open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

From: todd brandys <brandys@eng3.hep.uiuc.edu>

Browse Source 
An extension to the code to allow for a pg_password authentication database
that is *seperate* from the system password file
REL6_4
Marc G. Fournier 28 years ago
parent 333323f304
commit 4c04f7724e
19 changed files with 494 additions and 63 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      src/backend/commands/Makefile
  2. 4
      src/backend/libpq/Makefile
  3. 32
      src/backend/libpq/auth.c
  4. 122
      src/backend/parser/gram.y
  5. 10
      src/backend/parser/keywords.c
  6. 68
      src/backend/postmaster/postmaster.c
  7. 28
      src/backend/tcop/utility.c
  8. 9
      src/bin/initdb/initdb.sh
  9. 11
      src/bin/psql/psqlHelp.h
  10. 16
      src/include/catalog/pg_attribute.h
  11. 4
      src/include/catalog/pg_class.h
  12. 54
      src/include/catalog/pg_user.h
  13. 14
      src/include/libpq/pqcomm.h
  14. 5
      src/include/nodes/nodes.h
  15. 26
      src/include/nodes/parsenodes.h
  16. 3
      src/interfaces/libpq/fe-auth.c
  17. 136
      src/interfaces/libpq/fe-connect.c
  18. 4
      src/interfaces/libpq/fe-connect.h
  19. 7
      src/interfaces/libpq/libpq-fe.h

4
src/backend/commands/Makefile
Unescape View File

@ -4,7 +4,7 @@
# Makefile for commands
#
# IDENTIFICATION
# $Header: /cvsroot/pgsql/src/backend/commands/Makefile,v 1.7 1997/11/24 05:20:49 momjian Exp $
# $Header: /cvsroot/pgsql/src/backend/commands/Makefile,v 1.8 1997/12/04 00:26:44 scrappy Exp $
#
#-------------------------------------------------------------------------
@ -19,7 +19,7 @@ CFLAGS+=$(INCLUDE_OPT)
OBJS = async.o creatinh.o command.o copy.o defind.o define.o \
remove.o rename.o vacuum.o version.o view.o cluster.o \
recipe.o explain.o sequence.o trigger.o proclang.o dbcommands.o
recipe.o explain.o sequence.o trigger.o user.o proclang.o dbcommands.o
all: SUBSYS.o

4
src/backend/libpq/Makefile
Unescape View File

@ -4,7 +4,7 @@
# Makefile for libpq subsystem (backend half of libpq interface)
#
# IDENTIFICATION
# $Header: /cvsroot/pgsql/src/backend/libpq/Makefile,v 1.7 1997/04/04 10:39:19 scrappy Exp $
# $Header: /cvsroot/pgsql/src/backend/libpq/Makefile,v 1.8 1997/12/04 00:26:47 scrappy Exp $
#
#-------------------------------------------------------------------------
@ -24,7 +24,7 @@ LDFLAGS+= $(KRBLIBS)
endif
OBJS = be-dumpdata.o be-fsstubs.o be-pqexec.o pqcomprim.o\
auth.o hba.o pqcomm.o portal.o util.o portalbuf.o pqpacket.o pqsignal.o \
auth.o hba.o crypt.o pqcomm.o portal.o util.o portalbuf.o pqpacket.o pqsignal.o \
password.o
all: SUBSYS.o

