1996-07-09 08:22:35 +02:00
|
|
|
/*-------------------------------------------------------------------------
|
|
|
|
*
|
1999-02-14 00:22:53 +01:00
|
|
|
* fe-auth.c
|
1997-09-07 07:04:48 +02:00
|
|
|
* The front-end (client) authorization routines
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
2007-01-05 23:20:05 +01:00
|
|
|
* Portions Copyright (c) 1996-2007, PostgreSQL Global Development Group
|
2000-01-26 06:58:53 +01:00
|
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
1999-08-31 03:37:37 +02:00
|
|
|
* NOTE: the error message strings returned by this module must not
|
|
|
|
* exceed INITIAL_EXPBUFFER_SIZE (currently 256 bytes).
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
|
|
|
* IDENTIFICATION
|
2007-02-10 15:58:55 +01:00
|
|
|
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.123 2007/02/10 14:58:55 petere Exp $
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
|
|
|
*-------------------------------------------------------------------------
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* INTERFACE ROUTINES
|
1997-09-07 07:04:48 +02:00
|
|
|
* frontend (client) routines:
|
2005-10-17 18:24:20 +02:00
|
|
|
* pg_fe_sendauth send authentication information
|
|
|
|
* pg_fe_getauthname get user's name according to the client side
|
1997-09-07 07:04:48 +02:00
|
|
|
* of the authentication system
|
1996-07-09 08:22:35 +02:00
|
|
|
*/
|
1998-08-17 05:50:43 +02:00
|
|
|
|
2001-02-10 03:31:31 +01:00
|
|
|
#include "postgres_fe.h"
|
|
|
|
|
1998-07-03 06:24:16 +02:00
|
|
|
#ifdef WIN32
|
|
|
|
#include "win32.h"
|
|
|
|
#else
|
1999-07-19 08:25:40 +02:00
|
|
|
#include <unistd.h>
|
2000-05-27 06:13:05 +02:00
|
|
|
#include <fcntl.h>
|
2001-08-21 02:33:28 +02:00
|
|
|
#include <sys/types.h>
|
2001-08-21 17:21:25 +02:00
|
|
|
#include <sys/param.h> /* for MAXHOSTNAMELEN on most */
|
2001-09-07 21:52:54 +02:00
|
|
|
#include <sys/socket.h>
|
|
|
|
#if defined(HAVE_STRUCT_CMSGCRED) || defined(HAVE_STRUCT_FCRED) || defined(HAVE_STRUCT_SOCKCRED)
|
|
|
|
#include <sys/uio.h>
|
2001-08-21 02:33:28 +02:00
|
|
|
#include <sys/ucred.h>
|
|
|
|
#endif
|
1996-10-13 06:50:27 +02:00
|
|
|
#ifndef MAXHOSTNAMELEN
|
1997-09-07 07:04:48 +02:00
|
|
|
#include <netdb.h> /* for MAXHOSTNAMELEN on some */
|
1996-10-13 06:50:27 +02:00
|
|
|
#endif
|
1996-07-09 08:22:35 +02:00
|
|
|
#include <pwd.h>
|
1999-07-19 04:27:16 +02:00
|
|
|
#endif
|
1996-11-03 08:14:32 +01:00
|
|
|
|
1998-01-26 02:42:53 +01:00
|
|
|
#ifdef HAVE_CRYPT_H
|
|
|
|
#include <crypt.h>
|
|
|
|
#endif
|
|
|
|
|
2001-09-21 22:31:49 +02:00
|
|
|
#include "libpq-fe.h"
|
|
|
|
#include "fe-auth.h"
|
2006-06-20 21:56:52 +02:00
|
|
|
#include "libpq/md5.h"
|
2001-09-21 22:31:49 +02:00
|
|
|
|
1998-01-26 02:42:53 +01:00
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
#ifdef KRB5
|
2001-08-17 17:11:15 +02:00
|
|
|
/*
|
1996-07-09 08:22:35 +02:00
|
|
|
* MIT Kerberos authentication system - protocol version 5
|
|
|
|
*/
|
|
|
|
|
2006-07-14 06:59:30 +02:00
|
|
|
#include <krb5.h>
|
2005-01-12 22:37:54 +01:00
|
|
|
/* Some old versions of Kerberos do not include <com_err.h> in <krb5.h> */
|
|
|
|
#if !defined(__COM_ERR_H) && !defined(__COM_ERR_H__)
|
|
|
|
#include <com_err.h>
|
|
|
|
#endif
|
1996-07-09 08:22:35 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* pg_an_to_ln -- return the local name corresponding to an authentication
|
1997-09-07 07:04:48 +02:00
|
|
|
* name
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
|
|
|
* XXX Assumes that the first aname component is the user name. This is NOT
|
1997-09-07 07:04:48 +02:00
|
|
|
* necessarily so, since an aname can actually be something out of your
|
|
|
|
* worst X.400 nightmare, like
|
|
|
|
* ORGANIZATION=U. C. Berkeley/NAME=Paul M. Aoki@CS.BERKELEY.EDU
|
|
|
|
* Note that the MIT an_to_ln code does the same thing if you don't
|
|
|
|
* provide an aname mapping database...it may be a better idea to use
|
|
|
|
* krb5_an_to_ln, except that it punts if multiple components are found,
|
|
|
|
* and we can't afford to punt.
