* exceed INITIAL_EXPBUFFER_SIZE (currently 256 bytes).
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.97 2004/12/31 22:03:50 pgsql Exp $
+ * $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.98 2005/01/04 23:18:25 tgl Exp $
*
*-------------------------------------------------------------------------
*/
fe_getauthname(char *PQerrormsg)
{
const char *name = NULL;
- char *authn = NULL;
+ char *authn;
MsgType authsvc;
+#ifdef WIN32
+ char username[128];
+ DWORD namesize = sizeof(username) - 1;
+#else
+ char pwdbuf[BUFSIZ];
+ struct passwd pwdstr;
+ struct passwd *pw = NULL;
+#endif
authsvc = fe_getauthsvc(PQerrormsg);
return NULL; /* leave original error message in place */
pglock_thread();
+
#ifdef KRB4
if (authsvc == STARTUP_KRB4_MSG)
name = pg_krb4_authname(PQerrormsg);
|| (authsvc == STARTUP_KRB5_MSG && !name))
{
#ifdef WIN32
- char username[128];
- DWORD namesize = sizeof(username) - 1;
-
if (GetUserName(username, &namesize))
name = username;
#else
- char pwdbuf[BUFSIZ];
- struct passwd pwdstr;
- struct passwd *pw = NULL;
-
- if (pqGetpwuid(geteuid(), &pwdstr,
- pwdbuf, sizeof(pwdbuf), &pw) == 0)
+ if (pqGetpwuid(geteuid(), &pwdstr, pwdbuf, sizeof(pwdbuf), &pw) == 0)
name = pw->pw_name;
#endif
}
libpq_gettext("fe_getauthname: invalid authentication system: %d\n"),
authsvc);
- if (name && (authn = (char *) malloc(strlen(name) + 1)))
- strcpy(authn, name);
+ authn = name ? strdup(name) : NULL;
+
pgunlock_thread();
+
return authn;
}
*
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.61 2004/12/31 22:03:50 pgsql Exp $
+ * $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.62 2005/01/04 23:18:25 tgl Exp $
*
* NOTES
* [ Most of these notes are wrong/obsolete, but perhaps not all ]
/* SSL specific code */
/* ------------------------------------------------------------ */
#ifdef USE_SSL
+
+/*
+ * Obtain user's home directory, return in given buffer
+ *
+ * This code isn't really SSL-specific, but currently we only need it in
+ * SSL-related places.
+ */
+static bool
+pqGetHomeDirectory(char *buf, int bufsize)
+{
+#ifndef WIN32
+ char pwdbuf[BUFSIZ];
+ struct passwd pwdstr;
+ struct passwd *pwd = NULL;
+
+ if (pqGetpwuid(geteuid(), &pwdstr, pwdbuf, sizeof(pwdbuf), &pwd) != 0)
+ return false;
+ StrNCpy(buf, pwd->pw_dir, bufsize);
+ return true;
+
+#else
+
+ return false; /* PLACEHOLDER */
+#endif
+}
+
/*
* Certificate verification callback
*
return -1;
}
-#endif
+#endif /* NOT_USED */
/*
* Load precomputed DH parameters.
static DH *
load_dh_file(int keylength)
{
-#ifdef WIN32
- return NULL;
-#else
- char pwdbuf[BUFSIZ];
- struct passwd pwdstr;
- struct passwd *pwd = NULL;
- FILE *fp;
+ char homedir[MAXPGPATH];
char fnbuf[MAXPGPATH];
- DH *dh = NULL;
+ FILE *fp;
+ DH *dh;
int codes;
- if (pqGetpwuid(getuid(), &pwdstr, pwdbuf, sizeof(pwdbuf), &pwd) != 0)
+ if (!pqGetHomeDirectory(homedir, sizeof(homedir)))
return NULL;
/* attempt to open file. It's not an error if it doesn't exist. */
snprintf(fnbuf, sizeof(fnbuf), "%s/.postgresql/dh%d.pem",
- pwd->pw_dir, keylength);
+ homedir, keylength);
if ((fp = fopen(fnbuf, "r")) == NULL)
return NULL;
}
return dh;
-#endif
}
/*
static int
client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
{
-#ifdef WIN32
- return 0;
-#else
- char pwdbuf[BUFSIZ];
- struct passwd pwdstr;
- struct passwd *pwd = NULL;
+ char homedir[MAXPGPATH];
struct stat buf,
buf2;
char fnbuf[MAXPGPATH];
int (*cb) () = NULL; /* how to read user password */
char sebuf[256];
- if (pqGetpwuid(getuid(), &pwdstr, pwdbuf, sizeof(pwdbuf), &pwd) != 0)
+ if (!pqGetHomeDirectory(homedir, sizeof(homedir)))
{
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("could not get user information\n"));
/* read the user certificate */
snprintf(fnbuf, sizeof(fnbuf), "%s/.postgresql/postgresql.crt",
- pwd->pw_dir);
+ homedir);
if ((fp = fopen(fnbuf, "r")) == NULL)
{
printfPQExpBuffer(&conn->errorMessage,
/* read the user key */
snprintf(fnbuf, sizeof(fnbuf), "%s/.postgresql/postgresql.key",
- pwd->pw_dir);
+ homedir);
if (stat(fnbuf, &buf) == -1)
{
printfPQExpBuffer(&conn->errorMessage,
}
return 1;
-#endif
}
#ifdef ENABLE_THREAD_SAFETY
}
static pthread_mutex_t *pq_lockarray;
+
static void
pq_lockingcallback(int mode, int n, const char *file, int line)
{
else
pthread_mutex_unlock(&pq_lockarray[n]);
}
+
#endif /* ENABLE_THREAD_SAFETY */
static int
static int
initialize_SSL(PGconn *conn)
{
-#ifndef WIN32
struct stat buf;
- char pwdbuf[BUFSIZ];
- struct passwd pwdstr;
- struct passwd *pwd = NULL;
+ char homedir[MAXPGPATH];
char fnbuf[MAXPGPATH];
-#endif
if (init_ssl_system(conn))
return -1;
-#ifndef WIN32
/* Set up to verify server cert, if root.crt is present */
- if (pqGetpwuid(getuid(), &pwdstr, pwdbuf, sizeof(pwdbuf), &pwd) == 0)
+ if (pqGetHomeDirectory(homedir, sizeof(homedir)))
{
- snprintf(fnbuf, sizeof(fnbuf), "%s/.postgresql/root.crt",
- pwd->pw_dir);
+ snprintf(fnbuf, sizeof(fnbuf), "%s/.postgresql/root.crt", homedir);
if (stat(fnbuf, &buf) == 0)
{
if (!SSL_CTX_load_verify_locations(SSL_context, fnbuf, NULL))
/* set up mechanism to provide client certificate, if available */
SSL_CTX_set_client_cert_cb(SSL_context, client_cert_cb);
-#endif
return 0;
}
return NULL;
return conn->ssl;
}
-#else
+
+#else /* !USE_SSL */
+
void *
PQgetssl(PGconn *conn)
{
return NULL;
}
+
#endif /* USE_SSL */
#ifdef ENABLE_THREAD_SAFETY
+
/*
* Block SIGPIPE for this thread. This prevents send()/write() from exiting
* the application.
SOCK_ERRNO_SET(save_errno);
}
-#endif
+
+#endif /* ENABLE_THREAD_SAFETY */
projects / postgresql.git / commitdiff