PostgreSQL Source Code
git master
|
#include "postgres_fe.h"
#include <signal.h>
#include <fcntl.h>
#include <ctype.h>
#include "libpq-fe.h"
#include "fe-auth.h"
#include "fe-secure-common.h"
#include "libpq-int.h"
#include <sys/socket.h>
#include <unistd.h>
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
#include <sys/stat.h>
#include <pthread.h>
#include "common/openssl.h"
#include <openssl/conf.h>
#include <openssl/x509v3.h>
Go to the source code of this file.
Macros | |
#define | SSL_ERR_LEN 128 |
Variables | |
static pthread_mutex_t | ssl_config_mutex = PTHREAD_MUTEX_INITIALIZER |
static PQsslKeyPassHook_OpenSSL_type | PQsslKeyPassHook = NULL |
static unsigned char | alpn_protos [] = PG_ALPN_PROTOCOL_VECTOR |
static char | ssl_nomem [] = "out of memory allocating error description" |
static BIO_METHOD * | pgconn_bio_method_ptr |
#define SSL_ERR_LEN 128 |
Definition at line 1489 of file fe-secure-openssl.c.
|
static |
Definition at line 694 of file fe-secure-openssl.c.
References alpn_protos, buf, conn, pg_conn::connhost, err(), free, pg_conn_host::host, libpq_append_conn_error(), MAXPGPATH, PG_STRERROR_R_BUFLEN, pqGetHomeDirectory(), PQssl_passwd_cb(), PQsslKeyPassHook, S_IRWXG, S_IRWXO, S_ISREG, S_IWGRP, S_IXGRP, snprintf, SSL_context, pg_conn::ssl_in_use, pg_conn::ssl_max_protocol_version, pg_conn::ssl_min_protocol_version, ssl_protocol_version_to_openssl(), ssl_set_pgconn_bio(), pg_conn::sslcert, pg_conn::sslcertmode, pg_conn::sslcompression, pg_conn::sslcrl, pg_conn::sslcrldir, SSLerrfree(), SSLerrmessage(), pg_conn::sslkey, pg_conn::sslmode, pg_conn::sslpassword, pg_conn::sslrootcert, pg_conn::sslsni, stat, strerror_r, strlcpy(), verify_cb(), and pg_conn::whichhost.
Referenced by pgtls_open_client().
|
static |
Definition at line 523 of file fe-secure-openssl.c.
References inet_aton().
Referenced by pgtls_verify_peer_name_matches_certificate_guts().
|
static |
Definition at line 1276 of file fe-secure-openssl.c.
References conn, pg_conn::current_enc_method, ENC_SSL, err(), len, libpq_append_conn_error(), PG_ALPN_PROTOCOL, PG_STRERROR_R_BUFLEN, PGRES_POLLING_FAILED, PGRES_POLLING_OK, PGRES_POLLING_READING, PGRES_POLLING_WRITING, pgtls_close(), pq_verify_peer_name_matches_certificate(), SOCK_ERRNO, SOCK_ERRNO_SET, SOCK_STRERROR, pg_conn::ssl_max_protocol_version, pg_conn::ssl_min_protocol_version, SSLerrfree(), SSLerrmessage(), pg_conn::sslnegotiation, and pg_conn::sslrootcert.
Referenced by pgtls_open_client().
|
static |
Definition at line 498 of file fe-secure-openssl.c.
References conn, len, libpq_append_conn_error(), and pq_verify_peer_name_matches_certificate_ip().
Referenced by pgtls_verify_peer_name_matches_certificate_guts().
|
static |
Definition at line 469 of file fe-secure-openssl.c.
References conn, len, libpq_append_conn_error(), and pq_verify_peer_name_matches_certificate_name().
Referenced by pgtls_verify_peer_name_matches_certificate_guts().
|
static |
Definition at line 1741 of file fe-secure-openssl.c.
References conn, pg_conn::last_read_was_eof, and res.
Referenced by pgconn_bio_method().
|
static |
Definition at line 1771 of file fe-secure-openssl.c.
References err(), pgconn_bio_ctrl(), pgconn_bio_method_ptr, pgconn_bio_read(), pgconn_bio_write(), pthread_mutex_lock(), pthread_mutex_unlock(), res, and ssl_config_mutex.
Referenced by ssl_set_pgconn_bio().
|
static |
Definition at line 1676 of file fe-secure-openssl.c.
References buf, conn, EAGAIN, EINTR, EWOULDBLOCK, pg_conn::last_read_was_eof, pqsecure_raw_read(), res, size, SOCK_ERRNO, and pg_conn::ssl_handshake_started.
Referenced by pgconn_bio_method().
|
static |
Definition at line 1711 of file fe-secure-openssl.c.
References buf, EAGAIN, EINTR, EWOULDBLOCK, pqsecure_raw_write(), res, size, and SOCK_ERRNO.
Referenced by pgconn_bio_method().
void pgtls_close | ( | PGconn * | conn | ) |
Definition at line 1440 of file fe-secure-openssl.c.
References conn, pg_conn::ssl_handshake_started, and pg_conn::ssl_in_use.
Referenced by open_client_SSL(), pgtls_open_client(), and pqsecure_close().
char* pgtls_get_peer_certificate_hash | ( | PGconn * | conn, |
size_t * | len | ||
) |
Definition at line 339 of file fe-secure-openssl.c.
