input)
Definition fe-connect.c:1116
DefaultOption
#define DefaultOption
Definition fe-connect.c:122
conninfo_add_defaults
static bool conninfo_add_defaults(PQconninfoOption *options, PQExpBuffer errorMessage)
Definition fe-connect.c:6723
select_next_encryption_method
static bool select_next_encryption_method(PGconn *conn, bool have_valid_connection)
Definition fe-connect.c:4848
PQconnectdb
PGconn * PQconnectdb(const char *conninfo)
Definition fe-connect.c:826
PQhost
char * PQhost(const PGconn *conn)
Definition fe-connect.c:7604
ERRCODE_APPNAME_UNKNOWN
#define ERRCODE_APPNAME_UNKNOWN
Definition fe-connect.c:90
conninfo_uri_parse_params
static bool conninfo_uri_parse_params(char *params, PQconninfoOption *connOptions, PQExpBuffer errorMessage)
Definition fe-connect.c:7152
PQconnectionUsedPassword
int PQconnectionUsedPassword(const PGconn *conn)
Definition fe-connect.c:7805
clear_allowed_sasl_mechs
static void clear_allowed_sasl_mechs(PGconn *conn)
Definition fe-connect.c:1222
PQconninfo
PQconninfoOption * PQconninfo(PGconn *conn)
Definition fe-connect.c:7514
conninfo_uri_decode
static char * conninfo_uri_decode(const char *str, PQExpBuffer errorMessage)
Definition fe-connect.c:7285
setKeepalivesInterval
static int setKeepalivesInterval(PGconn *conn)
Definition fe-connect.c:2546
fill_allowed_sasl_mechs
static void fill_allowed_sasl_mechs(PGconn *conn)
Definition fe-connect.c:1198
setKeepalivesIdle
static int setKeepalivesIdle(PGconn *conn)
Definition fe-connect.c:2512
PQconnectPoll
PostgresPollingStatusType PQconnectPoll(PGconn *conn)
Definition fe-connect.c:2921
PQconninfoFree
void PQconninfoFree(PQconninfoOption *connOptions)
Definition fe-connect.c:7558
DefaultChannelBinding
#define DefaultChannelBinding
Definition fe-connect.c:126
pqParseIntParam
bool pqParseIntParam(const char *value, int *result, PGconn *conn, const char *context)
Definition fe-connect.c:8306
defaultNoticeProcessor
static void defaultNoticeProcessor(void *arg, const char *message)
Definition fe-connect.c:7956
pgpassfileWarning
static void pgpassfileWarning(PGconn *conn)
Definition fe-connect.c:8163
PQtty
char * PQtty(const PGconn *conn)
Definition fe-connect.c:7658
index_of_allowed_sasl_mech
static int index_of_allowed_sasl_mech(PGconn *conn, const pg_fe_sasl_mech *mech)
Definition fe-connect.c:1233
internal_ping
static PGPing internal_ping(PGconn *conn)
Definition fe-connect.c:4923
conninfo_find
static PQconninfoOption * conninfo_find(PQconninfoOption *connOptions, const char *keyword)
Definition fe-connect.c:7496
uri_designator
static const char uri_designator[]
Definition fe-connect.c:451
PQconninfoParse
PQconninfoOption * PQconninfoParse(const char *conninfo, char **errmsg)
Definition fe-connect.c:6274
PQparameterStatus
const char * PQparameterStatus(const PGconn *conn, const char *paramName)
Definition fe-connect.c:7692
sslVerifyProtocolVersion
static bool sslVerifyProtocolVersion(const char *version)
Definition fe-connect.c:8186
SELECT_NEXT_METHOD
#define SELECT_NEXT_METHOD(method)
PQconnectionNeedsPassword
int PQconnectionNeedsPassword(const PGconn *conn)
Definition fe-connect.c:7790
PQpass
char * PQpass(const PGconn *conn)
Definition fe-connect.c:7587
ERRCODE_PROTOCOL_VIOLATION
#define ERRCODE_PROTOCOL_VIOLATION
Definition fe-connect.c:96
PQresetPoll
PostgresPollingStatusType PQresetPoll(PGconn *conn)
Definition fe-connect.c:5415
PQconnectionUsedGSSAPI
int PQconnectionUsedGSSAPI(const PGconn *conn)
Definition fe-connect.c:7816
conninfo_uri_parse
static PQconninfoOption * conninfo_uri_parse(const char *uri, PQExpBuffer errorMessage, bool use_defaults)
Definition fe-connect.c:6858
pqReleaseConnHosts
void pqReleaseConnHosts(PGconn *conn)
Definition fe-connect.c:5185
emitHostIdentityInfo
static void emitHostIdentityInfo(PGconn *conn, const char *host_addr)
Definition fe-connect.c:2418
connection_failed
static bool connection_failed(PGconn *conn)
Definition fe-connect.c:4833
pg_g_threadlock
pgthreadlock_t pg_g_threadlock
Definition fe-connect.c:517
PQstatus
ConnStatusType PQstatus(const PGconn *conn)
Definition fe-connect.c:7674
PQconnectStart
PGconn * PQconnectStart(const char *conninfo)
Definition fe-connect.c:954
setTCPUserTimeout
static int setTCPUserTimeout(PGconn *conn)
Definition fe-connect.c:2678
conninfo_array_parse
static PQconninfoOption * conninfo_array_parse(const char *const *keywords, const char *const *values, PQExpBuffer errorMessage, bool use_defaults, int expand_dbname)
Definition fe-connect.c:6565
PQclientEncoding
int PQclientEncoding(const PGconn *conn)
Definition fe-connect.c:7827
PQconnectStartParams
PGconn * PQconnectStartParams(const char *const *keywords, const char *const *values, int expand_dbname)
Definition fe-connect.c:873
conninfo_parse
static PQconninfoOption * conninfo_parse(const char *conninfo, PQExpBuffer errorMessage, bool use_defaults)
Definition fe-connect.c:6389
PQfinish
void PQfinish(PGconn *conn)
Definition fe-connect.c:5349
pqDropServerData
static void pqDropServerData(PGconn *conn)
Definition fe-connect.c:659
pqMakeEmptyPGconn
PGconn * pqMakeEmptyPGconn(void)
Definition fe-connect.c:4987
PQping
PGPing PQping(const char *conninfo)
Definition fe-connect.c:842
PQsetErrorContextVisibility
PGContextVisibility PQsetErrorContextVisibility(PGconn *conn, PGContextVisibility show_context)
Definition fe-connect.c:7889
DefaultLoadBalanceHosts
#define DefaultLoadBalanceHosts
Definition fe-connect.c:129
connectNoDelay
static int connectNoDelay(PGconn *conn)
Definition fe-connect.c:2359
DefaultSSLNegotiation
#define DefaultSSLNegotiation
Definition fe-connect.c:137
PQsetNoticeReceiver