|
2005-06-04 22:42:43 +02:00
|
|
|
*
|
|
|
|
* For WIN32, convert username to lowercase because the Win32 kerberos library
|
|
|
|
* generates tickets with the username as the user entered it instead of as
|
|
|
|
* it is entered in the directory.
|
1996-07-09 08:22:35 +02:00
|
|
|
*/
|
1997-09-08 04:41:22 +02:00
|
|
|
static char *
|
2000-05-27 06:13:05 +02:00
|
|
|
pg_an_to_ln(char *aname)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
1997-09-08 04:41:22 +02:00
|
|
|
char *p;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
|
|
|
if ((p = strchr(aname, '/')) || (p = strchr(aname, '@')))
|
|
|
|
*p = '\0';
|
2005-06-04 22:42:43 +02:00
|
|
|
#ifdef WIN32
|
2005-10-15 04:49:52 +02:00
|
|
|
for (p = aname; *p; p++)
|
2006-09-22 23:39:58 +02:00
|
|
|
*p = pg_tolower((unsigned char) *p);
|
2005-06-04 22:42:43 +02:00
|
|
|
#endif
|
|
|
|
|
1998-09-01 05:29:17 +02:00
|
|
|
return aname;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
2003-03-10 23:28:22 +01:00
|
|
|
* Various krb5 state which is not connection specific, and a flag to
|
2000-05-27 06:13:05 +02:00
|
|
|
* indicate whether we have initialised it yet.
|
1996-07-09 08:22:35 +02:00
|
|
|
*/
|
2006-10-04 02:30:14 +02:00
|
|
|
/*
|
2001-03-22 05:01:46 +01:00
|
|
|
static int pg_krb5_initialised;
|
2000-05-27 06:13:05 +02:00
|
|
|
static krb5_context pg_krb5_context;
|
|
|
|
static krb5_ccache pg_krb5_ccache;
|
|
|
|
static krb5_principal pg_krb5_client;
|
|
|
|
static char *pg_krb5_name;
|
2006-03-06 18:59:30 +01:00
|
|
|
*/
|
|
|
|
|
|
|
|
struct krb5_info
|
|
|
|
{
|
2006-10-04 02:30:14 +02:00
|
|
|
int pg_krb5_initialised;
|
|
|
|
krb5_context pg_krb5_context;
|
|
|
|
krb5_ccache pg_krb5_ccache;
|
|
|
|
krb5_principal pg_krb5_client;
|
|
|
|
char *pg_krb5_name;
|
2006-03-06 18:59:30 +01:00
|
|
|
};
|
2000-05-27 06:13:05 +02:00
|
|
|
|
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
static int
|
2006-10-04 02:30:14 +02:00
|
|
|
pg_krb5_init(char *PQerrormsg, struct krb5_info * info)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2000-05-27 06:13:05 +02:00
|
|
|
krb5_error_code retval;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
if (info->pg_krb5_initialised)
|
2000-05-27 06:13:05 +02:00
|
|
|
return STATUS_OK;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
retval = krb5_init_context(&(info->pg_krb5_context));
|
2001-03-22 05:01:46 +01:00
|
|
|
if (retval)
|
|
|
|
{
|
2000-05-27 06:13:05 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2001-08-17 17:02:18 +02:00
|
|
|
"pg_krb5_init: krb5_init_context: %s\n",
|
2000-05-27 06:13:05 +02:00
|
|
|
error_message(retval));
|
|
|
|
return STATUS_ERROR;
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
retval = krb5_cc_default(info->pg_krb5_context, &(info->pg_krb5_ccache));
|
2001-03-22 05:01:46 +01:00
|
|
|
if (retval)
|
|
|
|
{
|
2000-05-27 06:13:05 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2001-08-17 17:02:18 +02:00
|
|
|
"pg_krb5_init: krb5_cc_default: %s\n",
|
2000-05-27 06:13:05 +02:00
|
|
|
error_message(retval));
|
2006-03-06 18:59:30 +01:00
|
|
|
krb5_free_context(info->pg_krb5_context);
|
2000-05-27 06:13:05 +02:00
|
|
|
return STATUS_ERROR;
|
2001-03-22 05:01:46 +01:00
|
|
|
}
|
2000-05-27 06:13:05 +02:00
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
retval = krb5_cc_get_principal(info->pg_krb5_context, info->pg_krb5_ccache,
|
|
|
|
&(info->pg_krb5_client));
|
2001-03-22 05:01:46 +01:00
|
|
|
if (retval)
|
|
|
|
{
|
2000-05-27 06:13:05 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2001-08-17 17:02:18 +02:00
|
|
|
"pg_krb5_init: krb5_cc_get_principal: %s\n",
|
2000-05-27 06:13:05 +02:00
|
|
|
error_message(retval));
|
2006-03-06 18:59:30 +01:00
|
|
|
krb5_cc_close(info->pg_krb5_context, info->pg_krb5_ccache);
|
|
|
|
krb5_free_context(info->pg_krb5_context);
|
2000-05-27 06:13:05 +02:00
|
|
|
return STATUS_ERROR;
|
2001-03-22 05:01:46 +01:00
|
|
|
}
|
2000-05-27 06:13:05 +02:00
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
retval = krb5_unparse_name(info->pg_krb5_context, info->pg_krb5_client, &(info->pg_krb5_name));
|
2001-03-22 05:01:46 +01:00
|
|
|
if (retval)
|
|
|
|
{
|
2000-05-27 06:13:05 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2001-08-17 17:02:18 +02:00
|
|
|
"pg_krb5_init: krb5_unparse_name: %s\n",
|
2000-05-27 06:13:05 +02:00
|
|
|