32
src/backend/libpq/auth.c
Unescape View File

@ -7,7 +7,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.18 1997/11/17 16:10:06 thomas Exp $
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.19 1997/12/04 00:26:50 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@ -71,6 +71,7 @@
#include <libpq/libpq-be.h>
#include <libpq/hba.h>
#include <libpq/password.h>
#include <libpq/crypt.h>
static int be_getauthsvc(MsgType msgtype);
@ -122,7 +123,8 @@ static struct authsvc authsvcs[] = {
#else
{"kerberos", STARTUP_KRB4_MSG, 1},
#endif
{"password", STARTUP_PASSWORD_MSG, 1}
{"password", STARTUP_PASSWORD_MSG, 1},
{"crypt", STARTUP_CRYPT_MSG, 1}
};
static n_authsvcs = sizeof(authsvcs) / sizeof(struct authsvc);
@ -445,6 +447,28 @@ pg_password_recvauth(Port *port, char *database, char *DataDir)
return verify_password(user, password, port, database, DataDir);
}
static int
crypt_recvauth(Port *port)
{
PacketBuf buf;
char *user,
*password;
if (PacketReceive(port, &buf, BLOCKING) != STATUS_OK)
{
sprintf(PQerrormsg,
"crypt_recvauth: failed to receive authentication packet.\n");
fputs(PQerrormsg, stderr);
pqdebug("%s", PQerrormsg);
return STATUS_ERROR;
}
user = buf.data;
password = buf.data + strlen(user) + 1;
return crypt_verify(port, user, password);
}
/*
* be_recvauth -- server demux routine for incoming authentication information
*/
@ -571,6 +595,10 @@ be_recvauth(MsgType msgtype_arg, Port *port, char *username, StartupInfo *sp)
return (STATUS_ERROR);
}
break;
case STARTUP_CRYPT_MSG:
if (crypt_recvauth(port) != STATUS_OK)
return STATUS_ERROR;
break;
default:
sprintf(PQerrormsg,
"be_recvauth: unrecognized message type: %d\n",

122
src/backend/parser/gram.y
Unescape View File

@ -10,7 +10,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 1.75 1997/12/02 16:09:15 momjian Exp $
* $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 1.76 1997/12/04 00:26:57 scrappy Exp $
*
* HISTORY
* AUTHOR DATE MAJOR EVENT
@ -40,6 +40,7 @@
#include "nodes/print.h"
#include "parser/gramparse.h"
#include "utils/acl.h"
#include "utils/palloc.h"
#include "catalog/catname.h"
#include "utils/elog.h"
#include "access/xact.h"
@ -83,6 +84,7 @@ Oid param_type(int t); /* used in parse_expr.c */
char chr;
char *str;
bool boolean;
bool* pboolean; /* for pg_user privileges */
List *list;
Node *node;
Value *value;
@ -119,10 +121,16 @@ Oid param_type(int t); /* used in parse_expr.c */
RenameStmt, RevokeStmt, RuleStmt, TransactionStmt, ViewStmt, LoadStmt,
CreatedbStmt, DestroydbStmt, VacuumStmt, RetrieveStmt, CursorStmt,
ReplaceStmt, AppendStmt, NotifyStmt, DeleteStmt, ClusterStmt,
ExplainStmt, VariableSetStmt, VariableShowStmt, VariableResetStmt
ExplainStmt, VariableSetStmt, VariableShowStmt, VariableResetStmt,
CreateUserStmt, AlterUserStmt, DropUserStmt
%type <str> opt_database, location
%type <pboolean> user_createdb_clause, user_createuser_clause
%type <str> user_passwd_clause
%type <str> user_valid_clause
%type <list> user_group_list, user_group_clause
%type <node> SubSelect
%type <str> join_expr, join_outer, join_spec
%type <boolean> TriggerActionTime, TriggerForSpec, PLangTrusted
@ -268,6 +276,14 @@ Oid param_type(int t); /* used in parse_expr.c */
SEQUENCE, SETOF, SHOW, STDIN, STDOUT, TRUSTED,
VACUUM, VERBOSE, VERSION
/*
* Tokens for pg_passwd support. The CREATEDB and CREATEUSER tokens should go away
* when some sort of pg_privileges relation is introduced.
*
* Todd A. Brandys
*/
%token USER, PASSWORD, CREATEDB, NOCREATEDB, CREATEUSER, NOCREATEUSER, VALID, UNTIL
/* Special keywords, not in the query language - see the "lex" file */
%token <str> IDENT, SCONST, Op
%token <ival> ICONST, PARAM
@ -318,17 +334,20 @@ stmtmulti: stmtmulti stmt ';'
;
stmt : AddAttrStmt
| AlterUserStmt
| ClosePortalStmt
| CopyStmt
| CreateStmt
| CreateSeqStmt
| CreatePLangStmt
| CreateTrigStmt
| CreateUserStmt
| ClusterStmt
| DefineStmt
| DestroyStmt
| DropPLangStmt
| DropTrigStmt
| DropUserStmt
| ExtendStmt
| ExplainStmt
| FetchStmt
@ -356,6 +375,105 @@ stmt : AddAttrStmt
| VariableResetStmt
;
/*****************************************************************************
*
* Create a new postresql DBMS user
*
*
*****************************************************************************/
CreateUserStmt: CREATE USER Id
user_passwd_clause
user_createdb_clause
user_createuser_clause
user_group_clause
user_valid_clause
{ CreateUserStmt *n = makeNode(CreateUserStmt);
n->user = $3;
n->password = $4;
n->createdb = $5;
n->createuser = $6;
n->groupElts = $7;
n->validUntil = $8;
$$ = (Node *)n;
}
;
/*****************************************************************************
*
* Alter a postresql DBMS user
*
*
*****************************************************************************/
AlterUserStmt: ALTER USER Id
user_passwd_clause
user_createdb_clause
user_createuser_clause
user_group_clause
user_valid_clause
{ AlterUserStmt *n = makeNode(AlterUserStmt);
n->user = $3;
n->password = $4;
n->createdb = $5;
n->createuser = $6;
n->groupElts = $7;
n->validUntil = $8;
$$ = (Node *)n;
}
;
/*****************************************************************************
*
* Drop a postresql DBMS user
*
*
*****************************************************************************/
DropUserStmt: DROP USER Id
{ DropUserStmt *n = makeNode(DropUserStmt);
n->user = $3;
$$ = (Node *)n;
}
;
user_passwd_clause: WITH PASSWORD Id { $$ = $3; }
| /*EMPTY*/ { $$ = NULL; }
;
user_createdb_clause: CREATEDB { bool* b;
$$ = (b = (bool*)palloc(sizeof(bool)));
*b = true;
}
| NOCREATEDB { bool* b;
$$ = (b = (bool*)palloc(sizeof(bool)));
*b = false;
}
| /*EMPTY*/ { $$ = NULL; }
;
user_createuser_clause: CREATEUSER { bool* b;
$$ = (b = (bool*)palloc(sizeof(bool)));
*b = true;
}
| NOCREATEUSER { bool* b;
$$ = (b = (bool*)palloc(sizeof(bool)));
*b = false;
}
| /*EMPTY*/ { $$ = NULL; }
;
user_group_list: user_group_list ',' Id { $$ = lcons((void*)makeString($3), $1); }
| Id { $$ = makeList((void*)makeString($1), NULL); }
;
user_group_clause: IN GROUP user_group_list { $$ = $3; }
| /*EMPTY*/ { $$ = NULL; }
;
user_valid_clause: VALID UNTIL SCONST { $$ = $3; }
| /*EMPTY*/ { $$ = NULL; }
;
/*****************************************************************************
*

