2003-06-14 16:35:42 +02:00
|
|
|
/*-------------------------------------------------------------------------
|
|
|
|
|
*
|
2003-08-08 05:09:56 +02:00
|
|
|
* thread.c
|
2003-06-14 16:35:42 +02:00
|
|
|
*
|
|
|
|
|
* Prototypes and macros around system calls, used to help make
|
|
|
|
|
* threaded libraries reentrant and safe to use from threaded applications.
|
|
|
|
|
*
|
2016-01-02 19:33:40 +01:00
|
|
|
* Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group
|
2003-06-14 16:35:42 +02:00
|
|
|
*
|
2010-09-20 22:08:53 +02:00
|
|
|
* src/port/thread.c
|
2003-06-14 16:35:42 +02:00
|
|
|
*
|
|
|
|
|
*-------------------------------------------------------------------------
|
|
|
|
|
*/
|
|
|
|
|
|
2004-06-24 20:53:48 +02:00
|
|
|
#include "c.h"
|
2003-06-14 16:35:42 +02:00
|
|
|
|
2003-10-26 05:29:15 +01:00
|
|
|
#include <pwd.h>
|
2003-09-13 16:49:51 +02:00
|
|
|
|
2005-07-28 06:03:14 +02:00
|
|
|
|
2003-08-14 07:27:18 +02:00
|
|
|
/*
|
|
|
|
|
* Threading sometimes requires specially-named versions of functions
|
|
|
|
|
* that return data in static buffers, like strerror_r() instead of
|
|
|
|
|
* strerror(). Other operating systems use pthread_setspecific()
|
|
|
|
|
* and pthread_getspecific() internally to allow standard library
|
2003-09-13 16:49:51 +02:00
|
|
|
* functions to return static data to threaded applications. And some
|
2004-02-11 22:44:06 +01:00
|
|
|
* operating systems have neither.
|
2003-08-14 07:27:18 +02:00
|
|
|
*
|
|
|
|
|
* Additional confusion exists because many operating systems that
|
|
|
|
|
* use pthread_setspecific/pthread_getspecific() also have *_r versions
|
|
|
|
|
* of standard library functions for compatibility with operating systems
|
2014-05-06 18:12:18 +02:00
|
|
|
* that require them. However, internally, these *_r functions merely
|
2003-08-14 07:27:18 +02:00
|
|
|
* call the thread-safe standard library functions.
|
|
|
|
|
*
|
|
|
|
|
* For example, BSD/OS 4.3 uses Bind 8.2.3 for getpwuid(). Internally,
|
|
|
|
|
* getpwuid() calls pthread_setspecific/pthread_getspecific() to return
|
2014-05-06 18:12:18 +02:00
|
|
|
* static data to the caller in a thread-safe manner. However, BSD/OS
|
2003-08-14 07:27:18 +02:00
|
|
|
* also has getpwuid_r(), which merely calls getpwuid() and shifts
|
|
|
|
|
* around the arguments to match the getpwuid_r() function declaration.
|
|
|
|
|
* Therefore, while BSD/OS has getpwuid_r(), it isn't required. It also
|
|
|
|
|
* doesn't have strerror_r(), so we can't fall back to only using *_r
|
|
|
|
|
* functions for threaded programs.
|
|
|
|
|
*
|
2003-09-13 16:49:51 +02:00
|
|
|
* The current setup is to try threading in this order:
|
|
|
|
|
*
|
2004-02-11 22:44:06 +01:00
|
|
|
* use *_r function names if they exit
|
2008-04-22 15:06:57 +02:00
|
|
|
* (*_THREADSAFE=yes)
|
2004-02-11 22:44:06 +01:00
|
|
|
* use non-*_r functions if they are thread-safe
|
2003-09-15 04:30:29 +02:00
|
|
|
*
|
|
|
|
|
* One thread-safe solution for gethostbyname() might be to use getaddrinfo().
|
|
|
|
|
*
|
2007-04-03 14:55:23 +02:00
|
|
|
* Run src/test/thread to test if your operating system has thread-safe
|
2003-09-29 05:32:05 +02:00
|
|
|
* non-*_r functions.
|
2003-08-14 07:27:18 +02:00
|
|
|
*/
|
2004-08-29 07:07:03 +02:00
|
|
|
|
2003-08-14 07:27:18 +02:00
|
|
|
|
2003-06-14 16:35:42 +02:00
|
|
|
/*
|
|
|
|
|
* Wrapper around strerror and strerror_r to use the former if it is
|
|
|
|
|
* available and also return a more useful value (the error string).