PQnoticeReceiver PQsetNoticeReceiver(PGconn *conn, PQnoticeReceiver proc, void *arg)
Definition fe-connect.c:7901
PQsetdbLogin
PGconn * PQsetdbLogin(const char *pghost, const char *pgport, const char *pgoptions, const char *pgtty, const char *dbName, const char *login, const char *pwd)
Definition fe-connect.c:2244
PQhostaddr
char * PQhostaddr(const PGconn *conn)
Definition fe-connect.c:7627
PQbackendPID
int PQbackendPID(const PGconn *conn)
Definition fe-connect.c:7773
PQconndefaults
PQconninfoOption * PQconndefaults(void)
Definition fe-connect.c:2206
conninfo_storeval
static PQconninfoOption * conninfo_storeval(PQconninfoOption *connOptions, const char *keyword, const char *value, PQExpBuffer errorMessage, bool ignoreMissing, bool uri_decode)
Definition fe-connect.c:7432
PGPASSFILE
#define PGPASSFILE
Definition fe-connect.c:79
conninfo_uri_parse_options
static bool conninfo_uri_parse_options(PQconninfoOption *options, const char *uri, PQExpBuffer errorMessage)
Definition fe-connect.c:6911
pqConnectDBStart
int pqConnectDBStart(PGconn *conn)
Definition fe-connect.c:2717
getHostaddr
static void getHostaddr(PGconn *conn, char *host_addr, int host_addr_len)
Definition fe-connect.c:2385
PQuser
char * PQuser(const PGconn *conn)
Definition fe-connect.c:7579
freePGconn
static void freePGconn(PGconn *conn)
Definition fe-connect.c:5087
pqCopyPGconn
bool pqCopyPGconn(PGconn *srcConn, PGconn *dstConn)
Definition fe-connect.c:1038
pwdfMatchesString
static char * pwdfMatchesString(char *buf, const char *token)
Definition fe-connect.c:7968
PQpipelineStatus
PGpipelineStatus PQpipelineStatus(const PGconn *conn)
Definition fe-connect.c:7781
get_hexdigit
static bool get_hexdigit(char digit, int *value)
Definition fe-connect.c:7385
ERRCODE_INVALID_PASSWORD
#define ERRCODE_INVALID_PASSWORD
Definition fe-connect.c:93
PQsetErrorVerbosity
PGVerbosity PQsetErrorVerbosity(PGconn *conn, PGVerbosity verbosity)
Definition fe-connect.c:7877
SASL_MECHANISM_COUNT
#define SASL_MECHANISM_COUNT
Definition fe-connect.c:448
PQsetNoticeProcessor
PQnoticeProcessor PQsetNoticeProcessor(PGconn *conn, PQnoticeProcessor proc, void *arg)
Definition fe-connect.c:7918
DefaultSSLCertMode
#define DefaultSSLCertMode
Definition fe-connect.c:135
ERRCODE_CANNOT_CONNECT_NOW
#define ERRCODE_CANNOT_CONNECT_NOW
Definition fe-connect.c:95
PQconninfoOptions
static const internalPQconninfoOption PQconninfoOptions[]
Definition fe-connect.c:201
ENCRYPTION_NEGOTIATION_FAILED
#define ENCRYPTION_NEGOTIATION_FAILED(msg)
recognized_connection_string
static bool recognized_connection_string(const char *connstr)
Definition fe-connect.c:6378
DefaultTargetSessionAttrs
#define DefaultTargetSessionAttrs
Definition fe-connect.c:128
parseServiceInfo
static int parseServiceInfo(PQconninfoOption *options, PQExpBuffer errorMessage)
Definition fe-connect.c:5987
PQerrorMessage
char * PQerrorMessage(const PGconn *conn)
Definition fe-connect.c:7737
init_allowed_encryption_methods
static bool init_allowed_encryption_methods(PGconn *conn)
Definition fe-connect.c:4743
supported_sasl_mechs
static const pg_fe_sasl_mech * supported_sasl_mechs[]
Definition fe-connect.c:443
PQpingParams
PGPing PQpingParams(const char *const *keywords, const char *const *values, int expand_dbname)
Definition fe-connect.c:789
PQsocket
int PQsocket(const PGconn *conn)
Definition fe-connect.c:7763
pqConnectDBComplete
int pqConnectDBComplete(PGconn *conn)
Definition fe-connect.c:2795
PQsetClientEncoding
int PQsetClientEncoding(PGconn *conn, const char *encoding)
Definition fe-connect.c:7835
PQconnectdbParams
PGconn * PQconnectdbParams(const char *const *keywords, const char *const *values, int expand_dbname)
Definition fe-connect.c:771
parse_comma_separated_list
static char * parse_comma_separated_list(char **startptr, bool *more)
Definition fe-connect.c:1140
pqPacketSend
int pqPacketSend(PGconn *conn, char pack_type, const void *buf, size_t buf_len)
Definition fe-connect.c:5457
fillPGconn
static bool fillPGconn(PGconn *conn, PQconninfoOption *connOptions)
Definition fe-connect.c:1000
PQregisterThreadLock
pgthreadlock_t PQregisterThreadLock(pgthreadlock_t newhandler)
Definition fe-connect.c:8406
PQsendQueryContinue
int PQsendQueryContinue(PGconn *conn, const char *query)
Definition fe-exec.c:1439
PQconsumeInput
int PQconsumeInput(PGconn *conn)
Definition fe-exec.c:2001
pqClearAsyncResult
void pqClearAsyncResult(PGconn *conn)
Definition fe-exec.c:785
PQisBusy
int PQisBusy(PGconn *conn)
Definition fe-exec.c:2048
PQexec
PGresult * PQexec(PGconn *conn, const char *query)
Definition fe-exec.c:2279
pg_GSS_have_cred_cache
bool pg_GSS_have_cred_cache(gss_cred_id_t *cred_out)
Definition fe-gssapi-common.c:61
pqReadData
int pqReadData(PGconn *conn)
Definition fe-misc.c:606
pqFlush
int pqFlush(PGconn *conn)
Definition fe-misc.c:994
pqParseDone
void pqParseDone(PGconn *conn, int newInStart)
Definition fe-misc.c:443
pqPutMsgStart
int pqPutMsgStart(char msg_type, PGconn *conn)
Definition fe-misc.c:473
pqGetc
int pqGetc(char *result, PGconn *conn)
Definition fe-misc.c:77
pqGetInt
int pqGetInt(int *result, size_t bytes, PGconn *conn)
Definition fe-misc.c:216
libpq_append_grease_info
void libpq_append_grease_info(PGconn *conn)
Definition fe-misc.c:1432
pqPutnchar
int pqPutnchar(const void *s, size_t len, PGconn *conn)
Definition fe-misc.c:202
pqCheckInBufferSpace
int pqCheckInBufferSpace(size_t bytes_needed, PGconn *conn)
Definition fe-misc.c:351
PQgetCurrentTimeUSec
pg_usec_time_t PQgetCurrentTimeUSec(void)
Definition fe-misc.c:1235
libpq_append_error
void libpq_append_error(PQExpBuffer errorMessage, const char *fmt,...)