10
src/backend/parser/keywords.c
Unescape View File

@ -7,7 +7,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/parser/keywords.c,v 1.26 1997/11/26 01:11:08 momjian Exp $
* $Header: /cvsroot/pgsql/src/backend/parser/keywords.c,v 1.27 1997/12/04 00:27:04 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@ -64,6 +64,8 @@ static ScanKeyword ScanKeywords[] = {
{"constraint", CONSTRAINT},
{"copy", COPY},
{"create", CREATE},
{"createdb", CREATEDB},
{"createuser", CREATEUSER},
{"cross", CROSS},
{"current", CURRENT},
{"current_date", CURRENT_DATE},
@ -133,6 +135,8 @@ static ScanKeyword ScanKeywords[] = {
{"natural", NATURAL},
{"nchar", NCHAR},
{"new", NEW},
{"nocreatedb", NOCREATEDB},
{"nocreateuser", NOCREATEUSER},
{"none", NONE},
{"no", NO},
{"not", NOT},
@ -149,6 +153,7 @@ static ScanKeyword ScanKeywords[] = {
{"order", ORDER},
{"outer", OUTER_P},
{"partial", PARTIAL},
{"password", PASSWORD},
{"position", POSITION},
{"precision", PRECISION},
{"primary", PRIMARY},
@ -188,9 +193,12 @@ static ScanKeyword ScanKeywords[] = {
{"type", TYPE_P},
{"union", UNION},
{"unique", UNIQUE},
{"until", UNTIL},
{"update", UPDATE},
{"user", USER},
{"using", USING},
{"vacuum", VACUUM},
{"valid", VALID},
{"values", VALUES},
{"varchar", VARCHAR},
{"varying", VARYING},