error_message(retval));
|
2006-03-06 18:59:30 +01:00
|
|
|
krb5_free_principal(info->pg_krb5_context, info->pg_krb5_client);
|
|
|
|
krb5_cc_close(info->pg_krb5_context, info->pg_krb5_ccache);
|
|
|
|
krb5_free_context(info->pg_krb5_context);
|
2000-05-27 06:13:05 +02:00
|
|
|
return STATUS_ERROR;
|
2001-03-22 05:01:46 +01:00
|
|
|
}
|
2000-05-27 06:13:05 +02:00
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
info->pg_krb5_name = pg_an_to_ln(info->pg_krb5_name);
|
2000-05-27 06:13:05 +02:00
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
info->pg_krb5_initialised = 1;
|
2000-05-27 06:13:05 +02:00
|
|
|
return STATUS_OK;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
2006-10-04 02:30:14 +02:00
|
|
|
static void
|
|
|
|
pg_krb5_destroy(struct krb5_info * info)
|
2006-03-06 18:59:30 +01:00
|
|
|
{
|
|
|
|
krb5_free_principal(info->pg_krb5_context, info->pg_krb5_client);
|
|
|
|
krb5_cc_close(info->pg_krb5_context, info->pg_krb5_ccache);
|
|
|
|
krb5_free_context(info->pg_krb5_context);
|
|
|
|
free(info->pg_krb5_name);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-05-27 06:13:05 +02:00
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
/*
|
2006-07-12 04:31:56 +02:00
|
|
|
* pg_krb5_authname -- returns a copy of whatever name the user
|
|
|
|
* has authenticated to the system, or NULL
|
|
|
|
*/
|
|
|
|
static char *
|
2000-05-27 06:13:05 +02:00
|
|
|
pg_krb5_authname(char *PQerrormsg)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2006-10-04 02:30:14 +02:00
|
|
|
char *tmp_name;
|
2006-03-06 18:59:30 +01:00
|
|
|
struct krb5_info info;
|
2006-10-04 02:30:14 +02:00
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
info.pg_krb5_initialised = 0;
|
|
|
|
|
|
|
|
if (pg_krb5_init(PQerrormsg, &info) != STATUS_OK)
|
2000-05-27 06:13:05 +02:00
|
|
|
return NULL;
|
2006-03-06 18:59:30 +01:00
|
|
|
tmp_name = strdup(info.pg_krb5_name);
|
|
|
|
pg_krb5_destroy(&info);
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
return tmp_name;
|
2000-05-27 05:58:20 +02:00
|
|
|
}
|
2000-05-27 05:39:33 +02:00
|
|
|
|
2000-05-27 06:13:05 +02:00
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
/*
|
|
|
|
* pg_krb5_sendauth -- client routine to send authentication information to
|
1997-09-07 07:04:48 +02:00
|
|
|
* the server
|
1996-07-09 08:22:35 +02:00
|
|
|
*/
|
|
|
|
static int
|
2005-06-04 22:42:43 +02:00
|
|
|
pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname, const char *servicename)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2000-05-27 06:13:05 +02:00
|
|
|
krb5_error_code retval;
|
2001-03-22 05:01:46 +01:00
|
|
|
int ret;
|
2000-05-27 06:13:05 +02:00
|
|
|
krb5_principal server;
|
|
|
|
krb5_auth_context auth_context = NULL;
|
2001-03-22 05:01:46 +01:00
|
|
|
krb5_error *err_ret = NULL;
|
2006-03-06 18:59:30 +01:00
|
|
|
struct krb5_info info;
|
2006-10-04 02:30:14 +02:00
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
info.pg_krb5_initialised = 0;
|
2005-03-25 01:34:31 +01:00
|
|
|
|
|
|
|
if (!hostname)
|
|
|
|
{
|
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
|
|
|
"pg_krb5_sendauth: hostname must be specified for Kerberos authentication\n");
|
|
|
|
return STATUS_ERROR;
|
|
|
|
}
|
2000-05-27 06:13:05 +02:00
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
ret = pg_krb5_init(PQerrormsg, &info);
|
2000-05-27 06:13:05 +02:00
|
|
|
if (ret != STATUS_OK)
|
|
|
|
return ret;
|
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
retval = krb5_sname_to_principal(info.pg_krb5_context, hostname, servicename,
|
2000-05-27 06:13:05 +02:00
|
|
|
KRB5_NT_SRV_HST, &server);
|
2001-03-22 05:01:46 +01:00
|
|
|
if (retval)
|
|
|
|
{
|
2000-05-27 06:13:05 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2001-08-17 17:02:18 +02:00
|
|
|
"pg_krb5_sendauth: krb5_sname_to_principal: %s\n",
|
2000-05-27 06:13:05 +02:00
|
|
|
error_message(retval));
|
2006-03-06 18:59:30 +01:00
|
|
|
pg_krb5_destroy(&info);
|
1998-09-01 05:29:17 +02:00
|
|
|
return STATUS_ERROR;
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
|
|
|
|
2001-03-22 05:01:46 +01:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* libpq uses a non-blocking socket. But kerberos needs a blocking socket,
|
|
|
|
* and we have to block somehow to do mutual authentication anyway. So we
|
|
|
|
* temporarily make it blocking.