Definition fe-misc.c:1375
pqWaitTimed
int pqWaitTimed(int forRead, int forWrite, PGconn *conn, pg_usec_time_t end_time)
Definition fe-misc.c:1035
pqGets_append
int pqGets_append(PQExpBuffer buf, PGconn *conn)
Definition fe-misc.c:142
pqPutMsgEnd
int pqPutMsgEnd(PGconn *conn)
Definition fe-misc.c:532
pqBuildStartupPacket3
char * pqBuildStartupPacket3(PGconn *conn, int *packetlen, const PQEnvironmentOption *options)
Definition fe-protocol3.c:2436
pqGetNegotiateProtocolVersion3
int pqGetNegotiateProtocolVersion3(PGconn *conn)
Definition fe-protocol3.c:1443
pqGetErrorNotice3
int pqGetErrorNotice3(PGconn *conn, bool isError)
Definition fe-protocol3.c:898
pqsecure_open_gss
PostgresPollingStatusType pqsecure_open_gss(PGconn *conn)
Definition fe-secure-gssapi.c:481
pqsecure_open_client
PostgresPollingStatusType pqsecure_open_client(PGconn *conn)
Definition fe-secure.c:138
pqsecure_close
void pqsecure_close(PGconn *conn)
Definition fe-secure.c:152
pqTraceOutputCharResponse
void pqTraceOutputCharResponse(PGconn *conn, const char *responseType, char response)
Definition fe-trace.c:915
start
return str start
Definition hashfn_unstable.h:289
str
const char * str
Definition hashfn_unstable.h:261
token
#define token
Definition indent_globs.h:126
bufsize
#define bufsize
Definition indent_globs.h:36
input
FILE * input
val
long val
Definition informix.c:689
value
static struct @174 value
username
static char * username
Definition initdb.c:153
encoding
static char * encoding
Definition initdb.c:139
pg_freeaddrinfo_all
void pg_freeaddrinfo_all(int hint_ai_family, struct addrinfo *ai)
Definition ip.c:85
pg_getnameinfo_all
int pg_getnameinfo_all(const struct sockaddr_storage *addr, int salen, char *node, int nodelen, char *service, int servicelen, int flags)
Definition ip.c:117
pg_getaddrinfo_all
int pg_getaddrinfo_all(const char *hostname, const char *servname, const struct addrinfo *hintp, struct addrinfo **result)
Definition ip.c:56
j
int j
Definition isn.c:78
i
int i
Definition isn.c:77
keywords
static const JsonPathKeyword keywords[]
Definition jsonpath_scan.l:402
PQresultErrorMessage
#define PQresultErrorMessage
Definition libpq-be-fe-helpers.h:475
PQgetvalue
#define PQgetvalue
Definition libpq-be-fe.h:253
PQgetResult
#define PQgetResult
Definition libpq-be-fe.h:246
PQclear
#define PQclear
Definition libpq-be-fe.h:245
PQresultErrorField
#define PQresultErrorField
Definition libpq-be-fe.h:249
PQresultStatus
#define PQresultStatus
Definition libpq-be-fe.h:247
PQntuples
#define PQntuples
Definition libpq-be-fe.h:251
PGEVT_CONNDESTROY
@ PGEVT_CONNDESTROY
Definition libpq-events.h:31
PGEVT_CONNRESET
@ PGEVT_CONNRESET
Definition libpq-events.h:30
ConnStatusType
ConnStatusType
Definition libpq-fe.h:83
CONNECTION_CONSUME
@ CONNECTION_CONSUME
Definition libpq-fe.h:102
CONNECTION_AUTHENTICATING
@ CONNECTION_AUTHENTICATING
Definition libpq-fe.h:109
CONNECTION_CHECK_STANDBY
@ CONNECTION_CHECK_STANDBY
Definition libpq-fe.h:106
CONNECTION_STARTED
@ CONNECTION_STARTED
Definition libpq-fe.h:92
CONNECTION_AWAITING_RESPONSE
@ CONNECTION_AWAITING_RESPONSE
Definition libpq-fe.h:94
CONNECTION_MADE
@ CONNECTION_MADE
Definition libpq-fe.h:93
CONNECTION_CHECK_WRITABLE
@ CONNECTION_CHECK_WRITABLE
Definition libpq-fe.h:101
CONNECTION_BAD
@ CONNECTION_BAD
Definition libpq-fe.h:85
CONNECTION_OK
@ CONNECTION_OK
Definition libpq-fe.h:84
CONNECTION_GSS_STARTUP
@ CONNECTION_GSS_STARTUP
Definition libpq-fe.h:103
CONNECTION_SSL_STARTUP
@ CONNECTION_SSL_STARTUP