|
|
|
|
|
*/
|
|
|
|
|
char *
|
|
|
|
|
pqStrerror(int errnum, char *strerrbuf, size_t buflen)
|
|
|
|
|
{
|
2004-02-11 22:44:06 +01:00
|
|
|
#if defined(FRONTEND) && defined(ENABLE_THREAD_SAFETY) && defined(HAVE_STRERROR_R)
|
2003-06-14 16:35:42 +02:00
|
|
|
/* reentrant strerror_r is available */
|
2004-06-08 00:39:45 +02:00
|
|
|
#ifdef STRERROR_R_INT
|
|
|
|
|
/* SUSv3 version */
|
|
|
|
|
if (strerror_r(errnum, strerrbuf, buflen) == 0)
|
|
|
|
|
return strerrbuf;
|
|
|
|
|
else
|
2004-06-08 03:45:50 +02:00
|
|
|
return "Unknown error";
|
2004-06-08 00:39:45 +02:00
|
|
|
#else
|
|
|
|
|
/* GNU libc */
|
|
|
|
|
return strerror_r(errnum, strerrbuf, buflen);
|
|
|
|
|
#endif
|
2003-06-14 16:35:42 +02:00
|
|
|
#else
|
|
|
|
|
/* no strerror_r() available, just use strerror */
|
2006-09-27 20:40:10 +02:00
|
|
|
strlcpy(strerrbuf, strerror(errnum), buflen);
|
2003-09-13 16:49:51 +02:00
|
|
|
|
|
|
|
|
return strerrbuf;
|
2003-06-14 16:35:42 +02:00
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Wrapper around getpwuid() or getpwuid_r() to mimic POSIX getpwuid_r()
|
2015-01-11 18:52:37 +01:00
|
|
|
* behaviour, if that function is not available or required.
|
Fix libpq's behavior when /etc/passwd isn't readable.
Some users run their applications in chroot environments that lack an
/etc/passwd file. This means that the current UID's user name and home
directory are not obtainable. libpq used to be all right with that,
so long as the database role name to use was specified explicitly.
But commit a4c8f14364c27508233f8a31ac4b10a4c90235a9 broke such cases by
causing any failure of pg_fe_getauthname() to be treated as a hard error.
In any case it did little to advance its nominal goal of causing errors
in pg_fe_getauthname() to be reported better. So revert that and instead
put some real error-reporting code in place. This requires changes to the
APIs of pg_fe_getauthname() and pqGetpwuid(), since the latter had
departed from the POSIX-specified API of getpwuid_r() in a way that made
it impossible to distinguish actual lookup errors from "no such user".
To allow such failures to be reported, while not failing if the caller
supplies a role name, add a second call of pg_fe_getauthname() in
connectOptions2(). This is a tad ugly, and could perhaps be avoided with
some refactoring of PQsetdbLogin(), but I'll leave that idea for later.
(Note that the complained-of misbehavior only occurs in PQsetdbLogin,
not when using the PQconnect functions, because in the latter we will
never bother to call pg_fe_getauthname() if the user gives a role name.)
In passing also clean up the Windows-side usage of GetUserName(): the
recommended buffer size is 257 bytes, the passed buffer length should
be the buffer size not buffer size less 1, and any error is reported
by GetLastError() not errno.
Per report from Christoph Berg. Back-patch to 9.4 where the chroot
failure case was introduced. The generally poor reporting of errors
here is of very long standing, of course, but given the lack of field
complaints about it we won't risk changing these APIs further back
(even though they're theoretically internal to libpq).
2015-01-11 18:35:44 +01:00
|
|
|
*
|
|
|
|
|
* Per POSIX, the possible cases are:
|
|
|
|
|
* success: returns zero, *result is non-NULL
|
|
|
|
|
* uid not found: returns zero, *result is NULL
|
|
|
|
|
* error during lookup: returns an errno code, *result is NULL
|
|
|
|
|
* (caller should *not* assume that the errno variable is set)
|
2003-06-14 16:35:42 +02:00
|
|
|
*/
|
2003-09-05 19:43:40 +02:00
|
|
|
#ifndef WIN32
|
2003-06-14 16:35:42 +02:00
|
|
|
int
|
2004-08-29 07:07:03 +02:00
|
|
|
pqGetpwuid(uid_t uid, struct passwd * resultbuf, char *buffer,
|
|
|
|
|
size_t buflen, struct passwd ** result)
|
2003-06-14 16:35:42 +02:00
|
|
|
{
|
2004-02-11 22:44:06 +01:00
|
|
|
#if defined(FRONTEND) && defined(ENABLE_THREAD_SAFETY) && defined(HAVE_GETPWUID_R)
|
Fix libpq's behavior when /etc/passwd isn't readable.