|
1997-09-07 07:04:48 +02:00
|
|
|
*/
|
2005-03-25 01:34:31 +01:00
|
|
|
if (!pg_set_block(sock))
|
2001-03-22 05:01:46 +01:00
|
|
|
{
|
2003-08-04 02:43:34 +02:00
|
|
|
char sebuf[256];
|
2003-06-14 19:49:54 +02:00
|
|
|
|
2000-05-27 06:13:05 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2003-06-14 19:49:54 +02:00
|
|
|
libpq_gettext("could not set socket to blocking mode: %s\n"), pqStrerror(errno, sebuf, sizeof(sebuf)));
|
2006-03-06 18:59:30 +01:00
|
|
|
krb5_free_principal(info.pg_krb5_context, server);
|
|
|
|
pg_krb5_destroy(&info);
|
1998-09-01 05:29:17 +02:00
|
|
|
return STATUS_ERROR;
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
retval = krb5_sendauth(info.pg_krb5_context, &auth_context,
|
2005-10-08 21:32:58 +02:00
|
|
|
(krb5_pointer) & sock, (char *) servicename,
|
2006-03-06 18:59:30 +01:00
|
|
|
info.pg_krb5_client, server,
|
2000-05-27 06:13:05 +02:00
|
|
|
AP_OPTS_MUTUAL_REQUIRED,
|
|
|
|
NULL, 0, /* no creds, use ccache instead */
|
2006-03-06 18:59:30 +01:00
|
|
|
info.pg_krb5_ccache, &err_ret, NULL, NULL);
|
2001-03-22 05:01:46 +01:00
|
|
|
if (retval)
|
|
|
|
{
|
|
|
|
if (retval == KRB5_SENDAUTH_REJECTED && err_ret)
|
|
|
|
{
|
2002-02-23 05:17:47 +01:00
|
|
|
#if defined(HAVE_KRB5_ERROR_TEXT_DATA)
|
2000-05-27 06:13:05 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2005-10-15 04:49:52 +02:00
|
|
|
libpq_gettext("Kerberos 5 authentication rejected: %*s\n"),
|
2003-11-26 16:55:01 +01:00
|
|
|
(int) err_ret->text.length, err_ret->text.data);
|
2002-02-23 05:17:47 +01:00
|
|
|
#elif defined(HAVE_KRB5_ERROR_E_DATA)
|
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2005-10-15 04:49:52 +02:00
|
|
|
libpq_gettext("Kerberos 5 authentication rejected: %*s\n"),
|
2003-11-26 16:55:01 +01:00
|
|
|
(int) err_ret->e_data->length,
|
2002-09-04 22:31:48 +02:00
|
|
|
(const char *) err_ret->e_data->data);
|
2002-02-23 05:17:47 +01:00
|
|
|
#else
|
|
|
|
#error "bogus configuration"
|
|
|
|
#endif
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
2001-03-22 05:01:46 +01:00
|
|
|
else
|
|
|
|
{
|
2000-05-27 06:13:05 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2001-08-17 17:02:18 +02:00
|
|
|
"krb5_sendauth: %s\n", error_message(retval));
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
2001-03-22 05:01:46 +01:00
|
|
|
|
2000-05-27 06:13:05 +02:00
|
|
|
if (err_ret)
|
2006-03-06 18:59:30 +01:00
|
|
|
krb5_free_error(info.pg_krb5_context, err_ret);
|
2001-03-22 05:01:46 +01:00
|
|
|
|
2000-05-27 06:13:05 +02:00
|
|
|
ret = STATUS_ERROR;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
2000-05-27 06:13:05 +02:00
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
krb5_free_principal(info.pg_krb5_context, server);
|
2001-03-22 05:01:46 +01:00
|
|
|
|
2005-03-25 01:34:31 +01:00
|
|
|
if (!pg_set_noblock(sock))
|
2001-03-22 05:01:46 +01:00
|
|
|
{
|
2003-08-04 02:43:34 +02:00
|
|
|
char sebuf[256];
|
2003-06-14 19:49:54 +02:00
|
|
|
|
2000-05-27 06:13:05 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2005-10-15 04:49:52 +02:00
|
|
|
libpq_gettext("could not restore non-blocking mode on socket: %s\n"),
|
2003-06-14 19:49:54 +02:00
|
|
|
pqStrerror(errno, sebuf, sizeof(sebuf)));
|
2000-05-27 06:13:05 +02:00
|
|
|
ret = STATUS_ERROR;
|
|
|
|
}
|
2006-03-06 18:59:30 +01:00
|
|
|
pg_krb5_destroy(&info);
|
2000-05-27 06:13:05 +02:00
|
|
|
|
|
|
|
return ret;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
2001-11-05 18:46:40 +01:00
|
|
|
#endif /* KRB5 */
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2005-10-17 18:24:20 +02:00
|
|
|
|
2003-12-20 19:24:52 +01:00
|
|
|
/*
|
|
|
|
* Respond to AUTH_REQ_SCM_CREDS challenge.
