database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-10 17:42:29 +03:00
Code Activity

From: todd brandys <brandys@eng3.hep.uiuc.edu>

Browse Source 
An extension to the code to allow for a pg_password authentication database
that is *seperate* from the system password file
This commit is contained in:
Marc G. Fournier
1997-12-04 00:28:15 +00:00
parent 333323f304
commit 4c04f7724e
19 changed files with 494 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/backend/commands/Makefile
View File

@@ -4,7 +4,7 @@
# Makefile for commands
#
# IDENTIFICATION
# $Header: /cvsroot/pgsql/src/backend/commands/Makefile,v 1.7 1997/11/24 05:20:49 momjian Exp $
# $Header: /cvsroot/pgsql/src/backend/commands/Makefile,v 1.8 1997/12/04 00:26:44 scrappy Exp $
#
#-------------------------------------------------------------------------
@@ -19,7 +19,7 @@ CFLAGS+=$(INCLUDE_OPT)
OBJS = async.o creatinh.o command.o copy.o defind.o define.o \
remove.o rename.o vacuum.o version.o view.o cluster.o \
recipe.o explain.o sequence.o trigger.o proclang.o dbcommands.o
recipe.o explain.o sequence.o trigger.o user.o proclang.o dbcommands.o
all: SUBSYS.o

4
src/backend/libpq/Makefile
View File

@@ -4,7 +4,7 @@
# Makefile for libpq subsystem (backend half of libpq interface)
#
# IDENTIFICATION
# $Header: /cvsroot/pgsql/src/backend/libpq/Makefile,v 1.7 1997/04/04 10:39:19 scrappy Exp $
# $Header: /cvsroot/pgsql/src/backend/libpq/Makefile,v 1.8 1997/12/04 00:26:47 scrappy Exp $
#
#-------------------------------------------------------------------------
@@ -24,7 +24,7 @@ LDFLAGS+= $(KRBLIBS)
endif
OBJS = be-dumpdata.o be-fsstubs.o be-pqexec.o pqcomprim.o\
auth.o hba.o pqcomm.o portal.o util.o portalbuf.o pqpacket.o pqsignal.o \
auth.o hba.o crypt.o pqcomm.o portal.o util.o portalbuf.o pqpacket.o pqsignal.o \
password.o
all: SUBSYS.o

32
src/backend/libpq/auth.c
View File

@@ -7,7 +7,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.18 1997/11/17 16:10:06 thomas Exp $
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.19 1997/12/04 00:26:50 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@@ -71,6 +71,7 @@
#include <libpq/libpq-be.h>
#include <libpq/hba.h>
#include <libpq/password.h>
#include <libpq/crypt.h>
static int be_getauthsvc(MsgType msgtype);
@@ -122,7 +123,8 @@ static struct authsvc authsvcs[] = {
#else
{"kerberos", STARTUP_KRB4_MSG, 1},
#endif
{"password", STARTUP_PASSWORD_MSG, 1}
{"password", STARTUP_PASSWORD_MSG, 1},
{"crypt", STARTUP_CRYPT_MSG, 1}
};
static n_authsvcs = sizeof(authsvcs) / sizeof(struct authsvc);
@@ -445,6 +447,28 @@ pg_password_recvauth(Port *port, char *database, char *DataDir)
return verify_password(user, password, port, database, DataDir);
}
static int
crypt_recvauth(Port *port)
{
PacketBuf buf;
char *user,
*password;
if (PacketReceive(port, &buf, BLOCKING) != STATUS_OK)
{
sprintf(PQerrormsg,
"crypt_recvauth: failed to receive authentication packet.\n");
fputs(PQerrormsg, stderr);
pqdebug("%s", PQerrormsg);
return STATUS_ERROR;
}
user = buf.data;
password = buf.data + strlen(user) + 1;
return crypt_verify(port, user, password);
}
/*
* be_recvauth -- server demux routine for incoming authentication information
*/
@@ -571,6 +595,10 @@ be_recvauth(MsgType msgtype_arg, Port *port, char *username, StartupInfo *sp)
return (STATUS_ERROR);
}
break;
case STARTUP_CRYPT_MSG:
if (crypt_recvauth(port) != STATUS_OK)
return STATUS_ERROR;
break;
default:
sprintf(PQerrormsg,
"be_recvauth: unrecognized message type: %d\n",