68
src/backend/postmaster/postmaster.c
Unescape View File

@ -10,7 +10,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/postmaster/postmaster.c,v 1.62 1997/11/17 03:47:28 scrappy Exp $
* $Header: /cvsroot/pgsql/src/backend/postmaster/postmaster.c,v 1.63 1997/12/04 00:27:17 scrappy Exp $
*
* NOTES
*
@ -47,6 +47,7 @@
#include <signal.h>
#include <string.h>
#include <stdlib.h>
#include <time.h>
#if !defined(NO_UNISTD_H)
#include <unistd.h>
@ -78,6 +79,7 @@
#include "libpq/auth.h"
#include "libpq/pqcomm.h"
#include "libpq/pqsignal.h"
#include "libpq/crypt.h"
#include "miscadmin.h"
#include "version.h"
#include "lib/dllist.h"
@ -199,6 +201,7 @@ static void usage(const char *);
static int ServerLoop(void);
static int BackendStartup(StartupInfo *packet, Port *port, int *pidPtr);
static void send_error_reply(Port *port, const char *errormsg);
static void RandomSalt(char* salt);
extern char *optarg;
extern int optind,
@ -663,7 +666,27 @@ ServerLoop(void)
switch (status)
{
case STATUS_OK:
{
/* Here is where we check for a USER login packet. If there is one, then
* we must deterine whether the login has a password in pg_user. If so, send
* back a salt to crypt() the password with. Otherwise, send an unsalt packet
* back and read the real startup packet.
*/
if (ntohl(port->buf.msgtype) == STARTUP_USER_MSG) {
PacketLen plen;
port->buf.msgtype = htonl(crypt_salt(port->buf.data));
plen = sizeof(port->buf.len) + sizeof(port->buf.msgtype) + 2;
port->buf.len = htonl(plen);
RandomSalt(port->salt);
memcpy((void*)port->buf.data, (void*)port->salt, 2);
status = PacketSend(port, &port->buf, plen, BLOCKING);
if (status != STATUS_OK)
break;
/* port->nBytes = 0; */
continue;
} else {
int CSstatus; /* Completion status of
* ConnStartup */
char errormsg[200]; /* error msg from
@ -1355,3 +1378,44 @@ dumpstatus(SIGNAL_ARGS)
curr = DLGetSucc(curr);
}
}
/*
* CharRemap
*/
static char
CharRemap(long int ch) {
if (ch < 0)
ch = -ch;
ch = ch % 62;
if (ch < 26)
return ('A' + ch);
ch -= 26;
if (ch < 26)
return ('a' + ch);
ch -= 26;
return ('0' + ch);
}
/*
* RandomSalt
*/
static void
RandomSalt(char* salt) {
static bool initialized = false;
if (!initialized) {
time_t now;
now = time(NULL);
srandom((unsigned int)now);
initialized = true;
}
*salt = CharRemap(random());
*(salt + 1) = CharRemap(random());
}

28
src/backend/tcop/utility.c
Unescape View File

@ -9,7 +9,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.31 1997/11/24 05:32:40 momjian Exp $
* $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.32 1997/12/04 00:27:24 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@ -721,6 +721,32 @@ ProcessUtility(Node * parsetree,
DropProceduralLanguage((DropPLangStmt *) parsetree);
break;
/*
* ******************************** USER statements ****
*
*/
case T_CreateUserStmt:
commandTag = "CREATE USER";
CHECK_IF_ABORTED();
DefineUser((CreateUserStmt*)parsetree);
break;
case T_AlterUserStmt:
commandTag = "ALTER USER";
CHECK_IF_ABORTED();
AlterUser((AlterUserStmt*)parsetree);
break;
case T_DropUserStmt:
commandTag = "DROP USER";
CHECK_IF_ABORTED();
RemoveUser(((DropUserStmt*)parsetree)->user);
break;
/*
* ******************************** default ********************************
*

