database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-30 11:03:19 +03:00
Code Activity

Clean up libpq's pollution of application namespace by renaming the

Browse Source 
exported routines of ip.c, md5.c, and fe-auth.c to begin with 'pg_'.
Also get rid of the vestigial fe_setauthsvc/fe_getauthsvc routines
altogether.
This commit is contained in:
Tom Lane
2005-10-17 16:24:20 +00:00
parent 8ffdcbf23b
commit d330f1554d
19 changed files with 237 additions and 375 deletions
Download Patch File Download Diff File Expand all files Collapse all files

149
src/interfaces/libpq/fe-auth.c
View File

@ -10,7 +10,7 @@
* exceed INITIAL_EXPBUFFER_SIZE (currently 256 bytes).
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.105 2005/10/15 02:49:48 momjian Exp $
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.106 2005/10/17 16:24:20 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@ -18,14 +18,9 @@
/*
* INTERFACE ROUTINES
* frontend (client) routines:
* fe_sendauth send authentication information
* fe_getauthname get user's name according to the client side
* pg_fe_sendauth send authentication information
* pg_fe_getauthname get user's name according to the client side
* of the authentication system
* fe_setauthsvc set frontend authentication service
* fe_getauthsvc get current frontend authentication service
*
*
*
*/
#include "postgres_fe.h"
@ -35,7 +30,6 @@
#else
#include <unistd.h>
#include <fcntl.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/param.h> /* for MAXHOSTNAMELEN on most */
#include <sys/socket.h>
@ -59,51 +53,6 @@
#include "libpq/crypt.h"
/*
* common definitions for generic fe/be routines
*/
#define STARTUP_MSG 7 /* Initialise a connection */
#define STARTUP_KRB4_MSG 10 /* krb4 session follows. Not supported any
* more. */
#define STARTUP_KRB5_MSG 11 /* krb5 session follows */
#define STARTUP_PASSWORD_MSG 14 /* Password follows */
struct authsvc
{
const char *name; /* service nickname (for command line) */
MsgType msgtype; /* startup packet header type */
int allowed; /* initially allowed (before command line
* option parsing)? */
};
/*
* Command-line parsing routines use this structure to map nicknames
* onto service types (and the startup packets to use with them).
*
* Programs receiving an authentication request use this structure to
* decide which authentication service types are currently permitted.
* By default, all authentication systems compiled into the system are
* allowed. Unauthenticated connections are disallowed unless there
* isn't any authentication system.
*/
static const struct authsvc authsvcs[] = {
#ifdef KRB5
{"krb5", STARTUP_KRB5_MSG, 1},
{"kerberos", STARTUP_KRB5_MSG, 1},
#endif /* KRB5 */
{UNAUTHNAME, STARTUP_MSG,
#ifdef KRB5
0
#else /* !KRB5 */
1
#endif /* !KRB5 */
},
{"password", STARTUP_PASSWORD_MSG, 0}
};
static const int n_authsvcs = sizeof(authsvcs) / sizeof(struct authsvc);
#ifdef KRB5
/*
* MIT Kerberos authentication system - protocol version 5
@ -329,8 +278,10 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname, const char *s
return ret;
}
#endif /* KRB5 */
/*
* Respond to AUTH_REQ_SCM_CREDS challenge.
*
@ -417,14 +368,14 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
}
crypt_pwd2 = crypt_pwd + MD5_PASSWD_LEN + 1;
if (!EncryptMD5(password, conn->pguser,
strlen(conn->pguser), crypt_pwd2))
if (!pg_md5_encrypt(password, conn->pguser,
strlen(conn->pguser), crypt_pwd2))