122
src/backend/parser/gram.y
View File

@@ -10,7 +10,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 1.75 1997/12/02 16:09:15 momjian Exp $
* $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 1.76 1997/12/04 00:26:57 scrappy Exp $
*
* HISTORY
* AUTHOR DATE MAJOR EVENT
@@ -40,6 +40,7 @@
#include "nodes/print.h"
#include "parser/gramparse.h"
#include "utils/acl.h"
#include "utils/palloc.h"
#include "catalog/catname.h"
#include "utils/elog.h"
#include "access/xact.h"
@@ -83,6 +84,7 @@ Oid param_type(int t); /* used in parse_expr.c */
char chr;
char *str;
bool boolean;
bool* pboolean; /* for pg_user privileges */
List *list;
Node *node;
Value *value;
@@ -119,10 +121,16 @@ Oid param_type(int t); /* used in parse_expr.c */
RenameStmt, RevokeStmt, RuleStmt, TransactionStmt, ViewStmt, LoadStmt,
CreatedbStmt, DestroydbStmt, VacuumStmt, RetrieveStmt, CursorStmt,
ReplaceStmt, AppendStmt, NotifyStmt, DeleteStmt, ClusterStmt,
ExplainStmt, VariableSetStmt, VariableShowStmt, VariableResetStmt
ExplainStmt, VariableSetStmt, VariableShowStmt, VariableResetStmt,
CreateUserStmt, AlterUserStmt, DropUserStmt
%type <str> opt_database, location
%type <pboolean> user_createdb_clause, user_createuser_clause
%type <str> user_passwd_clause
%type <str> user_valid_clause
%type <list> user_group_list, user_group_clause
%type <node> SubSelect
%type <str> join_expr, join_outer, join_spec
%type <boolean> TriggerActionTime, TriggerForSpec, PLangTrusted
@@ -268,6 +276,14 @@ Oid param_type(int t); /* used in parse_expr.c */
SEQUENCE, SETOF, SHOW, STDIN, STDOUT, TRUSTED,
VACUUM, VERBOSE, VERSION
/*
* Tokens for pg_passwd support. The CREATEDB and CREATEUSER tokens should go away
* when some sort of pg_privileges relation is introduced.
*
* Todd A. Brandys
*/
%token USER, PASSWORD, CREATEDB, NOCREATEDB, CREATEUSER, NOCREATEUSER, VALID, UNTIL
/* Special keywords, not in the query language - see the "lex" file */
%token <str> IDENT, SCONST, Op
%token <ival> ICONST, PARAM
@@ -318,17 +334,20 @@ stmtmulti: stmtmulti stmt ';'
;
stmt : AddAttrStmt
| AlterUserStmt
| ClosePortalStmt
| CopyStmt
| CreateStmt
| CreateSeqStmt
| CreatePLangStmt
| CreateTrigStmt
| CreateUserStmt
| ClusterStmt
| DefineStmt
| DestroyStmt
| DropPLangStmt
| DropTrigStmt
| DropUserStmt
| ExtendStmt
| ExplainStmt
| FetchStmt
@@ -356,6 +375,105 @@ stmt : AddAttrStmt
| VariableResetStmt
;
/*****************************************************************************
*
* Create a new postresql DBMS user
*
*
*****************************************************************************/
CreateUserStmt: CREATE USER Id
user_passwd_clause
user_createdb_clause
user_createuser_clause
user_group_clause
user_valid_clause
{ CreateUserStmt *n = makeNode(CreateUserStmt);
n->user = $3;
n->password = $4;
n->createdb = $5;
n->createuser = $6;
n->groupElts = $7;
n->validUntil = $8;
$$ = (Node *)n;
}
;
/*****************************************************************************
*
* Alter a postresql DBMS user
*
*
*****************************************************************************/
AlterUserStmt: ALTER USER Id
user_passwd_clause
user_createdb_clause
user_createuser_clause
user_group_clause
user_valid_clause
{ AlterUserStmt *n = makeNode(AlterUserStmt);
n->user = $3;
n->password = $4;
n->createdb = $5;
n->createuser = $6;
n->groupElts = $7;
n->validUntil = $8;
$$ = (Node *)n;
}
;
/*****************************************************************************
*
* Drop a postresql DBMS user
*
*
*****************************************************************************/
DropUserStmt: DROP USER Id
{ DropUserStmt *n = makeNode(DropUserStmt);
n->user = $3;
$$ = (Node *)n;
}
;
user_passwd_clause: WITH PASSWORD Id { $$ = $3; }
| /*EMPTY*/ { $$ = NULL; }
;
user_createdb_clause: CREATEDB { bool* b;
$$ = (b = (bool*)palloc(sizeof(bool)));
*b = true;
}
| NOCREATEDB { bool* b;
$$ = (b = (bool*)palloc(sizeof(bool)));
*b = false;
}
| /*EMPTY*/ { $$ = NULL; }
;
user_createuser_clause: CREATEUSER { bool* b;
$$ = (b = (bool*)palloc(sizeof(bool)));
*b = true;
}
| NOCREATEUSER { bool* b;
$$ = (b = (bool*)palloc(sizeof(bool)));
*b = false;
}
| /*EMPTY*/ { $$ = NULL; }
;
user_group_list: user_group_list ',' Id { $$ = lcons((void*)makeString($3), $1); }
| Id { $$ = makeList((void*)makeString($1), NULL); }
;
user_group_clause: IN GROUP user_group_list { $$ = $3; }
| /*EMPTY*/ { $$ = NULL; }
;
user_valid_clause: VALID UNTIL SCONST { $$ = $3; }
| /*EMPTY*/ { $$ = NULL; }
;
/*****************************************************************************
*