9
src/bin/initdb/initdb.sh
Unescape View File

@ -26,7 +26,7 @@
#
#
# IDENTIFICATION
# $Header: /cvsroot/pgsql/src/bin/initdb/Attic/initdb.sh,v 1.29 1997/11/16 04:36:14 momjian Exp $
# $Header: /cvsroot/pgsql/src/bin/initdb/Attic/initdb.sh,v 1.30 1997/12/04 00:27:31 scrappy Exp $
#
#-------------------------------------------------------------------------
@ -351,6 +351,13 @@ echo "vacuuming template1"
echo "vacuum" | postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
grep -v "^DEBUG:"
echo "Altering pg_user acl"
echo "REVOKE ALL ON pg_user FROM public" | postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
grep -v "'DEBUG:"
echo "COPY pg_user TO '$PGDATA/pg_pwd' USING DELIMITERS '#'" | postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
grep -v "'DEBUG:"
echo "loading pg_description"
echo "copy pg_description from '$TEMPLATE_DESCR'" | postgres -F -Q -D$PGDATA template1 > /dev/null
echo "copy pg_description from '$GLOBAL_DESCR'" | postgres -F -Q -D$PGDATA template1 > /dev/null

11
src/bin/psql/psqlHelp.h
Unescape View File

@ -5,7 +5,7 @@
*
* Copyright (c) 1994, Regents of the University of California
*
* $Id: psqlHelp.h,v 1.33 1997/11/21 18:11:46 momjian Exp $
* $Id: psqlHelp.h,v 1.34 1997/12/04 00:27:37 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@ -27,6 +27,9 @@ static struct _helpStruct QL_HELP[] = {
{"alter table",
"add/rename attributes, rename tables",
"\talter table <class_name> [*] add column <attr> <type>;\n\talter table <class_name> [*] rename [column] <attr1> to <attr2>;\n\talter table <class_name1> rename to <class_name2>"},
{"alter user",
"alter system information for a user",
"alter user <user_name>\n\t[with password <password>]\n\t[createdb | noccreatedb]\n\t[createuser | nocreateuser]\n\t[in group <group_1>, ..., <group_n>]\n\t[valid until '<abstime>'];"},
{"begin",
"begin a new transaction",
"begin [transaction|work];"},
@ -84,6 +87,9 @@ static struct _helpStruct QL_HELP[] = {
{"create type",
"create a new user-defined base data type",
"create type <typename> (\n\tinternallength = (<number> | variable),\n\t[externallength = (<number>|variable),]\n\tinput=<input_function>, output = <output_function>\n\t[,element = <typename>][,delimiter=<character>][,default=\'<string>\']\n\t[,send = <send_function>][,receive = <receive_function>][,passedbyvalue]);"},
{"create user",
"create a new user",
"create user <user_name>\n\t[with password <password>]\n\t[createdb | nocreatedb]\n\t[createuser | nocreateuser]\n\t[in group <group_1>, ..., <group_n>]\n\t[valid until '<abstime>'];"},
{"create view",
"create a view",
"create view <view_name> as select <expr1>[as <attr1>][,... <exprN>[as <attrN>]] [from <from_list>] [where <qual>];"},
@ -126,6 +132,9 @@ static struct _helpStruct QL_HELP[] = {
{"drop type",
"remove a user-defined base type",
"drop type <typename>;"},
{"drop user",
"remove a user from the system",
"drop user <user_name>;"},
{"drop view",
"remove a view",
"drop view <view_name>"},