|
|
|
|
*
|
2003-12-20 19:45:49 +01:00
|
|
|
* Note: current backends will not use this challenge if HAVE_GETPEEREID
|
|
|
|
* or SO_PEERCRED is defined, but pre-7.4 backends might, so compile the
|
|
|
|
* code anyway.
|
2003-12-20 19:24:52 +01:00
|
|
|
*/
|
2001-08-21 02:33:28 +02:00
|
|
|
static int
|
|
|
|
pg_local_sendauth(char *PQerrormsg, PGconn *conn)
|
|
|
|
{
|
2003-12-20 19:45:49 +01:00
|
|
|
#if defined(HAVE_STRUCT_CMSGCRED) || defined(HAVE_STRUCT_FCRED) || \
|
|
|
|
(defined(HAVE_STRUCT_SOCKCRED) && defined(LOCAL_CREDS))
|
2001-10-25 07:50:21 +02:00
|
|
|
char buf;
|
2001-08-21 02:33:28 +02:00
|
|
|
struct iovec iov;
|
|
|
|
struct msghdr msg;
|
2001-10-25 07:50:21 +02:00
|
|
|
|
2001-09-07 21:52:54 +02:00
|
|
|
#ifdef HAVE_STRUCT_CMSGCRED
|
2001-08-21 02:33:28 +02:00
|
|
|
/* Prevent padding */
|
2001-10-25 07:50:21 +02:00
|
|
|
char cmsgmem[sizeof(struct cmsghdr) + sizeof(struct cmsgcred)];
|
|
|
|
|
2001-08-21 02:33:28 +02:00
|
|
|
/* Point to start of first structure */
|
2001-10-25 07:50:21 +02:00
|
|
|
struct cmsghdr *cmsg = (struct cmsghdr *) cmsgmem;
|
2001-08-21 02:33:28 +02:00
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* The backend doesn't care what we send here, but it wants exactly one
|
|
|
|
* character to force recvmsg() to block and wait for us.
|
2001-08-21 02:33:28 +02:00
|
|
|
*/
|
|
|
|
buf = '\0';
|
|
|
|
iov.iov_base = &buf;
|
|
|
|
iov.iov_len = 1;
|
|
|
|
|
|
|
|
memset(&msg, 0, sizeof(msg));
|
|
|
|
msg.msg_iov = &iov;
|
|
|
|
msg.msg_iovlen = 1;
|
|
|
|
|
2001-09-07 21:52:54 +02:00
|
|
|
#ifdef HAVE_STRUCT_CMSGCRED
|
2001-08-21 02:33:28 +02:00
|
|
|
/* Create control header, FreeBSD */
|
|
|
|
msg.msg_control = cmsg;
|
|
|
|
msg.msg_controllen = sizeof(cmsgmem);
|
|
|
|
memset(cmsg, 0, sizeof(cmsgmem));
|
2001-08-21 17:49:17 +02:00
|
|
|
cmsg->cmsg_len = sizeof(cmsgmem);
|
|
|
|
cmsg->cmsg_level = SOL_SOCKET;
|
|
|
|
cmsg->cmsg_type = SCM_CREDS;
|
2001-08-21 02:33:28 +02:00
|
|
|
#endif
|
|
|
|
|
|
|
|
if (sendmsg(conn->sock, &msg, 0) == -1)
|
|
|
|
{
|
2003-08-04 02:43:34 +02:00
|
|
|
char sebuf[256];
|
2003-06-14 19:49:54 +02:00
|
|
|
|
2001-08-21 02:33:28 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2003-08-04 02:43:34 +02:00
|
|
|
"pg_local_sendauth: sendmsg: %s\n",
|
|
|
|
pqStrerror(errno, sebuf, sizeof(sebuf)));
|
2001-08-21 02:33:28 +02:00
|
|
|
return STATUS_ERROR;
|
|
|
|
}
|
|
|
|
return STATUS_OK;
|
2001-09-26 21:54:12 +02:00
|
|
|
#else
|
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2005-10-15 04:49:52 +02:00
|
|
|
libpq_gettext("SCM_CRED authentication method not supported\n"));
|
2001-09-26 21:54:12 +02:00
|
|
|
return STATUS_ERROR;
|
2001-08-21 02:33:28 +02:00
|
|
|
#endif
|
2001-09-26 21:54:12 +02:00
|
|
|
}
|
2001-08-21 02:33:28 +02:00
|
|
|
|
1997-03-12 22:23:16 +01:00
|
|
|
static int
|
1998-01-26 02:42:53 +01:00
|
|
|
pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
|
1997-03-12 22:23:16 +01:00
|
|
|
{
|
2001-10-25 07:50:21 +02:00
|
|
|
int ret;
|
|
|
|
char *crypt_pwd;
|
2001-08-15 20:42:16 +02:00
|
|
|
|
1998-01-26 02:42:53 +01:00
|
|
|
/* Encrypt the password if needed. */
|
1997-03-12 22:23:16 +01:00
|
|
|
|
2001-08-15 20:42:16 +02:00
|
|
|
switch (areq)
|
|
|
|
{
|
2001-08-17 17:40:07 +02:00
|
|
|
case AUTH_REQ_MD5:
|
|
|
|
{
|
2001-10-25 07:50:21 +02:00
|
|
|
char *crypt_pwd2;
|
|
|
|
|
2005-06-30 03:59:20 +02:00
|
|
|
/* Allocate enough space for two MD5 hashes */
|
|
|
|
crypt_pwd = malloc(2 * (MD5_PASSWD_LEN + 1));
|
|
|
|
if (!crypt_pwd)
|
2001-10-25 07:50:21 +02:00
|
|
|
{
|
2004-11-09 16:57:57 +01:00
