rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgresql/src/include/libpq/pqcomm.h

207 lines
6.4 KiB
C
Raw Normal View History

Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
/*-------------------------------------------------------------------------
*
Change my-function-name-- to my_function_name, and optimizer renames.
1999-02-14 00:22:53 +01:00
* pqcomm.h
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
* Definitions common to frontends and backends.
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
*
Revise backend libpq interfaces so that messages to the frontend can be generated in a buffer and then sent to the frontend in a single libpq call. This solves problems with NOTICE and ERROR messages generated in the middle of a data message or COPY OUT operation.
1999-04-25 05:19:27 +02:00
* NOTE: for historical reasons, this does not correspond to pqcomm.c.
* pqcomm.c's routines are declared in libpq.h.
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
*
Update copyright via script for 2017
2017-01-03 19:48:53 +01:00
* Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group
Add: * Portions Copyright (c) 1996-2000, PostgreSQL, Inc to all files copyright Regents of Berkeley. Man, that's a lot of files.
2000-01-26 06:58:53 +01:00
* Portions Copyright (c) 1994, Regents of the University of California
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
*
Remove cvs keywords from all files.
2010-09-20 22:08:53 +02:00
* src/include/libpq/pqcomm.h
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
*
*-------------------------------------------------------------------------
*/
#ifndef PQCOMM_H
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
#define PQCOMM_H
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
pgindent run. Make it all clean.
2001-03-22 05:01:46 +01:00
#include <sys/socket.h>
Add prototype for getaddrinfo().
2003-01-06 06:33:45 +01:00
#include <netdb.h>
pgindent run. Make it all clean.
2001-03-22 05:01:46 +01:00
#ifdef HAVE_SYS_UN_H
#include <sys/un.h>
#endif
#include <netinet/in.h>
Fixes for Cygwin, with help from Pete Forman <gsez020@kryten.bedford.waii.com>. Update the installation instructions (formerly misnamed "FAQ"), add configure checks for some headers rather than having users copy stubs manually (ugh!). Use Autoconf check for exe extension. This also avoids inheriting the value of $(X) from the environment.
2000-09-27 17:17:57 +02:00
Have a go at fixing various outstanding portability issues in code that was modified for IPv6. Use a robust definition of struct sockaddr_storage, do a proper configure test to see if ss_len exists, don't assume that getnameinfo() will handle AF_UNIX sockets, don't trust getaddrinfo to return the protocol we ask for, etc. This incorporates several outstanding patches from Kurt Roeckx, but I'm to blame for anything that doesn't work ...
2003-07-24 01:30:41 +02:00
#ifdef HAVE_STRUCT_SOCKADDR_STORAGE
Fixes for Cygwin, with help from Pete Forman <gsez020@kryten.bedford.waii.com>. Update the installation instructions (formerly misnamed "FAQ"), add configure checks for some headers rather than having users copy stubs manually (ugh!). Use Autoconf check for exe extension. This also avoids inheriting the value of $(X) from the environment.
2000-09-27 17:17:57 +02:00
Have a go at fixing various outstanding portability issues in code that was modified for IPv6. Use a robust definition of struct sockaddr_storage, do a proper configure test to see if ss_len exists, don't assume that getnameinfo() will handle AF_UNIX sockets, don't trust getaddrinfo to return the protocol we ask for, etc. This incorporates several outstanding patches from Kurt Roeckx, but I'm to blame for anything that doesn't work ...
2003-07-24 01:30:41 +02:00
#ifndef HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY
pgindent run.
2003-08-04 02:43:34 +02:00
#ifdef HAVE_STRUCT_SOCKADDR_STORAGE___SS_FAMILY
#define ss_family __ss_family
#else
#error struct sockaddr_storage does not provide an ss_family member
#endif
typedef sa_family_t for cygwin.
2003-06-24 03:49:22 +02:00
#endif
Have a go at fixing various outstanding portability issues in code that was modified for IPv6. Use a robust definition of struct sockaddr_storage, do a proper configure test to see if ss_len exists, don't assume that getnameinfo() will handle AF_UNIX sockets, don't trust getaddrinfo to return the protocol we ask for, etc. This incorporates several outstanding patches from Kurt Roeckx, but I'm to blame for anything that doesn't work ...