{
free(crypt_pwd);
return STATUS_ERROR;
}
if (!EncryptMD5(crypt_pwd2 + strlen("md5"), conn->md5Salt,
sizeof(conn->md5Salt), crypt_pwd))
if (!pg_md5_encrypt(crypt_pwd2 + strlen("md5"), conn->md5Salt,
sizeof(conn->md5Salt), crypt_pwd))
{
free(crypt_pwd);
return STATUS_ERROR;
@ -457,11 +408,12 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
}
/*
* fe_sendauth -- client demux routine for outgoing authentication information
* pg_fe_sendauth
* client demux routine for outgoing authentication information
*/
int
fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
const char *password, char *PQerrormsg)
pg_fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
const char *password, char *PQerrormsg)
{
#ifndef KRB5
(void) hostname; /* not used */
@ -526,68 +478,18 @@ fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
return STATUS_OK;
}
/*
* fe_setauthsvc
* fe_getauthsvc
*
* Set/return the authentication service currently selected for use by the
* frontend. (You can only use one in the frontend, obviously.)
*
* NB: This is not thread-safe if different threads try to select different
* authentication services! It's OK for fe_getauthsvc to select the default,
* since that will be the same for all threads, but direct application use
* of fe_setauthsvc is not thread-safe. However, use of fe_setauthsvc is
* deprecated anyway...
*/
static int pg_authsvc = -1;
void
fe_setauthsvc(const char *name, char *PQerrormsg)
{
int i;
for (i = 0; i < n_authsvcs; ++i)
if (strcmp(name, authsvcs[i].name) == 0)
{
pg_authsvc = i;
break;
}
if (i == n_authsvcs)
{
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
libpq_gettext("invalid authentication service name \"%s\", ignored\n"),
name);
}
return;
}
MsgType
fe_getauthsvc(char *PQerrormsg)
{
if (pg_authsvc < 0 || pg_authsvc >= n_authsvcs)
{
fe_setauthsvc(DEFAULT_CLIENT_AUTHSVC, PQerrormsg);
if (pg_authsvc < 0 || pg_authsvc >= n_authsvcs)
{
/* Can only get here if DEFAULT_CLIENT_AUTHSVC is misdefined */
return 0;
}
}
return authsvcs[pg_authsvc].msgtype;
}
/*
* fe_getauthname -- returns a pointer to dynamic space containing whatever
* pg_fe_getauthname -- returns a pointer to dynamic space containing whatever
* name the user has authenticated to the system
* if there is an error, return the error message in PQerrormsg
*
* if there is an error, return NULL with an error message in PQerrormsg
*/
char *
fe_getauthname(char *PQerrormsg)
pg_fe_getauthname(char *PQerrormsg)
{
const char *name = NULL;
char *authn;
MsgType authsvc;
#ifdef WIN32
char username[128];
@ -598,21 +500,13 @@ fe_getauthname(char *PQerrormsg)
struct passwd *pw = NULL;
#endif
authsvc = fe_getauthsvc(PQerrormsg);
/* this just guards against broken DEFAULT_CLIENT_AUTHSVC, see above */
if (authsvc == 0)
return NULL; /* leave original error message in place */
pglock_thread();
#ifdef KRB5
if (authsvc == STARTUP_KRB5_MSG)
name = pg_krb5_authname(PQerrormsg);
name = pg_krb5_authname(PQerrormsg);
#endif
if (authsvc == STARTUP_MSG
|| (authsvc == STARTUP_KRB5_MSG && !name))
if (!name)
{
#ifdef WIN32
if (GetUserName(username, &namesize))
@ -623,11 +517,6 @@ fe_getauthname(char *PQerrormsg)
#endif
}
if (authsvc != STARTUP_MSG && authsvc != STARTUP_KRB5_MSG)
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
libpq_gettext("fe_getauthname: invalid authentication system: %d\n"),
authsvc);
authn = name ? strdup(name) : NULL;
pgunlock_thread();