|
|
|
fprintf(stderr, libpq_gettext("out of memory\n"));
|
2001-10-25 07:50:21 +02:00
|
|
|
return STATUS_ERROR;
|
|
|
|
}
|
2005-06-30 03:59:20 +02:00
|
|
|
|
|
|
|
crypt_pwd2 = crypt_pwd + MD5_PASSWD_LEN + 1;
|
2005-10-17 18:24:20 +02:00
|
|
|
if (!pg_md5_encrypt(password, conn->pguser,
|
|
|
|
strlen(conn->pguser), crypt_pwd2))
|
2001-10-25 07:50:21 +02:00
|
|
|
{
|
|
|
|
free(crypt_pwd);
|
|
|
|
return STATUS_ERROR;
|
|
|
|
}
|
2005-10-17 18:24:20 +02:00
|
|
|
if (!pg_md5_encrypt(crypt_pwd2 + strlen("md5"), conn->md5Salt,
|
|
|
|
sizeof(conn->md5Salt), crypt_pwd))
|
2001-10-25 07:50:21 +02:00
|
|
|
{
|
|
|
|
free(crypt_pwd);
|
|
|
|
return STATUS_ERROR;
|
|
|
|
}
|
|
|
|
break;
|
2001-08-17 17:40:07 +02:00
|
|
|
}
|
2001-08-15 20:42:16 +02:00
|
|
|
case AUTH_REQ_CRYPT:
|
2001-10-25 07:50:21 +02:00
|
|
|
{
|
|
|
|
char salt[3];
|
2001-08-17 05:09:31 +02:00
|
|
|
|
2007-02-10 15:58:55 +01:00
|
|
|
strlcpy(salt, conn->cryptSalt, sizeof(salt));
|
2001-10-25 07:50:21 +02:00
|
|
|
crypt_pwd = crypt(password, salt);
|
|
|
|
break;
|
|
|
|
}
|
2001-08-21 02:33:28 +02:00
|
|
|
case AUTH_REQ_PASSWORD:
|
2001-08-15 20:42:16 +02:00
|
|
|
/* discard const so we can assign it */
|
2001-10-25 07:50:21 +02:00
|
|
|
crypt_pwd = (char *) password;
|
2001-08-15 20:42:16 +02:00
|
|
|
break;
|
2001-08-21 02:33:28 +02:00
|
|
|
default:
|
|
|
|
return STATUS_ERROR;
|
2001-08-15 20:42:16 +02:00
|
|
|
}
|
2003-06-08 19:43:00 +02:00
|
|
|
/* Packet has a message type as of protocol 3.0 */
|
|
|
|
if (PG_PROTOCOL_MAJOR(conn->pversion) >= 3)
|
|
|
|
ret = pqPacketSend(conn, 'p', crypt_pwd, strlen(crypt_pwd) + 1);
|
|
|
|
else
|
|
|
|
ret = pqPacketSend(conn, 0, crypt_pwd, strlen(crypt_pwd) + 1);
|
2001-08-15 20:42:16 +02:00
|
|
|
if (areq == AUTH_REQ_MD5)
|
|
|
|
free(crypt_pwd);
|
|
|
|
return ret;
|
1997-03-12 22:23:16 +01:00
|
|
|
}
|
1996-07-09 08:22:35 +02:00
|
|
|
|
|
|
|
/*
|
2005-10-17 18:24:20 +02:00
|
|
|
* pg_fe_sendauth
|
|
|
|
* client demux routine for outgoing authentication information
|
1996-07-09 08:22:35 +02:00
|
|
|
*/
|
|
|
|
int
|
2005-10-17 18:24:20 +02:00
|
|
|
pg_fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
|
|
|
|
const char *password, char *PQerrormsg)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2005-06-27 04:04:26 +02:00
|
|
|
#ifndef KRB5
|
2000-04-12 19:17:23 +02:00
|
|
|
(void) hostname; /* not used */
|
2000-02-08 00:10:11 +01:00
|
|
|
#endif
|
|
|
|
|
1998-01-26 02:42:53 +01:00
|
|
|
switch (areq)
|
1997-09-07 07:04:48 +02:00
|
|
|
{
|
2000-04-12 19:17:23 +02:00
|
|
|
case AUTH_REQ_OK:
|
1998-02-26 05:46:47 +01:00
|
|
|
break;
|
1998-01-26 02:42:53 +01:00
|
|
|
|
1998-02-26 05:46:47 +01:00
|
|
|
case AUTH_REQ_KRB4:
|
2001-07-15 15:45:04 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2005-10-15 04:49:52 +02:00
|
|
|
libpq_gettext("Kerberos 4 authentication not supported\n"));
|
1998-09-01 05:29:17 +02:00
|
|
|
return STATUS_ERROR;
|
1998-01-26 02:42:53 +01:00
|
|
|
|
1998-02-26 05:46:47 +01:00
|
|
|
case AUTH_REQ_KRB5:
|
1996-07-09 08:22:35 +02:00
|
|
|
#ifdef KRB5
|
2004-03-24 04:45:00 +01:00
|
|
|
pglock_thread();
|
2003-06-25 03:19:47 +02:00
|
|
|
if (pg_krb5_sendauth(PQerrormsg, conn->sock,
|
2005-06-04 22:42:43 +02:00
|
|
|
hostname, conn->krbsrvname) != STATUS_OK)
|
1997-09-08 04:41:22 +02:00
|
|
|
{
|
2005-03-25 01:34:31 +01:00
|
|
|
/* PQerrormsg already filled in */
|
2004-03-24 04:45:00 +01:00
|
|
|
pgunlock_thread();
|
1998-09-01 05:29:17 +02:00
|
|
|
return STATUS_ERROR;
|
1997-09-08 04:41:22 +02:00
|
|
|
}
|
2004-03-24 04:45:00 +01:00
|