2003-07-24 01:30:41 +02:00
#ifdef HAVE_STRUCT_SOCKADDR_STORAGE___SS_LEN
#define ss_len __ss_len
#define HAVE_STRUCT_SOCKADDR_STORAGE_SS_LEN 1
Avoid use of int64_t, which seems not to be very portable. Simplify padding logic for struct sockaddr_storage --- original version did not do what it claimed to when SALEN is defined.
2003-07-15 19:54:34 +02:00
#endif
pgindent run.
2003-08-04 02:43:34 +02:00
#else /* !HAVE_STRUCT_SOCKADDR_STORAGE */
Fix for systems that don't have INET_ADDRSTRLEN.
2003-01-06 10:58:36 +01:00
Have a go at fixing various outstanding portability issues in code that was modified for IPv6. Use a robust definition of struct sockaddr_storage, do a proper configure test to see if ss_len exists, don't assume that getnameinfo() will handle AF_UNIX sockets, don't trust getaddrinfo to return the protocol we ask for, etc. This incorporates several outstanding patches from Kurt Roeckx, but I'm to blame for anything that doesn't work ...
2003-07-24 01:30:41 +02:00
/* Define a struct sockaddr_storage if we don't have one. */
Avoid use of int64_t, which seems not to be very portable. Simplify padding logic for struct sockaddr_storage --- original version did not do what it claimed to when SALEN is defined.
2003-07-15 19:54:34 +02:00
pgindent run.
2003-08-04 02:43:34 +02:00
struct sockaddr_storage
{
union
{
Have a go at fixing various outstanding portability issues in code that was modified for IPv6. Use a robust definition of struct sockaddr_storage, do a proper configure test to see if ss_len exists, don't assume that getnameinfo() will handle AF_UNIX sockets, don't trust getaddrinfo to return the protocol we ask for, etc. This incorporates several outstanding patches from Kurt Roeckx, but I'm to blame for anything that doesn't work ...
2003-07-24 01:30:41 +02:00
struct sockaddr sa; /* get the system-dependent fields */
pgindent run.
2003-08-04 02:43:34 +02:00
int64 ss_align; /* ensures struct is properly aligned */
char ss_pad[128]; /* ensures struct has desired size */
} ss_stuff;
Fixes for Cygwin, with help from Pete Forman <gsez020@kryten.bedford.waii.com>. Update the installation instructions (formerly misnamed "FAQ"), add configure checks for some headers rather than having users copy stubs manually (ugh!). Use Autoconf check for exe extension. This also avoids inheriting the value of $(X) from the environment.
2000-09-27 17:17:57 +02:00
};
Avoid use of int64_t, which seems not to be very portable. Simplify padding logic for struct sockaddr_storage --- original version did not do what it claimed to when SALEN is defined.
2003-07-15 19:54:34 +02:00
Have a go at fixing various outstanding portability issues in code that was modified for IPv6. Use a robust definition of struct sockaddr_storage, do a proper configure test to see if ss_len exists, don't assume that getnameinfo() will handle AF_UNIX sockets, don't trust getaddrinfo to return the protocol we ask for, etc. This incorporates several outstanding patches from Kurt Roeckx, but I'm to blame for anything that doesn't work ...
2003-07-24 01:30:41 +02:00
#define ss_family ss_stuff.sa.sa_family
/* It should have an ss_len field if sockaddr has sa_len. */
#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN
#define ss_len ss_stuff.sa.sa_len
#define HAVE_STRUCT_SOCKADDR_STORAGE_SS_LEN 1
Hello! Here is a new patch for libpq, to make it work on Win32 again (since the latest modifications broke it a little). Please also add the file "libpq.rc" to the interfaces/libpq directory. This will allow version-stamping of the generated DLL file, so that automatic install programs (and interested users) can determine the version of the file. The file is currently set as "prerelease". Before the release, somebody should change the line "FILEFLAGS VS_FF_PRERELEASE" to "FILEFLAGS 0". That information should probably go into toos\RELEASE_CHANGES. The patch is against the cvs as of ~ 1998-08-26 14:30 CEST. //Magnus
1998-08-29 06:05:46 +02:00
#endif
pgindent run.