Definition libpq-fe.h:99
CONNECTION_AUTH_OK
@ CONNECTION_AUTH_OK
Definition libpq-fe.h:96
CONNECTION_CHECK_TARGET
@ CONNECTION_CHECK_TARGET
Definition libpq-fe.h:104
CONNECTION_NEEDED
@ CONNECTION_NEEDED
Definition libpq-fe.h:100
PGRES_COMMAND_OK
@ PGRES_COMMAND_OK
Definition libpq-fe.h:125
PGRES_FATAL_ERROR
@ PGRES_FATAL_ERROR
Definition libpq-fe.h:136
PGRES_TUPLES_OK
@ PGRES_TUPLES_OK
Definition libpq-fe.h:128
pgthreadlock_t
void(* pgthreadlock_t)(int acquire)
Definition libpq-fe.h:468
PGPing
PGPing
Definition libpq-fe.h:175
PQPING_OK
@ PQPING_OK
Definition libpq-fe.h:176
PQPING_REJECT
@ PQPING_REJECT
Definition libpq-fe.h:177
PQPING_NO_RESPONSE
@ PQPING_NO_RESPONSE
Definition libpq-fe.h:178
PQPING_NO_ATTEMPT
@ PQPING_NO_ATTEMPT
Definition libpq-fe.h:179
PGContextVisibility
PGContextVisibility
Definition libpq-fe.h:163
PQSHOW_CONTEXT_ERRORS
@ PQSHOW_CONTEXT_ERRORS
Definition libpq-fe.h:165
PGTransactionStatusType
PGTransactionStatusType
Definition libpq-fe.h:146
PQTRANS_IDLE
@ PQTRANS_IDLE
Definition libpq-fe.h:147
PQTRANS_ACTIVE
@ PQTRANS_ACTIVE
Definition libpq-fe.h:148
PQTRANS_UNKNOWN
@ PQTRANS_UNKNOWN
Definition libpq-fe.h:151
PQnoticeReceiver
void(* PQnoticeReceiver)(void *arg, const PGresult *res)
Definition libpq-fe.h:241
pg_usec_time_t
int64_t pg_usec_time_t
Definition libpq-fe.h:238
PQnoticeProcessor
void(* PQnoticeProcessor)(void *arg, const char *message)
Definition libpq-fe.h:242
PostgresPollingStatusType
PostgresPollingStatusType
Definition libpq-fe.h:114
PGRES_POLLING_OK
@ PGRES_POLLING_OK
Definition libpq-fe.h:118
PGRES_POLLING_READING
@ PGRES_POLLING_READING
Definition libpq-fe.h:116
PGRES_POLLING_WRITING
@ PGRES_POLLING_WRITING
Definition libpq-fe.h:117
PGRES_POLLING_FAILED
@ PGRES_POLLING_FAILED
Definition libpq-fe.h:115
PGpipelineStatus
PGpipelineStatus
Definition libpq-fe.h:186
PQ_PIPELINE_OFF
@ PQ_PIPELINE_OFF
Definition libpq-fe.h:187
PGVerbosity
PGVerbosity
Definition libpq-fe.h:155
PQERRORS_DEFAULT
@ PQERRORS_DEFAULT
Definition libpq-fe.h:157
PGASYNC_IDLE
@ PGASYNC_IDLE
Definition libpq-int.h:215
PGASYNC_BUSY
@ PGASYNC_BUSY
Definition libpq-int.h:216
LOAD_BALANCE_DISABLE
@ LOAD_BALANCE_DISABLE
Definition libpq-int.h:249
LOAD_BALANCE_RANDOM
@ LOAD_BALANCE_RANDOM
Definition libpq-int.h:250
SOCK_STRERROR
#define SOCK_STRERROR
Definition libpq-int.h:973
ENC_PLAINTEXT
#define ENC_PLAINTEXT
Definition libpq-int.h:230
ENC_GSSAPI
#define ENC_GSSAPI
Definition libpq-int.h:231
ENC_SSL
#define ENC_SSL
Definition libpq-int.h:232
CHT_UNIX_SOCKET
@ CHT_UNIX_SOCKET
Definition libpq-int.h:311
CHT_HOST_ADDRESS
@ CHT_HOST_ADDRESS
Definition libpq-int.h:310
CHT_HOST_NAME
@ CHT_HOST_NAME
Definition libpq-int.h:309
pqClearConnErrorState
#define pqClearConnErrorState(conn)
Definition libpq-int.h:923
ENC_ERROR
#define ENC_ERROR
Definition libpq-int.h:229
SERVER_TYPE_STANDBY
@ SERVER_TYPE_STANDBY
Definition libpq-int.h:241
SERVER_TYPE_PRIMARY
@ SERVER_TYPE_PRIMARY
Definition libpq-int.h:240
SERVER_TYPE_ANY
@ SERVER_TYPE_ANY
Definition libpq-int.h:237
SERVER_TYPE_READ_WRITE
@ SERVER_TYPE_READ_WRITE
Definition libpq-int.h:238
SERVER_TYPE_PREFER_STANDBY_PASS2
@ SERVER_TYPE_PREFER_STANDBY_PASS2
Definition libpq-int.h:243
SERVER_TYPE_PREFER_STANDBY
@ SERVER_TYPE_PREFER_STANDBY
Definition libpq-int.h:242
SERVER_TYPE_READ_ONLY
@ SERVER_TYPE_READ_ONLY
Definition libpq-int.h:239
SOCK_ERRNO
#define SOCK_ERRNO
Definition oauth-utils.c:164
libpq_append_conn_error
void libpq_append_conn_error(PGconn *conn, const char *fmt,...)
