diff options
Diffstat (limited to 'src/backend')
| -rw-r--r-- | src/backend/commands/Makefile | 4 | ||||
| -rw-r--r-- | src/backend/libpq/Makefile | 4 | ||||
| -rw-r--r-- | src/backend/libpq/auth.c | 32 | ||||
| -rw-r--r-- | src/backend/parser/gram.y | 122 | ||||
| -rw-r--r-- | src/backend/parser/keywords.c | 10 | ||||
| -rw-r--r-- | src/backend/postmaster/postmaster.c | 68 | ||||
| -rw-r--r-- | src/backend/tcop/utility.c | 28 |
7 files changed, 256 insertions, 12 deletions
diff --git a/src/backend/commands/Makefile b/src/backend/commands/Makefile index bb6524b79d9..9e57883deba 100644 --- a/src/backend/commands/Makefile +++ b/src/backend/commands/Makefile @@ -4,7 +4,7 @@ # Makefile for commands # # IDENTIFICATION -# $Header: /cvsroot/pgsql/src/backend/commands/Makefile,v 1.7 1997/11/24 05:20:49 momjian Exp $ +# $Header: /cvsroot/pgsql/src/backend/commands/Makefile,v 1.8 1997/12/04 00:26:44 scrappy Exp $ # #------------------------------------------------------------------------- @@ -19,7 +19,7 @@ CFLAGS+=$(INCLUDE_OPT) OBJS = async.o creatinh.o command.o copy.o defind.o define.o \ remove.o rename.o vacuum.o version.o view.o cluster.o \ - recipe.o explain.o sequence.o trigger.o proclang.o dbcommands.o + recipe.o explain.o sequence.o trigger.o user.o proclang.o dbcommands.o all: SUBSYS.o diff --git a/src/backend/libpq/Makefile b/src/backend/libpq/Makefile index 84c2db63bb1..ed43bdd1352 100644 --- a/src/backend/libpq/Makefile +++ b/src/backend/libpq/Makefile @@ -4,7 +4,7 @@ # Makefile for libpq subsystem (backend half of libpq interface) # # IDENTIFICATION -# $Header: /cvsroot/pgsql/src/backend/libpq/Makefile,v 1.7 1997/04/04 10:39:19 scrappy Exp $ +# $Header: /cvsroot/pgsql/src/backend/libpq/Makefile,v 1.8 1997/12/04 00:26:47 scrappy Exp $ # #------------------------------------------------------------------------- @@ -24,7 +24,7 @@ LDFLAGS+= $(KRBLIBS) endif OBJS = be-dumpdata.o be-fsstubs.o be-pqexec.o pqcomprim.o\ - auth.o hba.o pqcomm.o portal.o util.o portalbuf.o pqpacket.o pqsignal.o \ + auth.o hba.o crypt.o pqcomm.o portal.o util.o portalbuf.o pqpacket.o pqsignal.o \ password.o all: SUBSYS.o diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index aa9c541b168..e4f1753800a 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -7,7 +7,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.18 1997/11/17 16:10:06 thomas Exp $ + * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.19 1997/12/04 00:26:50 scrappy Exp $ * *------------------------------------------------------------------------- */ @@ -71,6 +71,7 @@ #include <libpq/libpq-be.h> #include <libpq/hba.h> #include <libpq/password.h> +#include <libpq/crypt.h> static int be_getauthsvc(MsgType msgtype); @@ -122,7 +123,8 @@ static struct authsvc authsvcs[] = { #else {"kerberos", STARTUP_KRB4_MSG, 1}, #endif - {"password", STARTUP_PASSWORD_MSG, 1} + {"password", STARTUP_PASSWORD_MSG, 1}, + {"crypt", STARTUP_CRYPT_MSG, 1} }; static n_authsvcs = sizeof(authsvcs) / sizeof(struct authsvc); @@ -445,6 +447,28 @@ pg_password_recvauth(Port *port, char *database, char *DataDir) return verify_password(user, password, port, database, DataDir); } +static int +crypt_recvauth(Port *port) +{ + PacketBuf buf; + char *user, + *password; + + if (PacketReceive(port, &buf, BLOCKING) != STATUS_OK) + { + sprintf(PQerrormsg, + "crypt_recvauth: failed to receive authentication packet.