16
src/include/catalog/pg_attribute.h
Unescape View File

@ -7,7 +7,7 @@
*
* Copyright (c) 1994, Regents of the University of California
*
* $Id: pg_attribute.h,v 1.20 1997/11/21 18:12:01 momjian Exp $
* $Id: pg_attribute.h,v 1.21 1997/12/04 00:27:47 scrappy Exp $
*
* NOTES
* the genbki.sh script reads this file and generates .bki
@ -275,12 +275,14 @@ DATA(insert OID = 0 ( 1255 cmax 29 0 4 -6 0 -1 t f i f f));
* pg_user
* ----------------
*/
DATA(insert OID = 0 ( 1260 usename 19 0 NAMEDATALEN 1 0 -1 f f i f f));
DATA(insert OID = 0 ( 1260 usesysid 23 0 4 2 0 -1 t f s f f));
DATA(insert OID = 0 ( 1260 usecreatedb 16 0 1 3 0 -1 t f c f f));
DATA(insert OID = 0 ( 1260 usetrace 16 0 1 4 0 -1 t f c f f));
DATA(insert OID = 0 ( 1260 usesuper 16 0 1 5 0 -1 t f c f f));
DATA(insert OID = 0 ( 1260 usecatupd 16 0 1 6 0 -1 t f c f f));
DATA(insert OID = 0 ( 1260 usename 19 0 NAMEDATALEN 1 0 -1 f f i f f));
DATA(insert OID = 0 ( 1260 usesysid 23 0 4 2 0 -1 t f s f f));
DATA(insert OID = 0 ( 1260 usecreatedb 16 0 1 3 0 -1 t f c f f));
DATA(insert OID = 0 ( 1260 usetrace 16 0 1 4 0 -1 t f c f f));
DATA(insert OID = 0 ( 1260 usesuper 16 0 1 5 0 -1 t f c f f));
DATA(insert OID = 0 ( 1260 usecatupd 16 0 1 6 0 -1 t f c f f));
DATA(insert OID = 0 ( 1260 passwd 25 0 -1 7 0 -1 f f i f f));
DATA(insert OID = 0 ( 1260 valuntil 702 0 4 8 0 -1 t f i f f));
DATA(insert OID = 0 ( 1260 ctid 27 0 6 -1 0 -1 f f i f f));
DATA(insert OID = 0 ( 1260 oid 26 0 4 -2 0 -1 t f i f f));
DATA(insert OID = 0 ( 1260 xmin 28 0 4 -3 0 -1 f f i f f));

4
src/include/catalog/pg_class.h
Unescape View File

@ -7,7 +7,7 @@
*
* Copyright (c) 1994, Regents of the University of California
*
* $Id: pg_class.h,v 1.16 1997/11/21 18:12:07 momjian Exp $
* $Id: pg_class.h,v 1.17 1997/12/04 00:27:50 scrappy Exp $
*
* NOTES
* ``pg_relation'' is being replaced by ``pg_class''. currently
@ -125,7 +125,7 @@ DATA(insert OID = 1255 ( pg_proc 81 PGUID 0 0 0 f f r 16 0 0 f _null_ ));
DESCR("");
DATA(insert OID = 1259 ( pg_class 83 PGUID 0 0 0 f f r 18 0 0 f _null_ ));
DESCR("");
DATA(insert OID = 1260 ( pg_user 86 PGUID 0 0 0 f t r 6 0 0 f _null_ ));
DATA(insert OID = 1260 ( pg_user 86 PGUID 0 0 0 f t r 8 0 0 f _null_ ));
DESCR("");
DATA(insert OID = 1261 ( pg_group 87 PGUID 0 0 0 f t s 3 0 0 f _null_ ));
DESCR("");