10
src/backend/parser/keywords.c
View File

@@ -7,7 +7,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/parser/keywords.c,v 1.26 1997/11/26 01:11:08 momjian Exp $
* $Header: /cvsroot/pgsql/src/backend/parser/keywords.c,v 1.27 1997/12/04 00:27:04 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@@ -64,6 +64,8 @@ static ScanKeyword ScanKeywords[] = {
{"constraint", CONSTRAINT},
{"copy", COPY},
{"create", CREATE},
{"createdb", CREATEDB},
{"createuser", CREATEUSER},
{"cross", CROSS},
{"current", CURRENT},
{"current_date", CURRENT_DATE},
@@ -133,6 +135,8 @@ static ScanKeyword ScanKeywords[] = {
{"natural", NATURAL},
{"nchar", NCHAR},
{"new", NEW},
{"nocreatedb", NOCREATEDB},
{"nocreateuser", NOCREATEUSER},
{"none", NONE},
{"no", NO},
{"not", NOT},
@@ -149,6 +153,7 @@ static ScanKeyword ScanKeywords[] = {
{"order", ORDER},
{"outer", OUTER_P},
{"partial", PARTIAL},
{"password", PASSWORD},
{"position", POSITION},
{"precision", PRECISION},
{"primary", PRIMARY},
@@ -188,9 +193,12 @@ static ScanKeyword ScanKeywords[] = {
{"type", TYPE_P},
{"union", UNION},
{"unique", UNIQUE},
{"until", UNTIL},
{"update", UPDATE},
{"user", USER},
{"using", USING},
{"vacuum", VACUUM},
{"valid", VALID},
{"values", VALUES},
{"varchar", VARCHAR},
{"varying", VARYING},