2003-08-04 02:43:34 +02:00
#endif /* HAVE_STRUCT_SOCKADDR_STORAGE */
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
pgindent run.
2003-08-04 02:43:34 +02:00
typedef struct
{
struct sockaddr_storage addr;
ACCEPT_TYPE_ARG3 salen;
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
} SockAddr;
Make default socket directory location configurable from config.h. If we're going to let it be run-time configurable, might as well allow this too...
2000-12-01 00:19:04 +01:00
/* Configure the UNIX socket location for the well known port. */
Last minute clean up for SunOS... From: t-ishii@sra.co.jp
1998-03-02 06:42:15 +01:00
Rename macro parameter, for clarity.
2006-05-17 03:44:24 +02:00
#define UNIXSOCK_PATH(path, port, sockdir) \
IPv6 cleanups. Kurt Roeckx Andrew Dunstan
2003-06-12 09:36:51 +02:00
snprintf(path, sizeof(path), "%s/.s.PGSQL.%d", \
Rename macro parameter, for clarity.
2006-05-17 03:44:24 +02:00
((sockdir) && *(sockdir) != '\0') ? (sockdir) : \
Make default socket directory location configurable from config.h. If we're going to let it be run-time configurable, might as well allow this too...
2000-12-01 00:19:04 +01:00
DEFAULT_PGSOCKET_DIR, \
(port))
Recommit socket path fix. It works now.
2000-11-22 04:40:19 +01:00
Produce a more useful error message for over-length Unix socket paths. The length of a socket path name is constrained by the size of struct sockaddr_un, and there's not a lot we can do about it since that is a kernel API. However, it would be a good thing if we produced an intelligible error message when the user specifies a socket path that's too long --- and getaddrinfo's standard API is too impoverished to do this in the natural way. So insert explicit tests at the places where we construct a socket path name. Now you'll get an error that makes sense and even tells you what the limit is, rather than something generic like "Non-recoverable failure in name resolution". Per trouble report from Jeremy Drake and a fix idea from Andrew Dunstan.
2012-11-30 01:57:01 +01:00
/*
* The maximum workable length of a socket path is what will fit into
pgindent run for 9.4 This includes removing tabs after periods in C comments, which was applied to back branches, so this change should not effect backpatching.
2014-05-06 18:12:18 +02:00
* struct sockaddr_un. This is usually only 100 or so bytes :-(.
Produce a more useful error message for over-length Unix socket paths. The length of a socket path name is constrained by the size of struct sockaddr_un, and there's not a lot we can do about it since that is a kernel API. However, it would be a good thing if we produced an intelligible error message when the user specifies a socket path that's too long --- and getaddrinfo's standard API is too impoverished to do this in the natural way. So insert explicit tests at the places where we construct a socket path name. Now you'll get an error that makes sense and even tells you what the limit is, rather than something generic like "Non-recoverable failure in name resolution". Per trouble report from Jeremy Drake and a fix idea from Andrew Dunstan.
2012-11-30 01:57:01 +01:00
*
* For consistency, always pass a MAXPGPATH-sized buffer to UNIXSOCK_PATH(),
* then complain if the resulting string is >= UNIXSOCK_PATH_BUFLEN bytes.
* (Because the standard API for getaddrinfo doesn't allow it to complain in
* a useful way when the socket pathname is too long, we have to test for
* this explicitly, instead of just letting the subroutine return an error.)
*/
#define UNIXSOCK_PATH_BUFLEN sizeof(((struct sockaddr_un *) NULL)->sun_path)
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
/*
* These manipulate the frontend/backend protocol version number.
*
* The major number should be incremented for incompatible changes. The minor
* number should be incremented for compatible changes (eg. additional
* functionality).