54
src/include/catalog/pg_user.h
Unescape View File

@ -7,7 +7,7 @@
*
* Copyright (c) 1994, Regents of the University of California
*
* $Id: pg_user.h,v 1.5 1997/09/08 02:35:34 momjian Exp $
* $Id: pg_user.h,v 1.6 1997/12/04 00:27:54 scrappy Exp $
*
* NOTES
* the genbki.sh script reads this file and generates .bki
@ -36,6 +36,8 @@ CATALOG(pg_user) BOOTSTRAP
bool usetrace;
bool usesuper;
bool usecatupd;
text passwd;
int4 valuntil;
} FormData_pg_user;
/* ----------------
@ -49,46 +51,48 @@ typedef FormData_pg_user *Form_pg_user;
* compiler constants for pg_user
* ----------------
*/
#define Natts_pg_user 6
#define Natts_pg_user 8
#define Anum_pg_user_usename 1
#define Anum_pg_user_usesysid 2
#define Anum_pg_user_usecreatedb 3
#define Anum_pg_user_usetrace 4
#define Anum_pg_user_usesuper 5
#define Anum_pg_user_usecatupd 6
#define Anum_pg_user_passwd 7
#define Anum_pg_user_valuntil 8
/* ----------------
* initial contents of pg_user
* ----------------
*/
DATA(insert OID = 0 ( postgres PGUID t t t t ));
DATA(insert OID = 0 ( postgres PGUID t t t t postgres 2116994400 ));
BKI_BEGIN
#ifdef ALLOW_PG_GROUP
BKI_END
DATA(insert OID = 0 ( mike 799 t t t t ));
DATA(insert OID = 0 ( mao 1806 t t t t ));
DATA(insert OID = 0 ( hellers 1089 t t t t ));
DATA(insert OID = 0 ( joey 5209 t t t t ));
DATA(insert OID = 0 ( jolly 5443 t t t t ));
DATA(insert OID = 0 ( sunita 6559 t t t t ));
DATA(insert OID = 0 ( paxson 3029 t t t t ));
DATA(insert OID = 0 ( marc 2435 t t t t ));
DATA(insert OID = 0 ( jiangwu 6124 t t t t ));
DATA(insert OID = 0 ( aoki 2360 t t t t ));
DATA(insert OID = 0 ( avi 31080 t t t t ));
DATA(insert OID = 0 ( kristin 1123 t t t t ));
DATA(insert OID = 0 ( andrew 5229 t t t t ));
DATA(insert OID = 0 ( nobuko 5493 t t t t ));
DATA(insert OID = 0 ( hartzell 6676 t t t t ));
DATA(insert OID = 0 ( devine 6724 t t t t ));
DATA(insert OID = 0 ( boris 6396 t t t t ));
DATA(insert OID = 0 ( sklower 354 t t t t ));
DATA(insert OID = 0 ( marcel 31113 t t t t ));
DATA(insert OID = 0 ( ginger 3692 t t t t ));
DATA(insert OID = 0 ( woodruff 31026 t t t t ));
DATA(insert OID = 0 ( searcher 8261 t t t t ));
DATA(insert OID = 0 ( mike 799 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( mao 1806 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( hellers 1089 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( joey 5209 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( jolly 5443 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( sunita 6559 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( paxson 3029 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( marc 2435 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( jiangwu 6124 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( aoki 2360 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( avi 31080 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( kristin 1123 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( andrew 5229 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( nobuko 5493 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( hartzell 6676 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( devine 6724 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( boris 6396 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( sklower 354 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( marcel 31113 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( ginger 3692 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( woodruff 31026 t t t t _null_ 2116994400 ));
DATA(insert OID = 0 ( searcher 8261 t t t t _null_ 2116994400 ));
BKI_BEGIN
#endif /* ALLOW_PG_GROUP */

14
src/include/libpq/pqcomm.h
Unescape View File

@ -6,7 +6,7 @@
*
* Copyright (c) 1994, Regents of the University of California
*
* $Id: pqcomm.h,v 1.16 1997/11/07 20:52:06 momjian Exp $
* $Id: pqcomm.h,v 1.17 1997/12/04 00:27:56 scrappy Exp $
*
* NOTES
* Some of this should move to libpq.h
@ -59,7 +59,16 @@ typedef enum _MsgType
STARTUP_KRB5_MSG = 11, /* krb5 session follows startup packet */
STARTUP_HBA_MSG = 12, /* use host-based authentication */
STARTUP_UNAUTH_MSG = 13, /* use unauthenticated connection */
STARTUP_PASSWORD_MSG = 14 /* use plaintext password authentication */
STARTUP_PASSWORD_MSG = 14, /* use plaintext password authentication */
/* The following three are not really a named authentication method
* since the front end has no choice in choosing the method. The
* backend sends the SALT/UNSALT messages back to the frontend after
* the USER login has been given to the backend.
*/
STARTUP_CRYPT_MSG = 15, /* use crypt()'ed password authentication */
STARTUP_USER_MSG = 16, /* send user name to check pg_user for password */
STARTUP_SALT_MSG = 17, /* frontend should crypt the password it sends */
STARTUP_UNSALT_MSG = 18 /* frontend should NOT crypt the password it sends */
/* insert new values here -- DO NOT REORDER OR DELETE ENTRIES */
/* also change LAST_AUTHENTICATION_TYPE below and add to the */
/* authentication_type_name[] array in pqcomm.c */
@ -119,6 +128,7 @@ typedef struct Port
* PacketBufId id;
*//* id of packet buf currently in use */
PacketBuf buf; /* stream implementation (curr pack buf) */
char salt[2];
} Port;
/* invalid socket descriptor */

