pgindent run before PG 9.1 beta 1.

2025-07-27 12:41:57 +03:00 · 2011-04-10 11:42:00 -04:00
parent 9a8b73147c
commit bf50caf105
446 changed files with 5737 additions and 5258 deletions
--- a/contrib/sepgsql/hooks.c
+++ b/contrib/sepgsql/hooks.c
@ -29,17 +29,17 @@ PG_MODULE_MAGIC;
 /*
 * Declarations
 */
-void _PG_init(void);
+void		_PG_init(void);

 /*
 * Saved hook entries (if stacked)
 */
-static object_access_hook_type			next_object_access_hook = NULL;
-static ClientAuthentication_hook_type	next_client_auth_hook = NULL;
-static ExecutorCheckPerms_hook_type		next_exec_check_perms_hook = NULL;
-static needs_fmgr_hook_type				next_needs_fmgr_hook = NULL;
-static fmgr_hook_type					next_fmgr_hook = NULL;
-static ProcessUtility_hook_type			next_ProcessUtility_hook = NULL;
+static object_access_hook_type next_object_access_hook = NULL;
+static ClientAuthentication_hook_type next_client_auth_hook = NULL;
+static ExecutorCheckPerms_hook_type next_exec_check_perms_hook = NULL;
+static needs_fmgr_hook_type next_needs_fmgr_hook = NULL;
+static fmgr_hook_type next_fmgr_hook = NULL;
+static ProcessUtility_hook_type next_ProcessUtility_hook = NULL;

 /*
 * GUC: sepgsql.permissive = (on|off)
@ -73,14 +73,14 @@ sepgsql_get_debug_audit(void)
 static void
 sepgsql_client_auth(Port *port, int status)
 {
-	char   *context;
+	char	   *context;

 	if (next_client_auth_hook)
-		(*next_client_auth_hook)(port, status);
+		(*next_client_auth_hook) (port, status);

 	/*
-	 * In the case when authentication failed, the supplied socket
-	 * shall be closed soon, so we don't need to do anything here.
+	 * In the case when authentication failed, the supplied socket shall be
+	 * closed soon, so we don't need to do anything here.
 	 */
 	if (status != STATUS_OK)
 		return;
@ -96,8 +96,8 @@ sepgsql_client_auth(Port *port, int status)
 	sepgsql_set_client_label(context);

 	/*
-	 * Switch the current performing mode from INTERNAL to either
-	 * DEFAULT or PERMISSIVE.
+	 * Switch the current performing mode from INTERNAL to either DEFAULT or
+	 * PERMISSIVE.
 	 */
 	if (sepgsql_permissive)
 		sepgsql_set_mode(SEPGSQL_MODE_PERMISSIVE);
@ -113,12 +113,12 @@ sepgsql_client_auth(Port *port, int status)
 */
 static void
 sepgsql_object_access(ObjectAccessType access,
-                      Oid classId,
-                      Oid objectId,
-                      int subId)
+					  Oid classId,
+					  Oid objectId,
+					  int subId)
 {
 	if (next_object_access_hook)
-		(*next_object_access_hook)(access, classId, objectId, subId);
+		(*next_object_access_hook) (access, classId, objectId, subId);

 	switch (access)
 	{
@ -147,7 +147,7 @@ sepgsql_object_access(ObjectAccessType access,
 			break;

 		default:
-			elog(ERROR, "unexpected object access type: %d", (int)access);
+			elog(ERROR, "unexpected object access type: %d", (int) access);
 			break;
 	}
 }
@ -161,11 +161,11 @@ static bool
 sepgsql_exec_check_perms(List *rangeTabls, bool abort)
 {
 	/*
-	 * If security provider is stacking and one of them replied 'false'
-	 * at least, we don't need to check any more.
+	 * If security provider is stacking and one of them replied 'false' at
+	 * least, we don't need to check any more.
 	 */
 	if (next_exec_check_perms_hook &&
-		!(*next_exec_check_perms_hook)(rangeTabls, abort))
+		!(*next_exec_check_perms_hook) (rangeTabls, abort))
 		return false;

 	if (!sepgsql_dml_privileges(rangeTabls, abort))
@ -184,20 +184,19 @@ sepgsql_exec_check_perms(List *rangeTabls, bool abort)
 static bool
 sepgsql_needs_fmgr_hook(Oid functionId)
 {
-	char   *old_label;
-	char   *new_label;
-	char   *function_label;
+	char	   *old_label;
+	char	   *new_label;
+	char	   *function_label;

 	if (next_needs_fmgr_hook &&
-		(*next_needs_fmgr_hook)(functionId))
+		(*next_needs_fmgr_hook) (functionId))
 		return true;