\n"); + fputs(PQerrormsg, stderr); + pqdebug("%s", PQerrormsg); + return STATUS_ERROR; + } + + user = buf.data; + password = buf.data + strlen(user) + 1; + + return crypt_verify(port, user, password); +} + /* * be_recvauth -- server demux routine for incoming authentication information */ @@ -571,6 +595,10 @@ be_recvauth(MsgType msgtype_arg, Port *port, char *username, StartupInfo *sp) return (STATUS_ERROR); } break; + case STARTUP_CRYPT_MSG: + if (crypt_recvauth(port) != STATUS_OK) + return STATUS_ERROR; + break; default: sprintf(PQerrormsg, "be_recvauth: unrecognized message type: %d\n", diff --git a/src/backend/parser/gram.y b/src/backend/parser/gram.y index 8cbc5397d1d..a7bc22d67c2 100644 --- a/src/backend/parser/gram.y +++ b/src/backend/parser/gram.y @@ -10,7 +10,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 1.75 1997/12/02 16:09:15 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 1.76 1997/12/04 00:26:57 scrappy Exp $ * * HISTORY * AUTHOR DATE MAJOR EVENT @@ -40,6 +40,7 @@ #include "nodes/print.h" #include "parser/gramparse.h" #include "utils/acl.h" +#include "utils/palloc.h" #include "catalog/catname.h" #include "utils/elog.h" #include "access/xact.h" @@ -83,6 +84,7 @@ Oid param_type(int t); /* used in parse_expr.c */ char chr; char *str; bool boolean; + bool* pboolean; /* for pg_user privileges */ List *list; Node *node; Value *value; @@ -119,10 +121,16 @@ Oid param_type(int t); /* used in parse_expr.c */ RenameStmt, RevokeStmt, RuleStmt, TransactionStmt, ViewStmt, LoadStmt, CreatedbStmt, DestroydbStmt, VacuumStmt, RetrieveStmt, CursorStmt, ReplaceStmt, AppendStmt, NotifyStmt, DeleteStmt, ClusterStmt, - ExplainStmt, VariableSetStmt, VariableShowStmt, VariableResetStmt + ExplainStmt, VariableSetStmt, VariableShowStmt, VariableResetStmt, + CreateUserStmt, AlterUserStmt, DropUserStmt %type <str> opt_database, location +%type <pboolean> user_createdb_clause, user_createuser_clause +%type <str> user_passwd_clause +%type <str> user_valid_clause +%type <list> user_group_list, user_group_clause + %type <node> SubSelect %type <str> join_expr, join_outer, join_spec %type <boolean> TriggerActionTime, TriggerForSpec, PLangTrusted @@ -268,6 +276,14 @@ Oid param_type(int t); /* used in parse_expr.c */ SEQUENCE, SETOF, SHOW, STDIN, STDOUT, TRUSTED, VACUUM, VERBOSE, VERSION +/* + * Tokens for pg_passwd support. The CREATEDB and CREATEUSER tokens should go away + * when some sort of pg_privileges relation is introduced. + * + * Todd A. Brandys + */ +%token USER, PASSWORD, CREATEDB, NOCREATEDB, CREATEUSER, NOCREATEUSER, VALID, UNTIL + /* Special keywords, not in the query language - see the "lex" file */ %token <str> IDENT, SCONST, Op %token <ival> ICONST, PARAM @@ -318,17 +334,20 @@ stmtmulti: stmtmulti stmt ';' ; stmt : AddAttrStmt + | AlterUserStmt | ClosePortalStmt | CopyStmt | CreateStmt | CreateSeqStmt | CreatePLangStmt | CreateTrigStmt + | CreateUserStmt | ClusterStmt | DefineStmt | DestroyStmt | DropPLangStmt | DropTrigStmt + | DropUserStmt | ExtendStmt | ExplainStmt | FetchStmt @@ -356,6 +375,105 @@ stmt : AddAttrStmt | VariableResetStmt ; +/***************************************************************************** + * + * Create a new postresql DBMS user + * + * + *****************************************************************************/ + +CreateUserStmt: CREATE USER Id + user_passwd_clause + user_createdb_clause + user_createuser_clause + user_group_clause + user_valid_clause + { CreateUserStmt *n = makeNode(CreateUserStmt); + n->user = $3; + n->password = $4; + n->createdb = $5; + n->createuser = $6; + n->groupElts = $7; + n->validUntil = $8; + $$ = (Node *)n; + } + ; + +/***************************************************************************** + * + * Alter a postresql DBMS user + * + * + *****************************************************************************/ + +AlterUserStmt: ALTER USER Id + user_passwd_clause + user_createdb_clause + user_createuser_clause + user_group_clause + user_valid_clause + { AlterUserStmt *n = makeNode(AlterUserStmt); + n->user = $3; + n->password = $4; + n->createdb = $5; + n->createuser = $6; + n->groupElts = $7; + n->validUntil = $8; + $$ = (Node *)n; + } + ; + +/***************************************************************************** + * + * Drop a postresql DBMS user + * + * + *****************************************************************************/ + +DropUserStmt: DROP USER Id + { DropUserStmt *n = makeNode(DropUserStmt); + n->user = $3; + $$ = (Node *)n; + } + ; + +user_passwd_clause: WITH PASSWORD Id { $$ = $3; } + | /*EMPTY*/ { $$ = NULL; } + ; + +user_createdb_clause: CREATEDB { bool* b; + $$ = (b = (bool*)palloc(sizeof(bool))); + *b = true; + } + | NOCREATEDB { bool* b; + $$ = (b = (bool*)palloc(sizeof(bool))); + *b = false; + } + | /*EMPTY*/ { $$ = NULL; } + ; + +user_createuser_clause: CREATEUSER { bool* b; + $$ = (b = (bool*)palloc(sizeof(bool))); + *b = true; + } + | NOCREATEUSER { bool* b; + $$ = (b = (bool*)palloc(sizeof(bool))); + *b = false; + } + | /*EMPTY*/ { $$ = NULL; } + ; + +user_group_list: user_group_list ',' Id { $$ = lcons((void*)makeString($3), $1); } + | Id { $$ = makeList((void*)makeString($1), NULL); } + ; + +user_group_clause: IN GROUP user_group_list { $$ = $3; } + | /*EMPTY*/ { $$ = NULL; } + ; + +user_valid_clause: VALID UNTIL SCONST { $$ = $3; } + | /*EMPTY*/ { $$ = NULL; } + ; /***************************************************************************** * diff --git a/src/backend/parser/keywords.c b/src/backend/parser/keywords.c index 0e17dc12246..c51cc1f33d3 100644 --- a/src/backend/parser/keywords.c +++ b/src/backend/parser/keywords.c @@ -7,7 +7,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/parser/keywords.c,v 1.26 1997/11/26 01:11:08 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/parser/keywords.c,v 1.27 1997/12/04 00:27:04 scrappy Exp $ * *------------------------------------------------------------------------- */ @@ -64,6 +64,8 @@ static ScanKeyword ScanKeywords[] = { {"constraint", CONSTRAINT}, {"copy", COPY}, {"create", CREATE}, + {"createdb", CREATEDB}, + {"createuser", CREATEUSER}, {"cross", CROSS}, {"current", CURRENT}, {"current_date", CURRENT_DATE}, @@ -133,6 +135,8 @@ static ScanKeyword ScanKeywords[] = { {"natural", NATURAL}, {"nchar", NCHAR}, {"new", NEW}, + {"nocreatedb", NOCREATEDB}, + {"nocreateuser", NOCREATEUSER}, {"none", NONE}, {"no", NO}, {"not", NOT}, @@ -149,6 +153,7 @@ static ScanKeyword ScanKeywords[] = { {"order", ORDER}, {"outer", OUTER_P}, {"partial", PARTIAL}, + {"password", PASSWORD}, {"position", POSITION}, {"precision", PRECISION}, {"primary", PRIMARY}, @@ -188,9 +193,12 @@ static ScanKeyword ScanKeywords[] = { {"type", TYPE_P}, {"union", UNION}, {"unique", UNIQUE}, + {"until", UNTIL}, {"update", UPDATE}, + {"user", USER}, {"using", USING}, {"vacuum", VACUUM}, + {"valid", VALID}, {"values", VALUES}, {"varchar", VARCHAR}, {"varying", VARYING}, diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c index 52bc471853f..b4d1f955992 100644 --- a/src/backend/postmaster/postmaster.c +++ b/src/backend/postmaster/postmaster.c @@ -10,7 +10,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/postmaster/postmaster.c,v 1.62 1997/11/17 03:47:28 scrappy Exp $ + * $Header: /cvsroot/pgsql/src/backend/postmaster/postmaster.c,v 1.63 1997/12/04 00:27:17 scrappy Exp $ * * NOTES * @@ -47,6 +47,7 @@ #include <signal.h> #include <string.h> #include <stdlib.h> +#include <time.h> #if !defined(NO_UNISTD_H) #include <unistd.h> @@ -78,6 +79,7 @@ #include "libpq/auth.h" #include "libpq/pqcomm.h" #include "libpq/pqsignal.h" +#include "libpq/crypt.h" #include "miscadmin.h" #include "version.h" #include "lib/dllist.h" @@ -199,6 +201,7 @@ static void usage(const char *); static int ServerLoop(void); static int BackendStartup(StartupInfo *packet, Port *port, int *pidPtr); static void send_error_reply(Port *port, const char *errormsg); +static void RandomSalt(char* salt); extern char *optarg; extern int optind, @@ -663,7 +666,27 @@ ServerLoop(void) switch (status) { case STATUS_OK: - { + /* Here is where we check for a USER login packet. If there is one, then + * we must deterine whether the login has a password in pg_user. If so, send + * back a salt to crypt() the password with. Otherwise, send an unsalt packet + * back and read the real startup packet. + */ + if (ntohl(port->buf.msgtype) == STARTUP_USER_MSG) { + PacketLen plen; + + port->buf.msgtype = htonl(crypt_salt(port->buf.data)); + plen = sizeof(port->buf.len) + sizeof(port->buf.msgtype) + 2; + port->buf.len = htonl(plen); + RandomSalt(port->salt); + memcpy((void*)port->buf.data, (void*)port->salt, 2); + + status = PacketSend(port, &port->buf, plen, BLOCKING); + if (status != STATUS_OK) + break; + + /* port->nBytes = 0; */ + continue; + } else { int CSstatus; /* Completion status of * ConnStartup */ char errormsg[200]; /* error msg from @@ -1355,3 +1378,44 @@ dumpstatus(SIGNAL_ARGS) curr = DLGetSucc(curr); } } + +/* + * CharRemap + */ +static char +CharRemap(long int ch) { + + if (ch < 0) + ch = -ch; + + ch = ch % 62; + if (ch < 26) + return ('A' + ch); + + ch -= 26; + if (ch < 26) + return ('a' + ch); + + ch -= 26; + return ('0' + ch); +} + +/* + * RandomSalt + */ +static void +RandomSalt(char* salt) { + + static bool initialized = false; + + if (!initialized) { + time_t now; + + now = time(NULL); + srandom((unsigned int)now); + initialized = true; + } + + *salt = CharRemap(random()); + *(salt + 1) = CharRemap(random()); +} diff --git a/src/backend/tcop/utility.c b/src/backend/tcop/utility.c index 2e9b764644d..57960aee876 100644 --- a/src/backend/tcop/utility.c +++ b/src/backend/tcop/utility.c @@ -9,7 +9,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.31 1997/11/24 05:32:40 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.32 1997/12/04 00:27:24 scrappy Exp $ * *------------------------------------------------------------------------- */ @@ -721,6 +721,32 @@ ProcessUtility(Node * parsetree, DropProceduralLanguage((DropPLangStmt *) parsetree); break; + /* + * ******************************** USER statements **** + * + */ + case T_CreateUserStmt: + commandTag = "CREATE USER"; + CHECK_IF_ABORTED(); + + DefineUser((CreateUserStmt*)parsetree); + break; + + case T_AlterUserStmt: + commandTag = "ALTER USER"; + CHECK_IF_ABORTED(); + + AlterUser((AlterUserStmt*)parsetree); + break; + + case T_DropUserStmt: + commandTag = "DROP USER"; + CHECK_IF_ABORTED(); + + RemoveUser(((DropUserStmt*)parsetree)->user); + break; + + /* * ******************************** default ******************************** * |