References conn, hash(), len, libpq_append_conn_error(), and malloc.
Referenced by build_client_final_message().
PostgresPollingStatusType pgtls_open_client | ( | PGconn * | conn | ) |
Definition at line 95 of file fe-secure-openssl.c.
References conn, initialize_SSL(), open_client_SSL(), PGRES_POLLING_FAILED, and pgtls_close().
Referenced by pqsecure_open_client().
ssize_t pgtls_read | ( | PGconn * | conn, |
void * | ptr, | ||
size_t | len | ||
) |
Definition at line 117 of file fe-secure-openssl.c.
References appendPQExpBufferStr(), conn, ECONNRESET, err(), pg_conn::errorMessage, len, libpq_append_conn_error(), PG_STRERROR_R_BUFLEN, SOCK_ERRNO, SOCK_ERRNO_SET, SOCK_STRERROR, SSLerrfree(), and SSLerrmessage().
Referenced by pqsecure_read().
int pgtls_verify_peer_name_matches_certificate_guts | ( | PGconn * | conn, |
int * | names_examined, | ||
char ** | first_name | ||
) |
Definition at line 543 of file fe-secure-openssl.c.
References Assert, conn, pg_conn::connhost, free, pg_conn_host::host, i, is_ip_address(), name, openssl_verify_peer_name_matches_certificate_ip(), openssl_verify_peer_name_matches_certificate_name(), and pg_conn::whichhost.
Referenced by pq_verify_peer_name_matches_certificate().
ssize_t pgtls_write | ( | PGconn * | conn, |
const void * | ptr, | ||
size_t | len | ||
) |
Definition at line 239 of file fe-secure-openssl.c.
References appendPQExpBufferStr(), conn, ECONNRESET, err(), pg_conn::errorMessage, len, libpq_append_conn_error(), PG_STRERROR_R_BUFLEN, SOCK_ERRNO, SOCK_ERRNO_SET, SOCK_STRERROR, SSLerrfree(), and SSLerrmessage().
Referenced by pqsecure_write().
int PQdefaultSSLKeyPassHook_OpenSSL | ( | char * | buf, |
int | size, | ||
PGconn * | conn | ||
) |
Definition at line 1842 of file fe-secure-openssl.c.
References buf, conn, fprintf, libpq_gettext, size, and pg_conn::sslpassword.
Referenced by PQssl_passwd_cb().
void* PQgetssl | ( | PGconn * | conn | ) |
Definition at line 1564 of file fe-secure-openssl.c.
References conn.
PQsslKeyPassHook_OpenSSL_type PQgetSSLKeyPassHook_OpenSSL | ( | void | ) |
Definition at line 1860 of file fe-secure-openssl.c.
References PQsslKeyPassHook.
void PQsetSSLKeyPassHook_OpenSSL | ( | PQsslKeyPassHook_OpenSSL_type | hook | ) |
Definition at line 1866 of file fe-secure-openssl.c.
References PQsslKeyPassHook.
|
static |
Definition at line 1877 of file fe-secure-openssl.c.
References buf, conn, PQdefaultSSLKeyPassHook_OpenSSL(), PQsslKeyPassHook, and size.
Referenced by initialize_SSL().
const char* PQsslAttribute | ( | PGconn * | conn, |
const char * | attribute_name | ||
) |
Definition at line 1609 of file fe-secure-openssl.c.
References conn, data, len, and snprintf.
Referenced by print_ssl_library(), and printSSLInfo().
const char* const* PQsslAttributeNames | ( | PGconn * | conn | ) |
void* PQsslStruct | ( | PGconn * | conn, |
const char * | struct_name | ||
) |
|
static |
Definition at line 1898 of file fe-secure-openssl.c.
References pg_strcasecmp().
Referenced by initialize_SSL().
|
static |
Definition at line 1816 of file fe-secure-openssl.c.
References conn, and pgconn_bio_method().
Referenced by initialize_SSL().
|
static |
Definition at line 1550 of file fe-secure-openssl.c.
References buf, free, and ssl_nomem.
Referenced by initialize_SSL(), open_client_SSL(), pgtls_read(), and pgtls_write().
|
static |
Definition at line 1492 of file fe-secure-openssl.c.
References libpq_gettext, malloc, snprintf, SSL_ERR_LEN, ssl_nomem, strerror_r, and strlcpy().
Referenced by initialize_SSL(), open_client_SSL(), pgtls_read(), and pgtls_write().
|
static |
Definition at line 429 of file fe-secure-openssl.c.
Referenced by initialize_SSL().
|
static |
Definition at line 685 of file fe-secure-openssl.c.
Referenced by initialize_SSL().
|
static |
Definition at line 1673 of file fe-secure-openssl.c.
Referenced by pgconn_bio_method().
|
static |
Definition at line 87 of file fe-secure-openssl.c.
Referenced by initialize_SSL(), PQgetSSLKeyPassHook_OpenSSL(), PQsetSSLKeyPassHook_OpenSSL(), and PQssl_passwd_cb().
|
static |
Definition at line 85 of file fe-secure-openssl.c.
Referenced by pgconn_bio_method().
|
static |
Definition at line 1487 of file fe-secure-openssl.c.
Referenced by SSLerrfree(), and SSLerrmessage().