68
src/backend/postmaster/postmaster.c
View File

@@ -10,7 +10,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/postmaster/postmaster.c,v 1.62 1997/11/17 03:47:28 scrappy Exp $
* $Header: /cvsroot/pgsql/src/backend/postmaster/postmaster.c,v 1.63 1997/12/04 00:27:17 scrappy Exp $
*
* NOTES
*
@@ -47,6 +47,7 @@
#include <signal.h>
#include <string.h>
#include <stdlib.h>
#include <time.h>
#if !defined(NO_UNISTD_H)
#include <unistd.h>
@@ -78,6 +79,7 @@
#include "libpq/auth.h"
#include "libpq/pqcomm.h"
#include "libpq/pqsignal.h"
#include "libpq/crypt.h"
#include "miscadmin.h"
#include "version.h"
#include "lib/dllist.h"
@@ -199,6 +201,7 @@ static void usage(const char *);
static int ServerLoop(void);
static int BackendStartup(StartupInfo *packet, Port *port, int *pidPtr);
static void send_error_reply(Port *port, const char *errormsg);
static void RandomSalt(char* salt);
extern char *optarg;
extern int optind,
@@ -663,7 +666,27 @@ ServerLoop(void)
switch (status)
{
case STATUS_OK:
{
/* Here is where we check for a USER login packet. If there is one, then
* we must deterine whether the login has a password in pg_user. If so, send
* back a salt to crypt() the password with. Otherwise, send an unsalt packet
* back and read the real startup packet.
*/
if (ntohl(port->buf.msgtype) == STARTUP_USER_MSG) {
PacketLen plen;
port->buf.msgtype = htonl(crypt_salt(port->buf.data));
plen = sizeof(port->buf.len) + sizeof(port->buf.msgtype) + 2;
port->buf.len = htonl(plen);
RandomSalt(port->salt);
memcpy((void*)port->buf.data, (void*)port->salt, 2);
status = PacketSend(port, &port->buf, plen, BLOCKING);
if (status != STATUS_OK)
break;
/* port->nBytes = 0; */
continue;
} else {
int CSstatus; /* Completion status of
* ConnStartup */
char errormsg[200]; /* error msg from
@@ -1355,3 +1378,44 @@ dumpstatus(SIGNAL_ARGS)
curr = DLGetSucc(curr);
}
}
/*
* CharRemap
*/
static char
CharRemap(long int ch) {
if (ch < 0)
ch = -ch;
ch = ch % 62;
if (ch < 26)
return ('A' + ch);
ch -= 26;
if (ch < 26)
return ('a' + ch);
ch -= 26;
return ('0' + ch);
}
/*
* RandomSalt
*/
static void
RandomSalt(char* salt) {
static bool initialized = false;
if (!initialized) {
time_t now;
now = time(NULL);
srandom((unsigned int)now);
initialized = true;
}
*salt = CharRemap(random());
*(salt + 1) = CharRemap(random());
}

28
src/backend/tcop/utility.c
View File

@@ -9,7 +9,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.31 1997/11/24 05:32:40 momjian Exp $
* $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.32 1997/12/04 00:27:24 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@@ -721,6 +721,32 @@ ProcessUtility(Node * parsetree,
DropProceduralLanguage((DropPLangStmt *) parsetree);
break;
/*
* ******************************** USER statements ****
*
*/
case T_CreateUserStmt:
commandTag = "CREATE USER";
CHECK_IF_ABORTED();
DefineUser((CreateUserStmt*)parsetree);
break;
case T_AlterUserStmt:
commandTag = "ALTER USER";
CHECK_IF_ABORTED();
AlterUser((AlterUserStmt*)parsetree);
break;
case T_DropUserStmt:
commandTag = "DROP USER";
CHECK_IF_ABORTED();
RemoveUser(((DropUserStmt*)parsetree)->user);
break;
/*
* ******************************** default ********************************
*