*
* If a backend supports version m.n of the protocol it must actually support
First phase of FE/BE protocol modifications: new StartupPacket layout with variable-width fields. No more truncation of long user names. Also, libpq can now send its environment-variable-driven SET commands as part of the startup packet, saving round trips to server.
2003-04-18 00:26:02 +02:00
* versions m.[0..n]. Backend support for version m-1 can be dropped after a
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
* `reasonable' length of time.
*
* A frontend isn't required to support anything other than the current
* version.
*/
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
#define PG_PROTOCOL_MAJOR(v) ((v) >> 16)
#define PG_PROTOCOL_MINOR(v) ((v) & 0x0000ffff)
#define PG_PROTOCOL(m,n) (((m) << 16) | (n))
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
/* The earliest and latest frontend/backend protocol version supported. */
Drop server support for FE/BE protocol version 1.0. While this isn't a lot of code, it's been essentially untestable for a very long time, because libpq doesn't support anything older than protocol 2.0, and has not since release 6.3. There's no reason to believe any other client-side code still uses that protocol, either. Discussion: <2661.1475849167@sss.pgh.pa.us>
2016-10-11 18:19:18 +02:00
#define PG_PROTOCOL_EARLIEST PG_PROTOCOL(2,0)
I think we're done with protocol instability, so mark server and libpq as speaking the one true 3.0 protocol.
2003-05-08 20:33:39 +02:00
#define PG_PROTOCOL_LATEST PG_PROTOCOL(3,0)
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
First phase of FE/BE protocol modifications: new StartupPacket layout with variable-width fields. No more truncation of long user names. Also, libpq can now send its environment-variable-driven SET commands as part of the startup packet, saving round trips to server.
2003-04-18 00:26:02 +02:00
typedef uint32 ProtocolVersion; /* FE/BE protocol version number */
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
First phase of FE/BE protocol modifications: new StartupPacket layout with variable-width fields. No more truncation of long user names. Also, libpq can now send its environment-variable-driven SET commands as part of the startup packet, saving round trips to server.
2003-04-18 00:26:02 +02:00
typedef ProtocolVersion MsgType;
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
/*
First phase of FE/BE protocol modifications: new StartupPacket layout with variable-width fields. No more truncation of long user names. Also, libpq can now send its environment-variable-driven SET commands as part of the startup packet, saving round trips to server.
2003-04-18 00:26:02 +02:00
* Packet lengths are 4 bytes in network byte order.
*
* The initial length is omitted from the packet layouts appearing below.
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
*/
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
First phase of FE/BE protocol modifications: new StartupPacket layout with variable-width fields. No more truncation of long user names. Also, libpq can now send its environment-variable-driven SET commands as part of the startup packet, saving round trips to server.
2003-04-18 00:26:02 +02:00
typedef uint32 PacketLen;
Add most of Neil Conway's cleanups.
2002-08-27 17:15:23 +02:00
/*
First phase of FE/BE protocol modifications: new StartupPacket layout with variable-width fields. No more truncation of long user names. Also, libpq can now send its environment-variable-driven SET commands as part of the startup packet, saving round trips to server.
2003-04-18 00:26:02 +02:00
* Old-style startup packet layout with fixed-width fields. This is used in
* protocol 1.0 and 2.0, but not in later versions. Note that the fields
* in this layout are '\0' terminated only if there is room.
Add most of Neil Conway's cleanups.
2002-08-27 17:15:23 +02:00
*/
pgindent run.
2002-09-04 22:31:48 +02:00
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
#define SM_DATABASE 64
#define SM_USER 32
Add db-local user names, per discussion on hackers.
2002-08-18 05:03:26 +02:00
/* We append database name if db_user_namespace true. */
pgindent run.
2002-09-04 22:31:48 +02:00
#define SM_DATABASE_USER (SM_DATABASE+SM_USER+1) /* +1 for @ */
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
#define SM_OPTIONS 64
#define SM_UNUSED 64
#define SM_TTY 64
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
typedef struct StartupPacket
{
ProtocolVersion protoVersion; /* Protocol version */
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
char database[SM_DATABASE]; /* Database name */
pgindent run.