Some users run their applications in chroot environments that lack an
/etc/passwd file. This means that the current UID's user name and home
directory are not obtainable. libpq used to be all right with that,
so long as the database role name to use was specified explicitly.
But commit a4c8f14364c27508233f8a31ac4b10a4c90235a9 broke such cases by
causing any failure of pg_fe_getauthname() to be treated as a hard error.
In any case it did little to advance its nominal goal of causing errors
in pg_fe_getauthname() to be reported better. So revert that and instead
put some real error-reporting code in place. This requires changes to the
APIs of pg_fe_getauthname() and pqGetpwuid(), since the latter had
departed from the POSIX-specified API of getpwuid_r() in a way that made
it impossible to distinguish actual lookup errors from "no such user".
To allow such failures to be reported, while not failing if the caller
supplies a role name, add a second call of pg_fe_getauthname() in
connectOptions2(). This is a tad ugly, and could perhaps be avoided with
some refactoring of PQsetdbLogin(), but I'll leave that idea for later.
(Note that the complained-of misbehavior only occurs in PQsetdbLogin,
not when using the PQconnect functions, because in the latter we will
never bother to call pg_fe_getauthname() if the user gives a role name.)
In passing also clean up the Windows-side usage of GetUserName(): the
recommended buffer size is 257 bytes, the passed buffer length should
be the buffer size not buffer size less 1, and any error is reported
by GetLastError() not errno.
Per report from Christoph Berg. Back-patch to 9.4 where the chroot
failure case was introduced. The generally poor reporting of errors
here is of very long standing, of course, but given the lack of field
complaints about it we won't risk changing these APIs further back
(even though they're theoretically internal to libpq).
2015-01-11 18:35:44 +01:00
|
|
|
return getpwuid_r(uid, resultbuf, buffer, buflen, result);
|
2003-06-14 16:35:42 +02:00
|
|
|
#else
|
|
|
|
|
/* no getpwuid_r() available, just use getpwuid() */
|
Fix libpq's behavior when /etc/passwd isn't readable.
Some users run their applications in chroot environments that lack an
/etc/passwd file. This means that the current UID's user name and home
directory are not obtainable. libpq used to be all right with that,
so long as the database role name to use was specified explicitly.
But commit a4c8f14364c27508233f8a31ac4b10a4c90235a9 broke such cases by
causing any failure of pg_fe_getauthname() to be treated as a hard error.
In any case it did little to advance its nominal goal of causing errors
in pg_fe_getauthname() to be reported better. So revert that and instead
put some real error-reporting code in place. This requires changes to the
APIs of pg_fe_getauthname() and pqGetpwuid(), since the latter had
departed from the POSIX-specified API of getpwuid_r() in a way that made
it impossible to distinguish actual lookup errors from "no such user".
To allow such failures to be reported, while not failing if the caller
supplies a role name, add a second call of pg_fe_getauthname() in
connectOptions2(). This is a tad ugly, and could perhaps be avoided with
some refactoring of PQsetdbLogin(), but I'll leave that idea for later.
(Note that the complained-of misbehavior only occurs in PQsetdbLogin,
not when using the PQconnect functions, because in the latter we will
never bother to call pg_fe_getauthname() if the user gives a role name.)
In passing also clean up the Windows-side usage of GetUserName(): the
recommended buffer size is 257 bytes, the passed buffer length should
be the buffer size not buffer size less 1, and any error is reported
by GetLastError() not errno.
Per report from Christoph Berg. Back-patch to 9.4 where the chroot
failure case was introduced. The generally poor reporting of errors
here is of very long standing, of course, but given the lack of field
complaints about it we won't risk changing these APIs further back
(even though they're theoretically internal to libpq).
2015-01-11 18:35:44 +01:00
|
|
|
errno = 0;
|
2003-06-14 16:35:42 +02:00
|
|
|
*result = getpwuid(uid);
|
Fix libpq's behavior when /etc/passwd isn't readable.
Some users run their applications in chroot environments that lack an
/etc/passwd file. This means that the current UID's user name and home
directory are not obtainable. libpq used to be all right with that,
so long as the database role name to use was specified explicitly.