Definition oauth-utils.c:95
libpq_gettext
#define libpq_gettext(x)
Definition oauth-utils.h:86
PG_BOOL_YES
@ PG_BOOL_YES
Definition oauth-utils.h:74
PG_BOOL_NO
@ PG_BOOL_NO
Definition oauth-utils.h:75
PG_BOOL_UNKNOWN
@ PG_BOOL_UNKNOWN
Definition oauth-utils.h:73
pg_bswap.h
pg_hton32
#define pg_hton32(x)
Definition pg_bswap.h:121
MAXPGPATH
#define MAXPGPATH
Definition pg_config_manual.h:105
DEFAULT_PGSOCKET_DIR
#define DEFAULT_PGSOCKET_DIR
Definition pg_config_manual.h:198
len
const void size_t len
Definition pg_crc32c_sse42.c:31
connstr
static const char * connstr
Definition pg_dumpall.c:94
pg_prng_uint64_range
uint64 pg_prng_uint64_range(pg_prng_state *state, uint64 rmin, uint64 rmax)
Definition pg_prng.c:144
pg_prng_seed
void pg_prng_seed(pg_prng_state *state, uint64 seed)
Definition pg_prng.c:89
pg_prng_strong_seed
#define pg_prng_strong_seed(state)
Definition pg_prng.h:46
user
static char * user
Definition pg_regress.c:119
port
static int port
Definition pg_regress.c:115
portstr
static char portstr[16]
Definition pg_regress.c:116
hostname
static char * hostname
Definition pg_regress.c:114
buf
static char buf[DEFAULT_XLOG_SEG_SIZE]
Definition pg_test_fsync.c:71
pg_wchar.h
PG_SQL_ASCII
@ PG_SQL_ASCII
Definition pg_wchar.h:226
pg_encoding_to_char
#define pg_encoding_to_char
Definition pg_wchar.h:630
end_time
static int64 end_time
Definition pgbench.c:176
pghost
static const char * pghost
Definition pgbench.c:295
pgport
static const char * pgport
Definition pgbench.c:296
dbName
static const char * dbName
Definition pgbench.c:298
PG_STRERROR_R_BUFLEN
#define PG_STRERROR_R_BUFLEN
Definition port.h:278
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition pgstrcasecmp.c:32
pg_inet_net_ntop
char * pg_inet_net_ntop(int af, const void *src, int bits, char *dst, size_t size)
Definition inet_net_ntop.c:77
sprintf
#define sprintf
Definition port.h:262
pg_set_noblock
bool pg_set_noblock(pgsocket sock)
Definition noblock.c:25
explicit_bzero
void explicit_bzero(void *buf, size_t len)
Definition explicit_bzero.c:68
pgsocket
int pgsocket
Definition port.h:29
snprintf
#define snprintf
Definition port.h:260
socklen_t
unsigned int socklen_t
Definition port.h:40
PGINVALID_SOCKET
#define PGINVALID_SOCKET
Definition port.h:31
strerror_r
#define strerror_r
Definition port.h:277
pg_get_encoding_from_locale
int pg_get_encoding_from_locale(const char *ctype, bool write_message)
Definition chklocale.c:301
strlcpy
size_t strlcpy(char *dst, const char *src, size_t siz)
Definition strlcpy.c:45
pg_strncasecmp
int pg_strncasecmp(const char *s1, const char *s2, size_t n)
Definition pgstrcasecmp.c:65
closesocket
#define closesocket
Definition port.h:397
getpeereid
int getpeereid(int sock, uid_t *uid, gid_t *gid)
Definition getpeereid.c:33
PG_DIAG_SQLSTATE
#define PG_DIAG_SQLSTATE
Definition postgres_ext.h:57
postgres_fe.h
PG_PROTOCOL_MAJOR
#define PG_PROTOCOL_MAJOR(v)
Definition pqcomm.h:86
PG_PROTOCOL_EARLIEST
#define PG_PROTOCOL_EARLIEST
Definition pqcomm.h:94
PG_PROTOCOL_FULL
#define PG_PROTOCOL_FULL(v)
Definition pqcomm.h:88
is_unixsock_path
static bool is_unixsock_path(const char *path)
Definition pqcomm.h:66
PG_PROTOCOL_LATEST
#define PG_PROTOCOL_LATEST
Definition pqcomm.h:95
UNIXSOCK_PATH
#define UNIXSOCK_PATH(path, port, sockdir)
Definition pqcomm.h:43
UNIXSOCK_PATH_BUFLEN
#define UNIXSOCK_PATH_BUFLEN
Definition pqcomm.h:59
NEGOTIATE_GSS_CODE
#define NEGOTIATE_GSS_CODE
Definition pqcomm.h:129
NEGOTIATE_SSL_CODE
#define NEGOTIATE_SSL_CODE
Definition pqcomm.h:128
ProtocolVersion
uint32 ProtocolVersion
Definition pqcomm.h:132
PG_PROTOCOL_GREASE
#define PG_PROTOCOL_GREASE
Definition pqcomm.h:115
AuthRequest
uint32 AuthRequest
Definition pqcomm.h:151
PG_PROTOCOL
#define PG_PROTOCOL(m, n)
Definition pqcomm.h:89
initPQExpBuffer
void initPQExpBuffer(PQExpBuffer str)
Definition pqexpbuffer.c:90
enlargePQExpBuffer
int enlargePQExpBuffer(PQExpBuffer str, size_t needed)
Definition pqexpbuffer.c:172
appendPQExpBuffer
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition pqexpbuffer.c:265
appendPQExpBufferChar
void appendPQExpBufferChar(PQExpBuffer str, char ch)
Definition pqexpbuffer.c:378
appendPQExpBufferStr
void appendPQExpBufferStr(PQExpBuffer str, const char *data)
Definition pqexpbuffer.c:367
termPQExpBuffer
void termPQExpBuffer(PQExpBuffer str)
Definition pqexpbuffer.c:129
PQExpBufferBroken
#define PQExpBufferBroken(str)
Definition pqexpbuffer.h:59
PQExpBufferDataBroken
#define PQExpBufferDataBroken(buf)
Definition pqexpbuffer.h:67
c
char * c
Definition preproc-cursor.c:31
e
e
Definition preproc-init.c:82
fb
static int fb(int x)
Definition preproc-init.c:92
AUTH_REQ_SSPI
#define AUTH_REQ_SSPI
Definition protocol.h:105
AUTH_REQ_SASL_CONT
#define AUTH_REQ_SASL_CONT
Definition protocol.h:107
AUTH_REQ_GSS
#define AUTH_REQ_GSS
Definition protocol.h:103
AUTH_REQ_MD5
#define AUTH_REQ_MD5
Definition protocol.h:101
AUTH_REQ_OK
#define AUTH_REQ_OK
Definition protocol.h:96
PqMsg_AuthenticationRequest