2002-09-04 22:31:48 +02:00
/* Db_user_namespace appends dbname */
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
char user[SM_USER]; /* User name */
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
char options[SM_OPTIONS]; /* Optional additional args */
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
char unused[SM_UNUSED]; /* Unused */
char tty[SM_TTY]; /* Tty for debug output */
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
} StartupPacket;
Add db-local user names, per discussion on hackers.
2002-08-18 05:03:26 +02:00
extern bool Db_user_namespace;
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
First phase of FE/BE protocol modifications: new StartupPacket layout with variable-width fields. No more truncation of long user names. Also, libpq can now send its environment-variable-driven SET commands as part of the startup packet, saving round trips to server.
2003-04-18 00:26:02 +02:00
/*
* In protocol 3.0 and later, the startup packet length is not fixed, but
pgindent run for 9.4 This includes removing tabs after periods in C comments, which was applied to back branches, so this change should not effect backpatching.
2014-05-06 18:12:18 +02:00
* we set an arbitrary limit on it anyway. This is just to prevent simple
First phase of FE/BE protocol modifications: new StartupPacket layout with variable-width fields. No more truncation of long user names. Also, libpq can now send its environment-variable-driven SET commands as part of the startup packet, saving round trips to server.
2003-04-18 00:26:02 +02:00
* denial-of-service attacks via sending enough data to run the server
* out of memory.
*/
#define MAX_STARTUP_PACKET_LENGTH 10000
/* These are the authentication request codes sent by the backend. */
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
Use MD5 for wire protocol encryption for >= 7.2 client/server. Allow pg_shadow to be MD5 encrypted. Add ENCRYPTED/UNENCRYPTED option to CREATE/ALTER user. Add password_encryption postgresql.conf option. Update wire protocol version to 2.1.
2001-08-15 20:42:16 +02:00
#define AUTH_REQ_OK 0 /* User is authenticated */
Remove support for Kerberos V4. It seems no one is using this, it has some security issues, and upstream has declared it "dead". Patch from Magnus Hagander, minor editorialization from Neil Conway.
2005-06-27 04:04:26 +02:00
#define AUTH_REQ_KRB4 1 /* Kerberos V4. Not supported any more. */
Remove support for native krb5 authentication krb5 has been deprecated since 8.3, and the recommended way to do Kerberos authentication is using the GSSAPI authentication method (which is still fully supported). libpq retains the ability to identify krb5 authentication, but only gives an error message about it being unsupported. Since all authentication is initiated from the backend, there is no need to keep it at all in the backend.
2014-01-15 17:24:01 +01:00
#define AUTH_REQ_KRB5 2 /* Kerberos V5. Not supported any more. */
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
#define AUTH_REQ_PASSWORD 3 /* Password */
Remove support for (insecure) crypt authentication. This breaks compatibility with pre-7.2 versions.
2008-10-28 13:10:44 +01:00
#define AUTH_REQ_CRYPT 4 /* crypt password. Not supported any more. */
Use MD5 for wire protocol encryption for >= 7.2 client/server. Allow pg_shadow to be MD5 encrypted. Add ENCRYPTED/UNENCRYPTED option to CREATE/ALTER user. Add password_encryption postgresql.conf option. Update wire protocol version to 2.1.
2001-08-15 20:42:16 +02:00
#define AUTH_REQ_MD5 5 /* md5 password */
Add SCM_CREDS to get owner of unix-domain socket on BSD-like systems.
2001-08-21 02:33:28 +02:00
#define AUTH_REQ_SCM_CREDS 6 /* transfer SCM credentials */
Add support for GSSAPI authentication. Documentation still being written, will be committed later. Henry B. Hotz and Magnus Hagander
2007-07-10 15:14:22 +02:00
#define AUTH_REQ_GSS 7 /* GSSAPI without wrap() */
#define AUTH_REQ_GSS_CONT 8 /* Continue GSS exchanges */
pgindent run for 8.3.
