diff options
| -rw-r--r-- | src/interfaces/libpq/fe-connect.c | 22 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-misc.c | 18 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-secure.c | 55 | ||||
| -rw-r--r-- | src/interfaces/libpq/libpq-int.h | 11 |
4 files changed, 37 insertions, 69 deletions
diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index 414fff329e5..d88acb922e2 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.186 2002/06/14 04:23:17 momjian Exp $ + * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.187 2002/06/15 22:06:09 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -61,13 +61,6 @@ inet_aton(const char *cp, struct in_addr * inp) } #endif -#ifdef USE_SSL -extern int secure_initialize(PGconn *); -extern void secure_destroy(void); -extern int secure_open_client(PGconn *); -extern void secure_close(PGconn *); -extern SSL * PQgetssl(PGconn *); -#endif #define NOTIFYLIST_INITIAL_SIZE 10 #define NOTIFYLIST_GROWBY 10 @@ -968,7 +961,8 @@ retry2: } if (SSLok == 'S') { - if (secure_initialize(conn) == -1 || secure_open_client(conn) == -1) + if (pqsecure_initialize(conn) == -1 || + pqsecure_open_client(conn) == -1) { goto connect_errReturn; } @@ -979,7 +973,7 @@ retry2: /* Received error - probably protocol mismatch */ if (conn->Pfdebug) fprintf(conn->Pfdebug, "Postmaster reports error, attempting fallback to pre-7.0.\n"); - secure_close(conn); + pqsecure_close(conn); #ifdef WIN32 closesocket(conn->sock); #else @@ -1021,7 +1015,7 @@ retry2: connect_errReturn: if (conn->sock >= 0) { - secure_close(conn); + pqsecure_close(conn); #ifdef WIN32 closesocket(conn->sock); #else @@ -1896,11 +1890,9 @@ freePGconn(PGconn *conn) if (!conn) return; pqClearAsyncResult(conn); /* deallocate result and curTuple */ -#ifdef USE_SSL - secure_close(conn); -#endif if (conn->sock >= 0) { + pqsecure_close(conn); #ifdef WIN32 closesocket(conn->sock); #else @@ -1974,7 +1966,7 @@ closePGconn(PGconn *conn) */ if (conn->sock >= 0) { - secure_close(conn); + pqsecure_close(conn); #ifdef WIN32 closesocket(conn->sock); #else diff --git a/src/interfaces/libpq/fe-misc.c b/src/interfaces/libpq/fe-misc.c index 94b641621a3..46231a21dfe 100644 --- a/src/interfaces/libpq/fe-misc.c +++ b/src/interfaces/libpq/fe-misc.c @@ -25,7 +25,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.74 2002/06/15 20:01:31 momjian Exp $ + * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.75 2002/06/15 22:06:09 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -55,10 +55,6 @@ #include "mb/pg_wchar.h" #endif -extern void secure_close(PGconn *); -extern ssize_t secure_read(PGconn *, void *, size_t); -extern ssize_t secure_write(PGconn *, const void *, size_t); - #define DONOTICE(conn,message) \ ((*(conn)->noticeHook) ((conn)->noticeArg, (message))) @@ -490,8 +486,8 @@ pqReadData(PGconn *conn) /* OK, try to read some data */ retry3: - nread = secure_read(conn, conn->inBuffer + conn->inEnd, - conn->inBufSize - conn->inEnd); + nread = pqsecure_read(conn, conn->inBuffer + conn->inEnd, + conn->inBufSize - conn->inEnd); if (nread < 0) { if (SOCK_ERRNO == EINTR) @@ -570,8 +566,8 @@ retry3: * arrived. */ retry4: - nread = secure_read(conn, conn->inBuffer + conn->inEnd, - conn->inBufSize - conn->inEnd); + nread = pqsecure_read(conn, conn->inBuffer + conn->inEnd, + conn->inBufSize - conn->inEnd); if (nread < 0) { if (SOCK_ERRNO == EINTR) @@ -612,7 +608,7 @@ definitelyFailed: "\tThis probably means the server terminated abnormally\n" "\tbefore or while processing the request.\n")); conn->status = CONNECTION_BAD; /* No more connection to backend */ - secure_close(conn); + pqsecure_close(conn); #ifdef WIN32 closesocket(conn->sock); #else @@ -654,7 +650,7 @@ pqSendSome(PGconn *conn) { int sent; - sent = secure_write(conn, ptr, len); + sent = pqsecure_write(conn, ptr, len); if (sent < 0) { diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index 26dcb438845..fa36a9315c3 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -1,6 +1,6 @@ /*------------------------------------------------------------------------- * - * fe-connect.c + * fe-secure.c * functions related to setting up a secure connection to the backend. * Secure connections are expected to provide confidentiality, * message integrity and endpoint authentication. @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.4 2002/06/14 04:38:04 momjian Exp $ + * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.5 2002/06/15 22:06:09 tgl Exp $ * * NOTES * The client *requires* a valid server certificate. Since @@ -26,7 +26,7 @@ * to sign the server certificate, should be present in the * "$HOME/.postgresql/root.crt" file. If this file isn't * readable, or the server certificate can't be validated, - * secure_open_client() will return an error code. + * pqsecure_open_client() will