|
|
pgunlock_thread();
|
1997-09-08 04:41:22 +02:00
|
|
|
break;
|
1998-01-26 02:42:53 +01:00
|
|
|
#else
|
2001-07-15 15:45:04 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2005-10-15 04:49:52 +02:00
|
|
|
libpq_gettext("Kerberos 5 authentication not supported\n"));
|
1998-09-01 05:29:17 +02:00
|
|
|
return STATUS_ERROR;
|
1996-07-09 08:22:35 +02:00
|
|
|
#endif
|
1998-01-26 02:42:53 +01:00
|
|
|
|
2001-08-15 20:42:16 +02:00
|
|
|
case AUTH_REQ_MD5:
|
2001-08-17 17:40:07 +02:00
|
|
|
case AUTH_REQ_CRYPT:
|
|
|
|
case AUTH_REQ_PASSWORD:
|
1998-07-09 05:32:10 +02:00
|
|
|
if (password == NULL || *password == '\0')
|
|
|
|
{
|
2002-09-02 08:11:43 +02:00
|
|
|
(void) snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2004-10-16 05:10:17 +02:00
|
|
|
PQnoPasswordSupplied);
|
1998-09-01 05:29:17 +02:00
|
|
|
return STATUS_ERROR;
|
1998-07-09 05:32:10 +02:00
|
|
|
}
|
1998-02-26 05:46:47 +01:00
|
|
|
if (pg_password_sendauth(conn, password, areq) != STATUS_OK)
|
|
|
|
{
|
2002-09-02 08:11:43 +02:00
|
|
|
(void) snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2005-10-15 04:49:52 +02:00
|
|
|
"fe_sendauth: error sending password authentication\n");
|
1998-09-01 05:29:17 +02:00
|
|
|
return STATUS_ERROR;
|
1998-02-26 05:46:47 +01:00
|
|
|
}
|
|
|
|
break;
|
2001-08-21 02:33:28 +02:00
|
|
|
|
|
|
|
case AUTH_REQ_SCM_CREDS:
|
|
|
|
if (pg_local_sendauth(PQerrormsg, conn) != STATUS_OK)
|
|
|
|
return STATUS_ERROR;
|
|
|
|
break;
|
|
|
|
|
1998-02-26 05:46:47 +01:00
|
|
|
default:
|
2001-07-15 15:45:04 +02:00
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2005-10-15 04:49:52 +02:00
|
|
|
libpq_gettext("authentication method %u not supported\n"), areq);
|
1998-09-01 05:29:17 +02:00
|
|
|
return STATUS_ERROR;
|
1998-02-26 05:46:47 +01:00
|
|
|
}
|
1998-01-26 02:42:53 +01:00
|
|
|
|
1998-09-01 05:29:17 +02:00
|
|
|
return STATUS_OK;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
2005-10-17 18:24:20 +02:00
|
|
|
* pg_fe_getauthname -- returns a pointer to dynamic space containing whatever
|
1997-09-07 07:04:48 +02:00
|
|
|
* name the user has authenticated to the system
|
2005-10-17 18:24:20 +02:00
|
|
|
*
|
|
|
|
* if there is an error, return NULL with an error message in PQerrormsg
|
1996-07-09 08:22:35 +02:00
|
|
|
*/
|
1998-02-26 05:46:47 +01:00
|
|
|
char *
|
2005-10-17 18:24:20 +02:00
|
|
|
pg_fe_getauthname(char *PQerrormsg)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2006-03-06 18:59:30 +01:00
|
|
|
#ifdef KRB5
|
2006-10-04 02:30:14 +02:00
|
|
|
char *krb5_name = NULL;
|
2006-03-06 18:59:30 +01:00
|
|
|
#endif
|
2004-01-07 19:56:30 +01:00
|
|
|
const char *name = NULL;
|
2005-01-05 00:18:25 +01:00
|
|
|
char *authn;
|
2005-10-15 04:49:52 +02:00
|
|
|
|
2005-01-05 00:18:25 +01:00
|
|
|
#ifdef WIN32
|
|
|
|
char username[128];
|
|
|
|
DWORD namesize = sizeof(username) - 1;
|
|
|
|
#else
|
|
|
|
char pwdbuf[BUFSIZ];
|
|
|
|
struct passwd pwdstr;
|
|
|
|
struct passwd *pw = NULL;
|
|
|
|
#endif
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2005-10-24 17:38:37 +02:00
|
|
|
/*
|
2005-11-22 19:17:34 +01:00
|
|
|
* pglock_thread() really only needs to be called around
|
|
|
|
* pg_krb5_authname(), but some users are using configure
|
|
|
|
* --enable-thread-safety-force, so we might as well do the locking within
|
|
|
|
* our library to protect pqGetpwuid(). In fact, application developers
|
|
|
|
* can use getpwuid() in their application if they use the locking call we
|
|
|
|
* provide, or install their own locking function using
|
|
|
|
* PQregisterThreadLock().
