mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-10-06 20:56:49 +02:00
ea0382e370
do CancelBackup at a sane place, fix some oversights in the state transitions, allow only superusers to connect while we are waiting for backup mode to end.
188 lines
5.1 KiB
C
188 lines
5.1 KiB
C
/*-------------------------------------------------------------------------
|
|
*
|
|
* libpq_be.h
|
|
* This file contains definitions for structures and externs used
|
|
* by the postmaster during client authentication.
|
|
*
|
|
* Note that this is backend-internal and is NOT exported to clients.
|
|
* Structs that need to be client-visible are in pqcomm.h.
|
|
*
|
|
*
|
|
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
|
*
|
|
* $PostgreSQL: pgsql/src/include/libpq/libpq-be.h,v 1.66 2008/04/26 22:47:40 tgl Exp $
|
|
*
|
|
*-------------------------------------------------------------------------
|
|
*/
|
|
#ifndef LIBPQ_BE_H
|
|
#define LIBPQ_BE_H
|
|
|
|
#ifdef HAVE_SYS_TIME_H
|
|
#include <sys/time.h>
|
|
#endif
|
|
#ifdef USE_SSL
|
|
#include <openssl/ssl.h>
|
|
#include <openssl/err.h>
|
|
#endif
|
|
#ifdef HAVE_NETINET_TCP_H
|
|
#include <netinet/tcp.h>
|
|
#endif
|
|
|
|
#ifdef ENABLE_GSS
|
|
#if defined(HAVE_GSSAPI_H)
|
|
#include <gssapi.h>
|
|
#else
|
|
#include <gssapi/gssapi.h>
|
|
#endif /* HAVE_GSSAPI_H */
|
|
/*
|
|
* GSSAPI brings in headers that set a lot of things in the global namespace on win32,
|
|
* that doesn't match the msvc build. It gives a bunch of compiler warnings that we ignore,
|
|
* but also defines a symbol that simply does not exist. Undefine it again.
|
|
*/
|
|
#ifdef WIN32_ONLY_COMPILER
|
|
#undef HAVE_GETADDRINFO
|
|
#endif
|
|
#endif /* ENABLE_GSS */
|
|
|
|
#ifdef ENABLE_SSPI
|
|
#define SECURITY_WIN32
|
|
#include <security.h>
|
|
#undef SECURITY_WIN32
|
|
|
|
#ifndef ENABLE_GSS
|
|
/*
|
|
* Define a fake structure compatible with GSSAPI on Unix.
|
|
*/
|
|
typedef struct
|
|
{
|
|
void *value;
|
|
int length;
|
|
} gss_buffer_desc;
|
|
#endif
|
|
#endif /* ENABLE_SSPI */
|
|
|
|
#include "libpq/hba.h"
|
|
#include "libpq/pqcomm.h"
|
|
#include "utils/timestamp.h"
|
|
|
|
|
|
typedef enum CAC_state
|
|
{
|
|
CAC_OK, CAC_STARTUP, CAC_SHUTDOWN, CAC_RECOVERY, CAC_TOOMANY,
|
|
CAC_WAITBACKUP
|
|
} CAC_state;
|
|
|
|
|
|
/*
|
|
* GSSAPI specific state information
|
|
*/
|
|
#if defined(ENABLE_GSS) | defined(ENABLE_SSPI)
|
|
typedef struct
|
|
{
|
|
gss_buffer_desc outbuf; /* GSSAPI output token buffer */
|
|
#ifdef ENABLE_GSS
|
|
gss_cred_id_t cred; /* GSSAPI connection cred's */
|
|
gss_ctx_id_t ctx; /* GSSAPI connection context */
|
|
gss_name_t name; /* GSSAPI client name */
|
|
#endif
|
|
} pg_gssinfo;
|
|
#endif
|
|
|
|
/*
|
|
* This is used by the postmaster in its communication with frontends. It
|
|
* contains all state information needed during this communication before the
|
|
* backend is run. The Port structure is kept in malloc'd memory and is
|
|
* still available when a backend is running (see MyProcPort). The data
|
|
* it points to must also be malloc'd, or else palloc'd in TopMemoryContext,
|
|
* so that it survives into PostgresMain execution!
|
|
*/
|
|
|
|
typedef struct Port
|
|
{
|
|
int sock; /* File descriptor */
|
|
ProtocolVersion proto; /* FE/BE protocol version */
|
|
SockAddr laddr; /* local addr (postmaster) */
|
|
SockAddr raddr; /* remote addr (client) */
|
|
char *remote_host; /* name (or ip addr) of remote host */
|
|
char *remote_port; /* text rep of remote port */
|
|
CAC_state canAcceptConnections; /* postmaster connection status */
|
|
|
|
/*
|
|
* Information that needs to be saved from the startup packet and passed
|
|
* into backend execution. "char *" fields are NULL if not set.
|
|
* guc_options points to a List of alternating option names and values.
|
|
*/
|
|
char *database_name;
|
|
char *user_name;
|
|
char *cmdline_options;
|
|
List *guc_options;
|
|
|
|
/*
|
|
* Information that needs to be held during the authentication cycle.
|
|
*/
|
|
UserAuth auth_method;
|
|
char *auth_arg;
|
|
char md5Salt[4]; /* Password salt */
|
|
char cryptSalt[2]; /* Password salt */
|
|
|
|
/*
|
|
* Information that really has no business at all being in struct Port,
|
|
* but since it gets used by elog.c in the same way as database_name and
|
|
* other members of this struct, we may as well keep it here.
|
|
*/
|
|
TimestampTz SessionStartTime; /* backend start time */
|
|
|
|
/*
|
|
* TCP keepalive settings.
|
|
*
|
|
* default values are 0 if AF_UNIX or not yet known; current values are 0
|
|
* if AF_UNIX or using the default. Also, -1 in a default value means we
|
|
* were unable to find out the default (getsockopt failed).
|
|
*/
|
|
int default_keepalives_idle;
|
|
int default_keepalives_interval;
|
|
int default_keepalives_count;
|
|
int keepalives_idle;
|
|
int keepalives_interval;
|
|
int keepalives_count;
|
|
|
|
#if defined(ENABLE_GSS) || defined(ENABLE_SSPI)
|
|
|
|
/*
|
|
* If GSSAPI is supported, store GSSAPI information. Oterwise, store a
|
|
* NULL pointer to make sure offsets in the struct remain the same.
|
|
*/
|
|
pg_gssinfo *gss;
|
|
#else
|
|
void *gss;
|
|
#endif
|
|
|
|
/*
|
|
* SSL structures (keep these last so that USE_SSL doesn't affect
|
|
* locations of other fields)
|
|
*/
|
|
#ifdef USE_SSL
|
|
SSL *ssl;
|
|
X509 *peer;
|
|
char peer_dn[128 + 1];
|
|
char peer_cn[SM_USER + 1];
|
|
unsigned long count;
|
|
#endif
|
|
} Port;
|
|
|
|
|
|
extern ProtocolVersion FrontendProtocol;
|
|
|
|
/* TCP keepalives configuration. These are no-ops on an AF_UNIX socket. */
|
|
|
|
extern int pq_getkeepalivesidle(Port *port);
|
|
extern int pq_getkeepalivesinterval(Port *port);
|
|
extern int pq_getkeepalivescount(Port *port);
|
|
|
|
extern int pq_setkeepalivesidle(int idle, Port *port);
|
|
extern int pq_setkeepalivesinterval(int interval, Port *port);
|
|
extern int pq_setkeepalivescount(int count, Port *port);
|
|
|
|
#endif /* LIBPQ_BE_H */
|