return an error code. * * Additionally, the server certificate's "common name" must * resolve to the other end of the socket. This makes it @@ -38,7 +38,7 @@ * Unfortunately neither the current front- or back-end handle * failure gracefully, resulting in the backend hiccupping. * This points out problems in each (the frontend shouldn't even - * try to do SSL if secure_initialize() fails, and the backend + * try to do SSL if pqsecure_initialize() fails, and the backend * shouldn't crash/recover if an SSH negotiation fails. The * backend definitely needs to be fixed, to prevent a "denial * of service" attack, but I don't know enough about how the @@ -76,30 +76,6 @@ * The code currently assumes a POSIX password entry. How should * Windows and Mac users be handled? * - * PATCH LEVEL - * milestone 1: fix basic coding errors - * [*] existing SSL code pulled out of existing files. - * [*] SSL_get_error() after SSL_read() and SSL_write(), - * SSL_shutdown(), default to TLSv1. - * - * milestone 2: provide endpoint authentication (server) - * [*] client verifies server cert - * [*] client verifies server hostname - * - * milestone 3: improve confidentially, support perfect forward secrecy - * [ ] use 'random' file, read from '/dev/urandom?' - * [*] emphermal DH keys, default values - * - * milestone 4: provide endpoint authentication (client) - * [*] server verifies client certificates - * - * milestone 5: provide informational callbacks - * [*] provide informational callbacks - * - * other changes - * [ ] tcp-wrappers - * [ ] more informative psql - * *------------------------------------------------------------------------- */ @@ -142,12 +118,6 @@ #include <openssl/e_os.h> #endif /* USE_SSL */ -int secure_initialize(PGconn *); -void secure_destroy(void); -int secure_open_client(PGconn *); -void secure_close(PGconn *); -ssize_t secure_read(PGconn *, void *ptr, size_t len); -ssize_t secure_write(PGconn *, const void *ptr, size_t len); #ifdef USE_SSL static int verify_cb(int ok, X509_STORE_CTX *ctx); @@ -228,7 +198,7 @@ KWbuHn491xNO25CQWMtem80uKw+pTnisBRF/454n1Jnhub144YRBoN8CAQI=\n\ * Initialize global context */ int -secure_initialize (PGconn *conn) +pqsecure_initialize (PGconn *conn) { int r = 0; @@ -243,7 +213,7 @@ secure_initialize (PGconn *conn) * Destroy global context */ void -secure_destroy (void) +pqsecure_destroy (void) { #ifdef USE_SSL destroy_SSL(); @@ -254,7 +224,7 @@ secure_destroy (void) * Attempt to negotiate secure session. */ int -secure_open_client (PGconn *conn) +pqsecure_open_client (PGconn *conn) { int r = 0; @@ -269,7 +239,7 @@ secure_open_client (PGconn *conn) * Close secure session. */ void -secure_close (PGconn *conn) +pqsecure_close (PGconn *conn) { #ifdef USE_SSL if (conn->ssl) @@ -281,7 +251,7 @@ secure_close (PGconn *conn) * Read data from a secure connection. */ ssize_t -secure_read (PGconn *conn, void *ptr, size_t len) +pqsecure_read (PGconn *conn, void *ptr, size_t len) { ssize_t n; @@ -306,7 +276,7 @@ secure_read (PGconn *conn, void *ptr, size_t len) libpq_gettext("SSL error: %s\n"), SSLerrmessage()); /* fall through */ case SSL_ERROR_ZERO_RETURN: - secure_close(conn); + pqsecure_close(conn); SOCK_ERRNO = ECONNRESET; n = -1; break; @@ -323,7 +293,7 @@ secure_read (PGconn *conn, void *ptr, size_t len) * Write data to a secure connection. */ ssize_t -secure_write (PGconn *conn, const void *ptr, size_t len) +pqsecure_write (PGconn *conn, const void *ptr, size_t len) { ssize_t n; @@ -352,7 +322,7 @@ secure_write (PGconn *conn, const void *ptr, size_t len) libpq_gettext("SSL error: %s\n"), SSLerrmessage()); /* fall through */ case SSL_ERROR_ZERO_RETURN: - secure_close(conn); + pqsecure_close(conn); SOCK_ERRNO = ECONNRESET; n = -1; break; @@ -925,4 +895,5 @@ PQgetssl(PGconn *conn) return NULL; return conn->ssl; } + #endif /* USE_SSL */ diff --git a/src/interfaces/libpq/libpq-int.h b/src/interfaces/libpq/libpq-int.h index 90a0186d276..7cdfd6fe66b 100644 --- a/src/interfaces/libpq/libpq-int.h +++ b/src/interfaces/libpq/libpq-int.h @@ -12,7 +12,7 @@ * Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $Id: libpq-int.h,v 1.49 2002/06/14 04:23:17 momjian Exp $ + * $Id: libpq-int.h,v 1.50 2002/06/15 22:06:09 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -331,6 +331,15 @@ extern int pqWait(int forRead, int forWrite, PGconn *conn); extern int pqReadReady(PGconn *conn); extern int pqWriteReady(PGconn *conn); +/* === in fe-secure.c === */ + +extern int pqsecure_initialize(PGconn *); +extern void pqsecure_destroy(void); +extern int pqsecure_open_client(PGconn *); +extern void pqsecure_close(PGconn *); +extern ssize_t pqsecure_read(PGconn *, void *ptr, size_t len); +extern ssize_t pqsecure_write(PGconn *, const void *ptr, size_t len); + /* bits in a byte */ #define BYTELEN 8 |