#define PqMsg_AuthenticationRequest
Definition protocol.h:50
PqMsg_NegotiateProtocolVersion
#define PqMsg_NegotiateProtocolVersion
Definition protocol.h:59
AUTH_REQ_PASSWORD
#define AUTH_REQ_PASSWORD
Definition protocol.h:99
AUTH_REQ_GSS_CONT
#define AUTH_REQ_GSS_CONT
Definition protocol.h:104
PqMsg_ErrorResponse
#define PqMsg_ErrorResponse
Definition protocol.h:44
AUTH_REQ_SASL
#define AUTH_REQ_SASL
Definition protocol.h:106
PqMsg_Terminate
#define PqMsg_Terminate
Definition protocol.h:28
AUTH_REQ_SASL_FIN
#define AUTH_REQ_SASL_FIN
Definition protocol.h:108
pthread_mutex_unlock
int pthread_mutex_unlock(pthread_mutex_t *mp)
Definition pthread-win32.c:60
pthread_mutex_lock
int pthread_mutex_lock(pthread_mutex_t *mp)
Definition pthread-win32.c:42
PTHREAD_MUTEX_INITIALIZER
#define PTHREAD_MUTEX_INITIALIZER
Definition pthread-win32.h:16
SCRAM_MAX_KEY_LEN
#define SCRAM_MAX_KEY_LEN
Definition scram-common.h:30
SCRAM_SHA_256_DEFAULT_ITERATIONS
#define SCRAM_SHA_256_DEFAULT_ITERATIONS
Definition scram-common.h:50
calloc
#define calloc(a, b)
Definition snowball_runtime.h:55
free
#define free(a)
Definition snowball_runtime.h:65
malloc
#define malloc(a)
Definition snowball_runtime.h:50
gai_strerror
const char * gai_strerror(int errcode)
Definition win32gai_strerror.c:22
error
static void error(void)
Definition sql-dyntest.c:147
password
static char * password
Definition streamutil.c:51
dbname
char * dbname
Definition streamutil.c:49
conn
PGconn * conn
Definition streamutil.c:52
pg_strip_crlf
int pg_strip_crlf(char *str)
Definition string.c:154
AddrInfo::family
int family
Definition pqcomm.h:38
AddrInfo::addr
SockAddr addr
Definition pqcomm.h:39
PGEvent::passThrough
void * passThrough
Definition libpq-int.h:159
PGEvent::name
char * name
Definition libpq-int.h:158
PGEvent::proc
PGEventProc proc
Definition libpq-int.h:157
PGNoticeHooks::noticeProcArg
void * noticeProcArg
Definition libpq-int.h:152
PGNoticeHooks::noticeRec
PQnoticeReceiver noticeRec
Definition libpq-int.h:149
PGNoticeHooks::noticeProc
PQnoticeProcessor noticeProc
Definition libpq-int.h:151
PGNoticeHooks::noticeRecArg
void * noticeRecArg
Definition libpq-int.h:150
SockAddr::addr
struct sockaddr_storage addr
Definition pqcomm.h:32
SockAddr::salen
socklen_t salen
Definition pqcomm.h:33
_PQconninfoOption
Definition libpq-fe.h:272
_internalPQconninfoOption
Definition fe-connect.c:180
_internalPQconninfoOption::dispchar
char * dispchar
Definition fe-connect.c:186
_internalPQconninfoOption::val
char * val
Definition fe-connect.c:184
_internalPQconninfoOption::keyword
char * keyword
Definition fe-connect.c:181
_internalPQconninfoOption::connofs
off_t connofs
Definition fe-connect.c:198
_internalPQconninfoOption::label
char * label
Definition fe-connect.c:185
_internalPQconninfoOption::envvar
char * envvar
Definition fe-connect.c:182
_internalPQconninfoOption::compiled
char * compiled
Definition fe-connect.c:183
_internalPQconninfoOption::dispsize
int dispsize
Definition fe-connect.c:191
cursor::next
struct cursor * next
Definition type.h:148
option::val
int val
Definition getopt_long.h:22
pgNotify::next
struct pgNotify * next
Definition libpq-fe.h:234
pgParameterStatus::next
struct pgParameterStatus * next
Definition libpq-int.h:271
pg_cancel_conn
Definition fe-cancel.c:32
pg_conn_host
Definition libpq-int.h:356
pg_conn_host::host
char * host
Definition libpq-int.h:358
pg_conn_host::password
char * password
Definition libpq-int.h:362
pg_conn_host::port
char * port
Definition libpq-int.h:360
pg_conn_host::hostaddr
char * hostaddr
Definition libpq-int.h:359
pg_conn_host::type
pg_conn_host_type type
Definition libpq-int.h:357
pg_conn
Definition libpq-int.h:372
pg_conn::laddr
SockAddr laddr
Definition libpq-int.h:501
pg_conn::try_next_host
bool try_next_host
Definition libpq-int.h:538
pg_conn::addr
AddrInfo * addr
Definition libpq-int.h:541
pg_conn::be_cancel_key
uint8 * be_cancel_key
Definition libpq-int.h:554
pg_conn::replication
char * replication
Definition libpq-int.h:391
pg_conn::scram_client_key_binary
uint8 * scram_client_key_binary
Definition libpq-int.h:545
pg_conn::write_err_msg
char * write_err_msg
Definition libpq-int.h:513
pg_conn::failed_enc_methods
uint8 failed_enc_methods
Definition libpq-int.h:616
pg_conn::notifyHead
PGnotify * notifyHead
Definition libpq-int.h:476
pg_conn::sslrootcert
char * sslrootcert
Definition libpq-int.h:413
pg_conn::rowBuf
PGdataValue * rowBuf
Definition libpq-int.h:593
pg_conn::sslnegotiation
char * sslnegotiation
Definition libpq-int.h:407
pg_conn::sslcompression
char * sslcompression
Definition libpq-int.h:408
pg_conn::oauth_discovery_uri
char * oauth_discovery_uri
Definition libpq-int.h:441
pg_conn::sigpipe_flag
bool sigpipe_flag
Definition libpq-int.h:511
pg_conn::oauth_scope
char * oauth_scope
Definition libpq-int.h:445
pg_conn::nconnhost
int nconnhost
Definition libpq-int.h:480
pg_conn::require_auth
char * require_auth
Definition libpq-int.h:428
pg_conn::sock
pgsocket sock
Definition libpq-int.h:499