25
src/interfaces/libpq/fe-auth.h
View File

@ -7,7 +7,7 @@
* Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.h,v 1.22 2005/10/15 02:49:48 momjian Exp $
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.h,v 1.23 2005/10/17 16:24:20 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@ -18,27 +18,8 @@
#include "libpq-int.h"
/*----------------------------------------------------------------
* Common routines and definitions
*----------------------------------------------------------------
*/
/* what we call "no authentication system" */
#define UNAUTHNAME "unauth"
/* what a frontend uses by default */
#ifndef KRB5
#define DEFAULT_CLIENT_AUTHSVC UNAUTHNAME
#else
#define DEFAULT_CLIENT_AUTHSVC "kerberos"
#endif /* KRB5 */
extern int fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
extern int pg_fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
const char *password, char *PQerrormsg);
extern MsgType fe_getauthsvc(char *PQerrormsg);
extern void fe_setauthsvc(const char *name, char *PQerrormsg);
extern char *fe_getauthname(char *PQerrormsg);
#define PG_KRB5_VERSION "PGVER5.1" /* at most KRB_SENDAUTH_VLEN chars */
extern char *pg_fe_getauthname(char *PQerrormsg);
#endif /* FE_AUTH_H */

54
src/interfaces/libpq/fe-connect.c
View File

@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.322 2005/10/15 02:49:48 momjian Exp $
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.323 2005/10/17 16:24:20 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@ -98,7 +98,7 @@
*
* The value for the username is treated specially in conninfo_parse.
* If the Compiled-in resource is specified as a NULL value, the
* user is determined by fe_getauthname().
* user is determined by pg_fe_getauthname().
*
* The Label and Disp-Char entries are provided for applications that
* want to use PQconndefaults() to create a generic database connection
@ -680,16 +680,14 @@ connectFailureMessage(PGconn *conn, int errorno)
{
char service[NI_MAXHOST];
getnameinfo_all(&conn->raddr.addr, conn->raddr.salen,
NULL, 0,
service, sizeof(service),
NI_NUMERICSERV);
pg_getnameinfo_all(&conn->raddr.addr, conn->raddr.salen,
NULL, 0,
service, sizeof(service),
NI_NUMERICSERV);
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext(
"could not connect to server: %s\n"
libpq_gettext("could not connect to server: %s\n"
"\tIs the server running locally and accepting\n"
"\tconnections on Unix domain socket \"%s\"?\n"
),
"\tconnections on Unix domain socket \"%s\"?\n"),
SOCK_STRERROR(errorno, sebuf, sizeof(sebuf)),
service);
}
@ -697,11 +695,9 @@ connectFailureMessage(PGconn *conn, int errorno)
#endif /* HAVE_UNIX_SOCKETS */
{
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext(
"could not connect to server: %s\n"
libpq_gettext("could not connect to server: %s\n"
"\tIs the server running on host \"%s\" and accepting\n"
"\tTCP/IP connections on port %s?\n"
),
"\tTCP/IP connections on port %s?\n"),
SOCK_STRERROR(errorno, sebuf, sizeof(sebuf)),
conn->pghostaddr
? conn->pghostaddr
@ -738,7 +734,7 @@ connectDBStart(PGconn *conn)
conn->outCount = 0;
/*
* Determine the parameters to pass to getaddrinfo_all.
* Determine the parameters to pass to pg_getaddrinfo_all.
*/
/* Initialize hint structure */
@ -780,8 +776,8 @@ connectDBStart(PGconn *conn)
#endif /* HAVE_UNIX_SOCKETS */
}
/* Use getaddrinfo_all() to resolve the address */
ret = getaddrinfo_all(node, portstr, &hint, &addrs);
/* Use pg_getaddrinfo_all() to resolve the address */
ret = pg_getaddrinfo_all(node, portstr, &hint, &addrs);
if (ret || !addrs)
{
if (node)
@ -793,7 +789,7 @@ connectDBStart(PGconn *conn)
libpq_gettext("could not translate Unix-domain socket path \"%s\" to address: %s\n"),
portstr, gai_strerror(ret));
if (addrs)
freeaddrinfo_all(hint.ai_family, addrs);
pg_freeaddrinfo_all(hint.ai_family, addrs);
goto connect_errReturn;
}
@ -1006,8 +1002,8 @@ keep_going: /* We will come back to here until there is
{
/*
* Try to initiate a connection to one of the addresses
* returned by getaddrinfo_all(). conn->addr_cur is the next
* one to try. We fail when we run out of addresses
* returned by pg_getaddrinfo_all(). conn->addr_cur is the
* next one to try. We fail when we run out of addresses
* (reporting the error returned for the *last* alternative,
* which may not be what users expect :-().
*/
@ -1631,8 +1627,8 @@ keep_going: /* We will come back to here until there is
* XXX fe-auth.c has not been fixed to support PQExpBuffers,
* so:
*/
if (fe_sendauth(areq, conn, conn->pghost, conn->pgpass,
conn->errorMessage.data) != STATUS_OK)
if (pg_fe_sendauth(areq, conn, conn->pghost, conn->pgpass,
conn->errorMessage.data) != STATUS_OK)
{
conn->errorMessage.len = strlen(conn->errorMessage.data);
goto error_return;
@ -1640,9 +1636,9 @@ keep_going: /* We will come back to here until there is
conn->errorMessage.len = strlen(conn->errorMessage.data);
/*
* Just make sure that any data sent by fe_sendauth is flushed
* out. Although this theoretically could block, it really
* shouldn't since we don't send large auth responses.
* Just make sure that any data sent by pg_fe_sendauth is
* flushed out. Although this theoretically could block, it
* really shouldn't since we don't send large auth responses.
*/
if (pqFlush(conn))
goto error_return;
@ -1707,7 +1703,7 @@ keep_going: /* We will come back to here until there is
}
/* We can release the address list now. */
freeaddrinfo_all(conn->addrlist_family, conn->addrlist);
pg_freeaddrinfo_all(conn->addrlist_family, conn->addrlist);
conn->addrlist = NULL;
conn->addr_cur = NULL;
@ -1910,7 +1906,7 @@ freePGconn(PGconn *conn)
free(conn->krbsrvname);
#endif
/* Note that conn->Pfdebug is not ours to close or free */
freeaddrinfo_all(conn->addrlist_family, conn->addrlist);
pg_freeaddrinfo_all(conn->addrlist_family, conn->addrlist);
notify = conn->notifyHead;
while (notify != NULL)
{
@ -1985,7 +1981,7 @@ closePGconn(PGconn *conn)
* absent */
conn->asyncStatus = PGASYNC_IDLE;
pqClearAsyncResult(conn); /* deallocate result and curTuple */
freeaddrinfo_all(conn->addrlist_family, conn->addrlist);
pg_freeaddrinfo_all(conn->addrlist_family, conn->addrlist);
conn->addrlist = NULL;
conn->addr_cur = NULL;
notify = conn->notifyHead;
@ -2720,7 +2716,7 @@ conninfo_parse(const char *conninfo, PQExpBuffer errorMessage)
*/
if (strcmp(option->keyword, "user") == 0)
{
option->val = fe_getauthname(errortmp);
option->val = pg_fe_getauthname(errortmp);
/* note any error message is thrown away */
continue;
}