database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-10-25 13:17:41 +03:00
Code Activity

Make cancel request keys longer

Browse Source 
Currently, the cancel request key is a 32-bit token, which isn't very
much entropy. If you want to cancel another session's query, you can
brute-force it. In most environments, an unauthorized cancellation of
a query isn't very serious, but it nevertheless would be nice to have
more protection from it. Hence make the key longer, to make it harder
to guess.

The longer cancellation keys are generated when using the new protocol
version 3.2. For connections using version 3.0, short 4-bytes keys are
still used.

The new longer key length is not hardcoded in the protocol anymore,
the client is expected to deal with variable length keys, up to 256
bytes. This flexibility allows e.g. a connection pooler to add more
information to the cancel key, which might be useful for finding the
connection.

Reviewed-by: Jelte Fennema-Nio <postgres@jeltef.nl>
Reviewed-by: Robert Haas <robertmhaas@gmail.com> (earlier versions)
Discussion: https://www.postgresql.org/message-id/508d0505-8b7a-4864-a681-e7e5edfe32aa@iki.fi
This commit is contained in:
Heikki Linnakangas
2025-04-02 16:41:48 +03:00
parent 285613c60a
commit a460251f0a
14 changed files with 252 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/include/storage/procsignal.h
View File

@@ -56,16 +56,26 @@ typedef enum
PROCSIGNAL_BARRIER_SMGRRELEASE, /* ask smgr to close files */
} ProcSignalBarrierType;
/*
* Length of query cancel keys generated.
*
* Note that the protocol allows for longer keys, or shorter, but this is the
* length we actually generate. Client code, and the server code that handles
* incoming cancellation packets from clients, mustn't use this hardcoded
* length.
*/
#define MAX_CANCEL_KEY_LENGTH 32
/*
* prototypes for functions in procsignal.c
*/
extern Size ProcSignalShmemSize(void);
extern void ProcSignalShmemInit(void);
extern void ProcSignalInit(bool cancel_key_valid, int32 cancel_key);
extern void ProcSignalInit(char *cancel_key, int cancel_key_len);
extern int SendProcSignal(pid_t pid, ProcSignalReason reason,
ProcNumber procNumber);
extern void SendCancelRequest(int backendPID, int32 cancelAuthCode);
extern void SendCancelRequest(int backendPID, char *cancel_key, int cancel_key_len);
extern uint64 EmitProcSignalBarrier(ProcSignalBarrierType type);
extern void WaitForProcSignalBarrier(uint64 generation);