From e1c8743e6ccd262df84fa2d80bf21d72115ac0d6 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Thu, 19 Sep 2019 15:03:23 +0200 Subject: [PATCH] GSSAPI error message improvements Make the error messages around GSSAPI encryption a bit clearer. Tweak some messages to avoid plural problems. Also make a code change for clarity. Using "conf" for "confidential" is quite confusing. Using "conf_state" is perhaps not much better but that's what the GSSAPI documentation uses, so there is at least some hope of understanding it. --- src/backend/libpq/be-secure-gssapi.c | 38 ++++++++++++++----------- src/interfaces/libpq/fe-secure-gssapi.c | 32 ++++++++++++--------- 2 files changed, 39 insertions(+), 31 deletions(-) diff --git a/src/backend/libpq/be-secure-gssapi.c b/src/backend/libpq/be-secure-gssapi.c index 92f39c113a..a0855a9401 100644 --- a/src/backend/libpq/be-secure-gssapi.c +++ b/src/backend/libpq/be-secure-gssapi.c @@ -99,7 +99,7 @@ be_gssapi_write(Port *port, void *ptr, size_t len) minor; gss_buffer_desc input, output; - int conf = 0; + int conf_state = 0; uint32 netlen; pg_gssinfo *gss = port->gss; @@ -172,18 +172,19 @@ be_gssapi_write(Port *port, void *ptr, size_t len) /* Create the next encrypted packet */ major = gss_wrap(&minor, gss->ctx, 1, GSS_C_QOP_DEFAULT, - &input, &conf, &output); + &input, &conf_state, &output); if (major != GSS_S_COMPLETE) pg_GSS_error(FATAL, gettext_noop("GSSAPI wrap error"), major, minor); - if (conf == 0) + if (conf_state == 0) ereport(FATAL, - (errmsg("GSSAPI did not provide confidentiality"))); + (errmsg("outgoing GSSAPI message would not use confidentiality"))); if (output.length > PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32)) ereport(FATAL, - (errmsg("server tried to send oversize GSSAPI packet: %zu bytes", - (size_t) output.length))); + (errmsg("server tried to send oversize GSSAPI packet (%zu > %zu)", + (size_t) output.length, + PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32)))); bytes_encrypted += input.length; bytes_to_encrypt -= input.length; @@ -216,7 +217,7 @@ be_gssapi_read(Port *port, void *ptr, size_t len) ssize_t ret; size_t bytes_to_return = len; size_t bytes_returned = 0; - int conf = 0; + int conf_state = 0; pg_gssinfo *gss = port->gss; /* @@ -299,8 +300,9 @@ be_gssapi_read(Port *port, void *ptr, size_t len) /* Check for over-length packet */ if (input.length > PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32)) ereport(FATAL, - (errmsg("oversize GSSAPI packet sent by the client: %zu bytes", - (size_t) input.length))); + (errmsg("oversize GSSAPI packet sent by the client (%zu > %zu)", + (size_t) input.length, + PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32)))); /* * Read as much of the packet as we are able to on this call into @@ -338,14 +340,14 @@ be_gssapi_read(Port *port, void *ptr, size_t len) output.length = 0; input.value = PqGSSRecvBuffer + sizeof(uint32); - major = gss_unwrap(&minor, gss->ctx, &input, &output, &conf, NULL); + major = gss_unwrap(&minor, gss->ctx, &input, &output, &conf_state, NULL); if (major != GSS_S_COMPLETE) pg_GSS_error(FATAL, gettext_noop("GSSAPI unwrap error"), major, minor); - if (conf == 0) + if (conf_state == 0) ereport(FATAL, - (errmsg("GSSAPI did not provide confidentiality"))); + (errmsg("incoming GSSAPI message did not use confidentiality"))); memcpy(PqGSSResultBuffer, output.value, output.length); @@ -497,8 +499,9 @@ secure_open_gssapi(Port *port) */ if (input.length > PQ_GSS_RECV_BUFFER_SIZE) ereport(FATAL, - (errmsg("oversize GSSAPI packet sent by the client: %zu bytes", - (size_t) input.length))); + (errmsg("oversize GSSAPI packet sent by the client (%zu > %d)", + (size_t) input.length, + PQ_GSS_RECV_BUFFER_SIZE))); /* * Get the rest of the packet so we can pass it to GSSAPI to accept @@ -518,7 +521,7 @@ secure_open_gssapi(Port *port) NULL, NULL); if (GSS_ERROR(major)) { - pg_GSS_error(ERROR, gettext_noop("GSSAPI context error"), + pg_GSS_error(ERROR, gettext_noop("could not accept GSSAPI security context"), major, minor); gss_release_buffer(&minor, &output); return -1; @@ -545,8 +548,9 @@ secure_open_gssapi(Port *port) if (output.length > PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32)) ereport(FATAL, - (errmsg("server tried to send oversize GSSAPI packet: %zu bytes", - (size_t) output.length))); + (errmsg("server tried to send oversize GSSAPI packet (%zu > %zu)", + (size_t) output.length, + PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32)))); memcpy(PqGSSSendBuffer, (char *) &netlen, sizeof(uint32)); PqGSSSendPointer += sizeof(uint32); diff --git a/src/interfaces/libpq/fe-secure-gssapi.c b/src/interfaces/libpq/fe-secure-gssapi.c index 4fdd3887ed..095750db1f 100644 --- a/src/interfaces/libpq/fe-secure-gssapi.c +++ b/src/interfaces/libpq/fe-secure-gssapi.c @@ -87,7 +87,7 @@ pg_GSS_write(PGconn *conn, const void *ptr, size_t len) */ while (bytes_to_encrypt || PqGSSSendPointer) { - int conf = 0; + int conf_state = 0; uint32 netlen; /* @@ -154,24 +154,25 @@ pg_GSS_write(PGconn *conn, const void *ptr, size_t len) /* Create the next encrypted packet */ major = gss_wrap(&minor, conn->gctx, 1, GSS_C_QOP_DEFAULT, - &input, &conf, &output); + &input, &conf_state, &output); if (major != GSS_S_COMPLETE) { pg_GSS_error(libpq_gettext("GSSAPI wrap error"), conn, major, minor); goto cleanup; } - else if (conf == 0) + else if (conf_state == 0) { printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("GSSAPI did not provide confidentiality\n")); + libpq_gettext("outgoing GSSAPI message would not use confidentiality\n")); goto cleanup; } if (output.length > PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32)) { printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("client tried to send oversize GSSAPI packet: %zu bytes\n"), - (size_t) output.length); + libpq_gettext("client tried to send oversize GSSAPI packet (%zu > %zu)\n"), + (size_t) output.length, + PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32)); goto cleanup; } @@ -229,7 +230,7 @@ pg_GSS_read(PGconn *conn, void *ptr, size_t len) */ while (bytes_to_return) { - int conf = 0; + int conf_state = 0; /* Check if we have data in our buffer that we can return immediately */ if (PqGSSResultPointer < PqGSSResultLength) @@ -287,7 +288,9 @@ pg_GSS_read(PGconn *conn, void *ptr, size_t len) if (input.length > PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32)) { printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("GSSAPI did not provide confidentiality\n")); + libpq_gettext("oversize GSSAPI packet sent by the server (%zu > %zu)\n"), + (size_t) input.length, + PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32)); ret = -1; goto cleanup; } @@ -318,7 +321,7 @@ pg_GSS_read(PGconn *conn, void *ptr, size_t len) output.length = 0; input.value = PqGSSRecvBuffer + sizeof(uint32); - major = gss_unwrap(&minor, conn->gctx, &input, &output, &conf, NULL); + major = gss_unwrap(&minor, conn->gctx, &input, &output, &conf_state, NULL); if (major != GSS_S_COMPLETE) { pg_GSS_error(libpq_gettext("GSSAPI unwrap error"), conn, @@ -326,10 +329,10 @@ pg_GSS_read(PGconn *conn, void *ptr, size_t len) ret = -1; goto cleanup; } - else if (conf == 0) + else if (conf_state == 0) { printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("GSSAPI did not provide confidentiality\n")); + libpq_gettext("incoming GSSAPI message did not use confidentiality\n")); ret = -1; goto cleanup; } @@ -491,8 +494,9 @@ pqsecure_open_gss(PGconn *conn) if (input.length > PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32)) { printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("oversize GSSAPI packet sent by the server: %zu bytes\n"), - (size_t) input.length); + libpq_gettext("oversize GSSAPI packet sent by the server (%zu > %zu)\n"), + (size_t) input.length, + PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32)); return PGRES_POLLING_FAILED; } @@ -536,7 +540,7 @@ pqsecure_open_gss(PGconn *conn) if (GSS_ERROR(major)) { - pg_GSS_error(libpq_gettext("GSSAPI context establishment error"), + pg_GSS_error(libpq_gettext("could not initiate GSSAPI security context"), conn, major, minor); return PGRES_POLLING_FAILED; }