2007-11-15 22:14:46 +01:00
#define AUTH_REQ_SSPI 9 /* SSPI negotiate without wrap() */
Support SCRAM-SHA-256 authentication (RFC 5802 and 7677). This introduces a new generic SASL authentication method, similar to the GSS and SSPI methods. The server first tells the client which SASL authentication mechanism to use, and then the mechanism-specific SASL messages are exchanged in AuthenticationSASLcontinue and PasswordMessage messages. Only SCRAM-SHA-256 is supported at the moment, but this allows adding more SASL mechanisms in the future, without changing the overall protocol. Support for channel binding, aka SCRAM-SHA-256-PLUS is left for later. The SASLPrep algorithm, for pre-processing the password, is not yet implemented. That could cause trouble, if you use a password with non-ASCII characters, and a client library that does implement SASLprep. That will hopefully be added later. Authorization identities, as specified in the SCRAM-SHA-256 specification, are ignored. SET SESSION AUTHORIZATION provides more or less the same functionality, anyway. If a user doesn't exist, perform a "mock" authentication, by constructing an authentic-looking challenge on the fly. The challenge is derived from a new system-wide random value, "mock authentication nonce", which is created at initdb, and stored in the control file. We go through these motions, in order to not give away the information on whether the user exists, to unauthenticated users. Bumps PG_CONTROL_VERSION, because of the new field in control file. Patch by Michael Paquier and Heikki Linnakangas, reviewed at different stages by Robert Haas, Stephen Frost, David Steele, Aleksander Alekseev, and many others. Discussion: https://www.postgresql.org/message-id/CAB7nPqRbR3GmFYdedCAhzukfKrgBLTLtMvENOmPrVWREsZkF8g%40mail.gmail.com Discussion: https://www.postgresql.org/message-id/CAB7nPqSMXU35g%3DW9X74HVeQp0uvgJxvYOuA4A-A3M%2B0wfEBv-w%40mail.gmail.com Discussion: https://www.postgresql.org/message-id/55192AFE.6080106@iki.fi
2017-03-07 13:25:40 +01:00
#define AUTH_REQ_SASL 10 /* SASL */
#define AUTH_REQ_SASL_CONT 11 /* continue SASL exchange */
From: Phil Thompson <phil@river-bank.demon.co.uk> I've completed the patch to fix the protocol and authentication issues I was discussing a couple of weeks ago. The particular changes are: - the protocol has a version number - network byte order is used throughout - the pg_hba.conf file is used to specify what method is used to authenticate a frontend (either password, ident, trust, reject, krb4 or krb5) - support for multiplexed backends is removed - appropriate changes to man pages - the -a switch to many programs to specify an authentication service no longer has any effect - the libpq.so version number has changed to 1.1 The new backend still supports the old protocol so old interfaces won't break.
1998-01-26 02:42:53 +01:00
typedef uint32 AuthRequest;
First phase of FE/BE protocol modifications: new StartupPacket layout with variable-width fields. No more truncation of long user names. Also, libpq can now send its environment-variable-driven SET commands as part of the startup packet, saving round trips to server.
2003-04-18 00:26:02 +02:00
/*
* A client can also send a cancel-current-operation request to the postmaster.
From: Tom Lane <tgl@sss.pgh.pa.us> Making PQrequestCancel safe to call in a signal handler turned out to be much easier than I feared. So here are the diffs. Some notes: * I modified the postmaster's packet "iodone" callback interface to allow the callback routine to return a continue-or-drop-connection return code; this was necessary to allow the connection to be closed after receiving a Cancel, rather than proceeding to launch a new backend... Being a neatnik, I also made the iodone proc have a typechecked parameter list. * I deleted all code I could find that had to do with OOB. * I made some edits to ensure that all signals mentioned in the code are referred to symbolically not by numbers ("SIGUSR2" not "2"). I think Bruce may have already done at least some of the same edits; I hope that merging these patches is not too painful.
1998-07-09 05:29:11 +02:00
* This is uglier than sending it directly to the client's backend, but it
* avoids depending on out-of-band communication facilities.