pg_conn::inBuffer
char * inBuffer
Definition libpq-int.h:576
pg_conn::channel_binding
char * channel_binding
Definition libpq-int.h:398
pg_conn::pversion
ProtocolVersion pversion
Definition libpq-int.h:503
pg_conn::std_strings
bool std_strings
Definition libpq-int.h:557
pg_conn::write_failed
bool write_failed
Definition libpq-int.h:512
pg_conn::sslcrldir
char * sslcrldir
Definition libpq-int.h:415
pg_conn::gssdelegation
char * gssdelegation
Definition libpq-int.h:422
pg_conn::pgoptions
char * pgoptions
Definition libpq-int.h:387
pg_conn::send_appname
bool send_appname
Definition libpq-int.h:543
pg_conn::xactStatus
PGTransactionStatusType xactStatus
Definition libpq-int.h:464
pg_conn::sslcrl
char * sslcrl
Definition libpq-int.h:414
pg_conn::pghost
char * pghost
Definition libpq-int.h:374
pg_conn::sasl
const pg_fe_sasl_mech * sasl
Definition libpq-int.h:611
pg_conn::scram_client_key_len
size_t scram_client_key_len
Definition libpq-int.h:544
pg_conn::cancelRequest
bool cancelRequest
Definition libpq-int.h:434
pg_conn::inCursor
int inCursor
Definition libpq-int.h:579
pg_conn::ssl_max_protocol_version
char * ssl_max_protocol_version
Definition libpq-int.h:426
pg_conn::in_hot_standby
PGTernaryBool in_hot_standby
Definition libpq-int.h:559
pg_conn::scram_server_key_binary
uint8 * scram_server_key_binary
Definition libpq-int.h:547
pg_conn::cleanup_async_auth
void(* cleanup_async_auth)(PGconn *conn)
Definition libpq-int.h:529
pg_conn::pgpass
char * pgpass
Definition libpq-int.h:396
pg_conn::be_pid
int be_pid
Definition libpq-int.h:552
pg_conn::client_finished_auth
bool client_finished_auth
Definition libpq-int.h:521
pg_conn::cmd_queue_recycle
PGcmdQueueEntry * cmd_queue_recycle
Definition libpq-int.h:496
pg_conn::min_pversion
ProtocolVersion min_pversion
Definition libpq-int.h:548
pg_conn::dbName
char * dbName
Definition libpq-int.h:390
pg_conn::oauth_client_id
char * oauth_client_id
Definition libpq-int.h:443
pg_conn::inEnd
int inEnd
Definition libpq-int.h:580
pg_conn::oauth_issuer
char * oauth_issuer
Definition libpq-int.h:439
pg_conn::fbappname
char * fbappname
Definition libpq-int.h:389
pg_conn::sslcert
char * sslcert
Definition libpq-int.h:410
pg_conn::sslcertmode
char * sslcertmode
Definition libpq-int.h:412
pg_conn::allowed_auth_methods
uint32 allowed_auth_methods
Definition libpq-int.h:517
pg_conn::target_session_attrs
char * target_session_attrs
Definition libpq-int.h:427
pg_conn::cmd_queue_tail
PGcmdQueueEntry * cmd_queue_tail
Definition libpq-int.h:490
pg_conn::current_enc_method
uint8 current_enc_method
Definition libpq-int.h:617
pg_conn::notifyTail
PGnotify * notifyTail
Definition libpq-int.h:477
pg_conn::auth_required
bool auth_required
Definition libpq-int.h:515
pg_conn::inBufSize
int inBufSize
Definition libpq-int.h:577
pg_conn::naddr
int naddr
Definition libpq-int.h:539
pg_conn::sslpassword
char * sslpassword
Definition libpq-int.h:411
pg_conn::nonblocking
bool nonblocking
Definition libpq-int.h:467
pg_conn::gssapi_used
bool gssapi_used
Definition libpq-int.h:509
pg_conn::client_encoding
int client_encoding
Definition libpq-int.h:556
pg_conn::workBuffer
PQExpBufferData workBuffer
Definition libpq-int.h:687
pg_conn::inStart
int inStart
Definition libpq-int.h:578
pg_conn::keepalives_idle
char * keepalives_idle
Definition libpq-int.h:401
pg_conn::connip
char * connip
Definition libpq-int.h:483
pg_conn::sversion
int sversion
Definition libpq-int.h:504
pg_conn::pgservicefile
char * pgservicefile
Definition libpq-int.h:393
pg_conn::auth_req_received
bool auth_req_received
Definition libpq-int.h:507
pg_conn::oauth_client_secret
char * oauth_client_secret
Definition libpq-int.h:444
pg_conn::max_protocol_version
char * max_protocol_version
Definition libpq-int.h:424
pg_conn::load_balance_hosts
char * load_balance_hosts
Definition libpq-int.h:429
pg_conn::pversion_negotiated
bool pversion_negotiated
Definition libpq-int.h:505
pg_conn::oauth_want_retry
bool oauth_want_retry
Definition libpq-int.h:447
pg_conn::default_transaction_read_only
PGTernaryBool default_transaction_read_only
Definition libpq-int.h:558
pg_conn::pstatus
pgParameterStatus * pstatus
Definition libpq-int.h:555
pg_conn::pguser
char * pguser
Definition libpq-int.h:395
pg_conn::keepalives
char * keepalives
Definition libpq-int.h:400
pg_conn::min_protocol_version
char * min_protocol_version
Definition libpq-int.h:423
pg_conn::result
PGresult * result
Definition libpq-int.h:606
pg_conn::sigpipe_so
bool sigpipe_so
Definition libpq-int.h:510
pg_conn::verbosity
PGVerbosity verbosity
Definition libpq-int.h:560
pg_conn::client_encoding_initial
char * client_encoding_initial
Definition libpq-int.h:386
pg_conn::keepalives_interval
char * keepalives_interval
Definition libpq-int.h:402
pg_conn::whichaddr
int whichaddr
Definition libpq-int.h:540
pg_conn::appname
char * appname
Definition libpq-int.h:388
pg_conn::sslmode
char * sslmode
Definition libpq-int.h:406
pg_conn::prng_state
pg_prng_state prng_state