 	/*
-	 * SELinux needs the function to be called via security_definer
-	 * wrapper, if this invocation will take a domain-transition.
-	 * We call these functions as trusted-procedure, if the security
-	 * policy has a rule that switches security label of the client
-	 * on execution.
+	 * SELinux needs the function to be called via security_definer wrapper,
+	 * if this invocation will take a domain-transition. We call these
+	 * functions as trusted-procedure, if the security policy has a rule that
+	 * switches security label of the client on execution.
 	 */
 	old_label = sepgsql_get_client_label();
 	new_label = sepgsql_proc_get_domtrans(functionId);
@ -210,9 +209,9 @@ sepgsql_needs_fmgr_hook(Oid functionId)

 	/*
 	 * Even if not a trusted-procedure, this function should not be inlined
-	 * unless the client has db_procedure:{execute} permission.
-	 * Please note that it shall be actually failed later because of same
-	 * reason with ACL_EXECUTE.
+	 * unless the client has db_procedure:{execute} permission. Please note
+	 * that it shall be actually failed later because of same reason with
+	 * ACL_EXECUTE.
 	 */
 	function_label = sepgsql_get_label(ProcedureRelationId, functionId, 0);
 	if (sepgsql_check_perms(sepgsql_get_client_label(),
@ -238,20 +237,21 @@ static void
 sepgsql_fmgr_hook(FmgrHookEventType event,
 				  FmgrInfo *flinfo, Datum *private)
 {
-	struct {
-		char   *old_label;
-		char   *new_label;
-		Datum	next_private;
-	} *stack;
+	struct
+	{
+		char	   *old_label;
+		char	   *new_label;
+		Datum		next_private;
+	}		   *stack;

 	switch (event)
 	{
 		case FHET_START:
-			stack = (void *)DatumGetPointer(*private);
+			stack = (void *) DatumGetPointer(*private);
 			if (!stack)
 			{
-				MemoryContext	oldcxt;
-				const char	   *cur_label = sepgsql_get_client_label();
+				MemoryContext oldcxt;
+				const char *cur_label = sepgsql_get_client_label();

 				oldcxt = MemoryContextSwitchTo(flinfo->fn_mcxt);
 				stack = palloc(sizeof(*stack));
@ -265,8 +265,8 @@ sepgsql_fmgr_hook(FmgrHookEventType event,
 				{
 					/*
 					 * process:transition permission between old and new
-					 * label, when user tries to switch security label of
-					 * the client on execution of trusted procedure.
+					 * label, when user tries to switch security label of the
+					 * client on execution of trusted procedure.
 					 */
 					sepgsql_check_perms(cur_label, stack->new_label,
 										SEPG_CLASS_PROCESS,
@ -280,22 +280,22 @@ sepgsql_fmgr_hook(FmgrHookEventType event,
 			stack->old_label = sepgsql_set_client_label(stack->new_label);

 			if (next_fmgr_hook)
-				(*next_fmgr_hook)(event, flinfo, &stack->next_private);
+				(*next_fmgr_hook) (event, flinfo, &stack->next_private);
 			break;

 		case FHET_END:
 		case FHET_ABORT:
-			stack = (void *)DatumGetPointer(*private);
+			stack = (void *) DatumGetPointer(*private);

 			if (next_fmgr_hook)
-				(*next_fmgr_hook)(event, flinfo, &stack->next_private);
+				(*next_fmgr_hook) (event, flinfo, &stack->next_private);

 			sepgsql_set_client_label(stack->old_label);
 			stack->old_label = NULL;
 			break;

 		default:
-			elog(ERROR, "unexpected event type: %d", (int)event);
+			elog(ERROR, "unexpected event type: %d", (int) event);
 			break;
 	}
 }
@ -315,8 +315,8 @@ sepgsql_utility_command(Node *parsetree,
 						char *completionTag)
 {
 	if (next_ProcessUtility_hook)
-		(*next_ProcessUtility_hook)(parsetree, queryString, params,
-									isTopLevel, dest, completionTag);
+		(*next_ProcessUtility_hook) (parsetree, queryString, params,
+									 isTopLevel, dest, completionTag);