First phase of FE/BE protocol modifications: new StartupPacket layout with variable-width fields. No more truncation of long user names. Also, libpq can now send its environment-variable-driven SET commands as part of the startup packet, saving round trips to server.
2003-04-18 00:26:02 +02:00
*
* The cancel request code must not match any protocol version number
From: Tom Lane <tgl@sss.pgh.pa.us> Making PQrequestCancel safe to call in a signal handler turned out to be much easier than I feared. So here are the diffs. Some notes: * I modified the postmaster's packet "iodone" callback interface to allow the callback routine to return a continue-or-drop-connection return code; this was necessary to allow the connection to be closed after receiving a Cancel, rather than proceeding to launch a new backend... Being a neatnik, I also made the iodone proc have a typechecked parameter list. * I deleted all code I could find that had to do with OOB. * I made some edits to ensure that all signals mentioned in the code are referred to symbolically not by numbers ("SIGUSR2" not "2"). I think Bruce may have already done at least some of the same edits; I hope that merging these patches is not too painful.
1998-07-09 05:29:11 +02:00
* we're ever likely to use. This random choice should do.
*/
OK, folks, here is the pgindent output.
1998-09-01 06:40:42 +02:00
#define CANCEL_REQUEST_CODE PG_PROTOCOL(1234,5678)
From: Tom Lane <tgl@sss.pgh.pa.us> Making PQrequestCancel safe to call in a signal handler turned out to be much easier than I feared. So here are the diffs. Some notes: * I modified the postmaster's packet "iodone" callback interface to allow the callback routine to return a continue-or-drop-connection return code; this was necessary to allow the connection to be closed after receiving a Cancel, rather than proceeding to launch a new backend... Being a neatnik, I also made the iodone proc have a typechecked parameter list. * I deleted all code I could find that had to do with OOB. * I made some edits to ensure that all signals mentioned in the code are referred to symbolically not by numbers ("SIGUSR2" not "2"). I think Bruce may have already done at least some of the same edits; I hope that merging these patches is not too painful.
1998-07-09 05:29:11 +02:00
typedef struct CancelRequestPacket
{
/* Note that each field is stored in network byte order! */
Standard pgindent run for 8.1.
2005-10-15 04:49:52 +02:00
MsgType cancelRequestCode; /* code to identify a cancel request */
OK, folks, here is the pgindent output.
1998-09-01 06:40:42 +02:00
uint32 backendPID; /* PID of client's backend */
uint32 cancelAuthCode; /* secret key to authorize cancel */
Another pgindent run. Sorry folks.
1999-05-26 00:43:53 +02:00
} CancelRequestPacket;
From: Tom Lane <tgl@sss.pgh.pa.us> Making PQrequestCancel safe to call in a signal handler turned out to be much easier than I feared. So here are the diffs. Some notes: * I modified the postmaster's packet "iodone" callback interface to allow the callback routine to return a continue-or-drop-connection return code; this was necessary to allow the connection to be closed after receiving a Cancel, rather than proceeding to launch a new backend... Being a neatnik, I also made the iodone proc have a typechecked parameter list. * I deleted all code I could find that had to do with OOB. * I made some edits to ensure that all signals mentioned in the code are referred to symbolically not by numbers ("SIGUSR2" not "2"). I think Bruce may have already done at least some of the same edits; I hope that merging these patches is not too painful.
1998-07-09 05:29:11 +02:00
Lots of patches coming in from me today :-) When drawing up a very simple "text-drawing" of how the negotiation is done, I realised I had done this last part (fallback) in a very stupid way. Patch #4 fixes this, and does it in a much better way. Included is also the simple text-drawing of how the negotiation is done. //Magnus
1999-09-27 05:13:16 +02:00
/*
* A client can also start by sending a SSL negotiation request, to get a
* secure channel.
*/
#define NEGOTIATE_SSL_CODE PG_PROTOCOL(1234,5679)
New pgindent run with fixes suggested by Tom. Patch manually reviewed, initdb/regression tests pass.
2001-11-05 18:46:40 +01:00
#endif /* PQCOMM_H */