Definition libpq-int.h:563
pg_conn::pgtcp_user_timeout
char * pgtcp_user_timeout
Definition libpq-int.h:385
pg_conn::ssl_min_protocol_version
char * ssl_min_protocol_version
Definition libpq-int.h:425
pg_conn::oauth_issuer_id
char * oauth_issuer_id
Definition libpq-int.h:440
pg_conn::errorMessage
PQExpBufferData errorMessage
Definition libpq-int.h:683
pg_conn::gssencmode
char * gssencmode
Definition libpq-int.h:418
pg_conn::scram_server_key
char * scram_server_key
Definition libpq-int.h:431
pg_conn::nEvents
int nEvents
Definition libpq-int.h:458
pg_conn::pghostaddr
char * pghostaddr
Definition libpq-int.h:378
pg_conn::sslkey
char * sslkey
Definition libpq-int.h:409
pg_conn::altsock
pgsocket altsock
Definition libpq-int.h:530
pg_conn::scram_client_key
char * scram_client_key
Definition libpq-int.h:430
pg_conn::max_pversion
ProtocolVersion max_pversion
Definition libpq-int.h:549
pg_conn::sslkeylogfile
char * sslkeylogfile
Definition libpq-int.h:432
pg_conn::rowBufLen
int rowBufLen
Definition libpq-int.h:594
pg_conn::async_auth
PostgresPollingStatusType(* async_auth)(PGconn *conn)
Definition libpq-int.h:528
pg_conn::pgpassfile
char * pgpassfile
Definition libpq-int.h:397
pg_conn::last_sqlstate
char last_sqlstate[6]
Definition libpq-int.h:465
pg_conn::asyncStatus
PGAsyncStatusType asyncStatus
Definition libpq-int.h:463
pg_conn::load_balance_type
PGLoadBalanceType load_balance_type
Definition libpq-int.h:535
pg_conn::connect_timeout
char * connect_timeout
Definition libpq-int.h:384
pg_conn::scram_sha_256_iterations
int scram_sha_256_iterations
Definition libpq-int.h:613
pg_conn::krbsrvname
char * krbsrvname
Definition libpq-int.h:419
pg_conn::pipelineStatus
PGpipelineStatus pipelineStatus
Definition libpq-int.h:469
pg_conn::gsslib
char * gsslib
Definition libpq-int.h:420
pg_conn::lobjfuncs
PGlobjfuncs * lobjfuncs
Definition libpq-int.h:562
pg_conn::outBufSize
int outBufSize
Definition libpq-int.h:584
pg_conn::allowed_enc_methods
uint8 allowed_enc_methods
Definition libpq-int.h:615
pg_conn::options_valid
bool options_valid
Definition libpq-int.h:466
pg_conn::noticeHooks
PGNoticeHooks noticeHooks
Definition libpq-int.h:454
pg_conn::target_server_type
PGTargetServerType target_server_type
Definition libpq-int.h:534
pg_conn::Pfdebug
FILE * Pfdebug
Definition libpq-int.h:450
pg_conn::sasl_state
void * sasl_state
Definition libpq-int.h:612
pg_conn::scram_server_key_len
size_t scram_server_key_len
Definition libpq-int.h:546
pg_conn::cmd_queue_head
PGcmdQueueEntry * cmd_queue_head
Definition libpq-int.h:489
pg_conn::raddr
SockAddr raddr
Definition libpq-int.h:502
pg_conn::try_next_addr
bool try_next_addr
Definition libpq-int.h:537
pg_conn::outCount
int outCount
Definition libpq-int.h:585
pg_conn::pgport
char * pgport
Definition libpq-int.h:382
pg_conn::be_cancel_key_len
int be_cancel_key_len
Definition libpq-int.h:553
pg_conn::pgservice
char * pgservice
Definition libpq-int.h:392
pg_conn::allowed_sasl_mechs
const pg_fe_sasl_mech * allowed_sasl_mechs[2]
Definition libpq-int.h:519
pg_conn::whichhost
int whichhost
Definition libpq-int.h:481
pg_conn::show_context
PGContextVisibility show_context
Definition libpq-int.h:561
pg_conn::keepalives_count
char * keepalives_count
Definition libpq-int.h:404
pg_conn::requirepeer
char * requirepeer
Definition libpq-int.h:417
pg_conn::sslsni
char * sslsni
Definition libpq-int.h:416
pg_conn::connhost
pg_conn_host * connhost
Definition libpq-int.h:482
pg_conn::ssl_in_use
bool ssl_in_use
Definition libpq-int.h:620
pg_conn::events
PGEvent * events
Definition libpq-int.h:457
pg_conn::password_needed
bool password_needed
Definition libpq-int.h:508
pg_conn::outBuffer
char * outBuffer
Definition libpq-int.h:583
pg_conn::status
ConnStatusType status
Definition libpq-int.h:462
pg_fe_sasl_mech
Definition fe-auth-sasl.h:44
pg_fe_sasl_mech::free
void(* free)(void *state)
Definition fe-auth-sasl.h:149
pg_result
Definition libpq-int.h:165
pg_result::noticeHooks
PGNoticeHooks noticeHooks
Definition libpq-int.h:183
pg_result::resultStatus
ExecStatusType resultStatus
Definition libpq-int.h:174
pthread_mutex_t
Definition pthread-win32.h:10
flag
char * flag(int b)
Definition test-ctype.c:33
tmpbuf
static StringInfoData tmpbuf
Definition walsender.c:178
stat
#define stat
Definition win32_port.h:74
S_IRWXG
#define S_IRWXG
Definition win32_port.h:300
EINTR
#define EINTR
Definition win32_port.h:361
EWOULDBLOCK
#define EWOULDBLOCK
Definition win32_port.h:367
S_IRWXO
#define S_IRWXO
Definition win32_port.h:312
EINPROGRESS
#define EINPROGRESS
Definition win32_port.h:373
gid_t
int gid_t
Definition win32_port.h:235
fstat
#define fstat
Definition win32_port.h:73
S_ISREG
#define S_ISREG(m)
Definition win32_port.h:318
socket
#define socket(af, type, protocol)
Definition win32_port.h:495
connect
#define connect(s, name, namelen)
Definition win32_port.h:499
uid_t
int uid_t
Definition win32_port.h:234
gettimeofday
int gettimeofday(struct timeval *tp, void *tzp)
Definition win32gettimeofday.c:53