 	/*
 	 * Check command tag to avoid nefarious operations
@ -324,6 +324,7 @@ sepgsql_utility_command(Node *parsetree,
 	switch (nodeTag(parsetree))
 	{
 		case T_LoadStmt:
+
 			/*
 			 * We reject LOAD command across the board on enforcing mode,
 			 * because a binary module can arbitrarily override hooks.
@ -336,11 +337,12 @@ sepgsql_utility_command(Node *parsetree,
 			}
 			break;
 		default:
+
 			/*
-			 * Right now we don't check any other utility commands,
-			 * because it needs more detailed information to make
-			 * access control decision here, but we don't want to
-			 * have two parse and analyze routines individually.
+			 * Right now we don't check any other utility commands, because it
+			 * needs more detailed information to make access control decision
+			 * here, but we don't want to have two parse and analyze routines
+			 * individually.
 			 */
 			break;
 	}
@ -358,7 +360,7 @@ sepgsql_utility_command(Node *parsetree,
 void
 _PG_init(void)
 {
-	char   *context;
+	char	   *context;

 	/*
 	 * We allow to load the SE-PostgreSQL module on single-user-mode or
@ -367,12 +369,12 @@ _PG_init(void)
 	if (IsUnderPostmaster)
 		ereport(ERROR,
 				(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
-				 errmsg("sepgsql must be loaded via shared_preload_libraries")));
+			 errmsg("sepgsql must be loaded via shared_preload_libraries")));

 	/*
-	 * Check availability of SELinux on the platform.
-	 * If disabled, we cannot activate any SE-PostgreSQL features,
-	 * and we have to skip rest of initialization.
+	 * Check availability of SELinux on the platform. If disabled, we cannot
+	 * activate any SE-PostgreSQL features, and we have to skip rest of
+	 * initialization.
 	 */
 	if (is_selinux_enabled() < 1)
 	{
@ -383,8 +385,8 @@ _PG_init(void)
 	/*
 	 * sepgsql.permissive = (on|off)
 	 *
-	 * This variable controls performing mode of SE-PostgreSQL
-	 * on user's session.
+	 * This variable controls performing mode of SE-PostgreSQL on user's
+	 * session.
 	 */
 	DefineCustomBoolVariable("sepgsql.permissive",
 							 "Turn on/off permissive mode in SE-PostgreSQL",
@ -400,10 +402,9 @@ _PG_init(void)
 	/*
 	 * sepgsql.debug_audit = (on|off)
 	 *
-	 * This variable allows users to turn on/off audit logs on access
-	 * control decisions, independent from auditallow/auditdeny setting
-	 * in the security policy.
-	 * We intend to use this option for debugging purpose.
+	 * This variable allows users to turn on/off audit logs on access control
+	 * decisions, independent from auditallow/auditdeny setting in the
+	 * security policy. We intend to use this option for debugging purpose.
 	 */
 	DefineCustomBoolVariable("sepgsql.debug_audit",
 							 "Turn on/off debug audit messages",
@ -419,13 +420,12 @@ _PG_init(void)
 	/*
 	 * Set up dummy client label.
 	 *
-	 * XXX - note that PostgreSQL launches background worker process
-	 * like autovacuum without authentication steps. So, we initialize
-	 * sepgsql_mode with SEPGSQL_MODE_INTERNAL, and client_label with
-	 * the security context of server process.
-	 * Later, it also launches background of user session. In this case,
-	 * the process is always hooked on post-authentication, and we can
-	 * initialize the sepgsql_mode and client_label correctly.
+	 * XXX - note that PostgreSQL launches background worker process like
+	 * autovacuum without authentication steps. So, we initialize sepgsql_mode
+	 * with SEPGSQL_MODE_INTERNAL, and client_label with the security context
+	 * of server process. Later, it also launches background of user session.
+	 * In this case, the process is always hooked on post-authentication, and
+	 * we can initialize the sepgsql_mode and client_label correctly.
 	 */
 	if (getcon_raw(&context) < 0)
 		ereport(ERROR,