But commit a4c8f14364c27508233f8a31ac4b10a4c90235a9 broke such cases by
causing any failure of pg_fe_getauthname() to be treated as a hard error.
In any case it did little to advance its nominal goal of causing errors
in pg_fe_getauthname() to be reported better. So revert that and instead
put some real error-reporting code in place. This requires changes to the
APIs of pg_fe_getauthname() and pqGetpwuid(), since the latter had
departed from the POSIX-specified API of getpwuid_r() in a way that made
it impossible to distinguish actual lookup errors from "no such user".
To allow such failures to be reported, while not failing if the caller
supplies a role name, add a second call of pg_fe_getauthname() in
connectOptions2(). This is a tad ugly, and could perhaps be avoided with
some refactoring of PQsetdbLogin(), but I'll leave that idea for later.
(Note that the complained-of misbehavior only occurs in PQsetdbLogin,
not when using the PQconnect functions, because in the latter we will
never bother to call pg_fe_getauthname() if the user gives a role name.)
In passing also clean up the Windows-side usage of GetUserName(): the
recommended buffer size is 257 bytes, the passed buffer length should
be the buffer size not buffer size less 1, and any error is reported
by GetLastError() not errno.
Per report from Christoph Berg. Back-patch to 9.4 where the chroot
failure case was introduced. The generally poor reporting of errors
here is of very long standing, of course, but given the lack of field
complaints about it we won't risk changing these APIs further back
(even though they're theoretically internal to libpq).
2015-01-11 18:35:44 +01:00
|
|
|
/* paranoia: ensure we return zero on success */
|
|
|
|
|
return (*result == NULL) ? errno : 0;
|
2003-06-14 16:35:42 +02:00
|
|
|
#endif
|
|
|
|
|
}
|
2003-09-05 19:43:40 +02:00
|
|
|
#endif
|
2003-06-14 16:35:42 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Wrapper around gethostbyname() or gethostbyname_r() to mimic
|
2003-08-14 07:27:18 +02:00
|
|
|
* POSIX gethostbyname_r() behaviour, if it is not available or required.
|
2003-09-27 17:32:48 +02:00
|
|
|
* This function is called _only_ by our getaddinfo() portability function.
|
2003-06-14 16:35:42 +02:00
|
|
|
*/
|
2003-09-27 17:32:48 +02:00
|
|
|
#ifndef HAVE_GETADDRINFO
|
2003-06-14 16:35:42 +02:00
|
|
|
int
|
|
|
|
|
pqGethostbyname(const char *name,
|
2004-08-29 07:07:03 +02:00
|
|
|
struct hostent * resultbuf,
|
2003-09-13 16:49:51 +02:00
|
|
|
char *buffer, size_t buflen,
|
2004-08-29 07:07:03 +02:00
|
|
|
struct hostent ** result,
|
2003-06-14 16:35:42 +02:00
|
|
|
int *herrno)
|
|
|
|
|
{
|
2004-02-11 22:44:06 +01:00
|
|
|
#if defined(FRONTEND) && defined(ENABLE_THREAD_SAFETY) && defined(HAVE_GETHOSTBYNAME_R)
|
2004-08-29 07:07:03 +02:00
|
|
|
|
2003-06-14 16:35:42 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* broken (well early POSIX draft) gethostbyname_r() which returns 'struct
|
|
|
|
|
* hostent *'
|
2003-06-14 16:35:42 +02:00
|
|
|
*/
|
2004-03-14 15:01:43 +01:00
|
|
|
*result = gethostbyname_r(name, resultbuf, buffer, buflen, herrno);
|
2003-06-14 16:35:42 +02:00
|
|
|
return (*result == NULL) ? -1 : 0;
|
|
|
|
|
#else
|
2003-09-13 16:49:51 +02:00
|
|
|
|
2003-06-14 16:35:42 +02:00
|
|
|
/* no gethostbyname_r(), just use gethostbyname() */
|
|
|
|
|
*result = gethostbyname(name);
|
2003-09-13 16:49:51 +02:00
|
|
|
|
|
|
|
|
if (*result != NULL)
|
|
|
|
|
*herrno = h_errno;
|
2004-08-29 07:07:03 +02:00
|
|
|
|
2003-06-14 16:35:42 +02:00
|
|
|
if (*result != NULL)
|
|
|
|
|
return 0;
|
|
|
|
|
else
|
|
|
|
|
return -1;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
2004-08-29 07:07:03 +02:00
|
|
|
|
2003-09-27 17:32:48 +02:00
|
|
|
#endif
|