|
2005-10-24 17:38:37 +02:00
|
|
|
*/
|
2004-03-24 04:45:00 +01:00
|
|
|
pglock_thread();
|
2005-01-05 00:18:25 +01:00
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
#ifdef KRB5
|
2006-10-04 02:30:14 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* pg_krb5_authname gives us a strdup'd value that we need to free later,
|
|
|
|
* however, we don't want to free 'name' directly in case it's *not* a
|
|
|
|
* Kerberos login and we fall through to name = pw->pw_name;
|
|
|
|
*/
|
2006-03-06 18:59:30 +01:00
|
|
|
krb5_name = pg_krb5_authname(PQerrormsg);
|
|
|
|
name = krb5_name;
|
1996-07-09 08:22:35 +02:00
|
|
|
#endif
|
2000-08-25 12:00:35 +02:00
|
|
|
|
2005-10-17 18:24:20 +02:00
|
|
|
if (!name)
|
2000-08-25 12:00:35 +02:00
|
|
|
{
|
1998-07-03 06:24:16 +02:00
|
|
|
#ifdef WIN32
|
2002-07-20 07:43:31 +02:00
|
|
|
if (GetUserName(username, &namesize))
|
2000-08-25 12:00:35 +02:00
|
|
|
name = username;
|
1998-07-03 06:24:16 +02:00
|
|
|
#else
|
2005-01-05 00:18:25 +01:00
|
|
|
if (pqGetpwuid(geteuid(), &pwdstr, pwdbuf, sizeof(pwdbuf), &pw) == 0)
|
2003-08-04 02:43:34 +02:00
|
|
|
name = pw->pw_name;
|
1998-07-03 06:24:16 +02:00
|
|
|
#endif
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
2005-01-05 00:18:25 +01:00
|
|
|
authn = name ? strdup(name) : NULL;
|
|
|
|
|
2006-03-06 18:59:30 +01:00
|
|
|
#ifdef KRB5
|
|
|
|
/* Free the strdup'd string from pg_krb5_authname, if we got one */
|
|
|
|
if (krb5_name)
|
|
|
|
free(krb5_name);
|
|
|
|
#endif
|
|
|
|
|
2004-03-24 04:45:00 +01:00
|
|
|
pgunlock_thread();
|
2005-01-05 00:18:25 +01:00
|
|
|
|
1998-09-01 05:29:17 +02:00
|
|
|
return authn;
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
2005-12-23 02:16:38 +01:00
|
|
|
|
|
|
|
|
|
|
|
/*
|
2005-12-26 15:58:06 +01:00
|
|
|
* PQencryptPassword -- exported routine to encrypt a password
|
2005-12-23 02:16:38 +01:00
|
|
|
*
|
|
|
|
* This is intended to be used by client applications that wish to send
|
|
|
|
* commands like ALTER USER joe PASSWORD 'pwd'. The password need not
|
2006-10-04 02:30:14 +02:00
|
|
|
* be sent in cleartext if it is encrypted on the client side. This is
|
2005-12-23 02:16:38 +01:00
|
|
|
* good because it ensures the cleartext password won't end up in logs,
|
|
|
|
* pg_stat displays, etc. We export the function so that clients won't
|
|
|
|
* be dependent on low-level details like whether the enceyption is MD5
|
|
|
|
* or something else.
|
|
|
|
*
|
|
|
|
* Arguments are the cleartext password, and the SQL name of the user it
|
|
|
|
* is for.
|
|
|
|
*
|
|
|
|
* Return value is a malloc'd string, or NULL if out-of-memory. The client
|
2005-12-26 15:58:06 +01:00
|
|
|
* may assume the string doesn't contain any special characters that would
|
2005-12-23 02:16:38 +01:00
|
|
|
* require escaping.
|
|
|
|
*/
|
|
|
|
char *
|
2005-12-26 15:58:06 +01:00
|
|
|
PQencryptPassword(const char *passwd, const char *user)
|
2005-12-23 02:16:38 +01:00
|
|
|
{
|
|
|
|
char *crypt_pwd;
|
|
|
|
|
|
|
|
crypt_pwd = malloc(MD5_PASSWD_LEN + 1);
|
|
|
|
if (!crypt_pwd)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
if (!pg_md5_encrypt(passwd, user, strlen(user), crypt_pwd))
|
|
|
|
{
|
|
|
|
free(crypt_pwd);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return crypt_pwd;
|
|
|
|
}
|