5
src/include/nodes/nodes.h
Unescape View File

@ -6,7 +6,7 @@
*
* Copyright (c) 1994, Regents of the University of California
*
* $Id: nodes.h,v 1.17 1997/11/21 18:12:25 momjian Exp $
* $Id: nodes.h,v 1.18 1997/12/04 00:28:01 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@ -186,6 +186,9 @@ typedef enum NodeTag
T_DropTrigStmt,
T_CreatePLangStmt,
T_DropPLangStmt,
T_CreateUserStmt,
T_AlterUserStmt,
T_DropUserStmt,
T_A_Expr = 700,
T_Attr,

26
src/include/nodes/parsenodes.h
Unescape View File

@ -6,7 +6,7 @@
*
* Copyright (c) 1994, Regents of the University of California
*
* $Id: parsenodes.h,v 1.35 1997/11/24 05:09:50 momjian Exp $
* $Id: parsenodes.h,v 1.36 1997/12/04 00:28:03 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@ -197,6 +197,30 @@ typedef struct DropPLangStmt
} DropPLangStmt;
/* ----------------------
* Create/Alter/Drop User Statements
* ----------------------
*/
typedef struct CreateUserStmt
{
NodeTag type;
char* user; /* PostgreSQL user login */
char* password; /* PostgreSQL user password */
bool* createdb; /* Can the user create databases? */
bool* createuser; /* Can this user create users? */
List* groupElts; /* The groups the user is a member of */
char* validUntil; /* The time the login is valid until */
} CreateUserStmt;
typedef CreateUserStmt AlterUserStmt;
typedef struct DropUserStmt
{
NodeTag type;
char* user; /* PostgreSQL user login */
} DropUserStmt;
/* ----------------------
* Create SEQUENCE Statement
* ----------------------

3
src/interfaces/libpq/fe-auth.c
Unescape View File

@ -7,7 +7,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.11 1997/09/08 21:55:32 momjian Exp $
* $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.12 1997/12/04 00:28:08 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@ -511,6 +511,7 @@ fe_sendauth(MsgType msgtype, Port *port, const char *hostname,
case STARTUP_MSG:
break;
case STARTUP_PASSWORD_MSG:
case STARTUP_CRYPT_MSG:
pg_password_sendauth(port, user, password);
default:
break;

136
src/interfaces/libpq/fe-connect.c
Unescape View File

@ -7,7 +7,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.49 1997/12/01 22:02:46 momjian Exp $
* $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.50 1997/12/04 00:28:11 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@ -36,6 +36,9 @@
#ifndef HAVE_STRDUP
#include "strdup.h"
#endif
#ifdef HAVE_CRYPT_H
#include <crypt.h>
#endif
/* use a local version instead of the one found in pqpacket.c */
@ -284,7 +287,7 @@ PQconndefaults(void)
}
/* ----------------
* PQsetdb
* PQsetdbLogin
*
* establishes a connection to a postgres backend through the postmaster
* at the specified host and port.
@ -324,7 +327,7 @@ PQconndefaults(void)
* ----------------
*/
PGconn *
PQsetdb(const char *pghost, const char *pgport, const char *pgoptions, const char *pgtty, const char *dbName)
PQsetdbLogin(const char *pghost, const char *pgport, const char *pgoptions, const char *pgtty, const char *dbName, const char *login, const char *pwd)
{
PGconn *conn;
char *tmp;
@ -386,7 +389,12 @@ PQsetdb(const char *pghost, const char *pgport, const char *pgoptions, const cha
else
conn->pgoptions = strdup(pgoptions);
if ((tmp = getenv("PGUSER")) != NULL)
if (login)
{
error = FALSE;
conn->pguser = strdup(login);
}
else if ((tmp = getenv("PGUSER")) != NULL)
{
error = FALSE;
conn->pguser = strdup(tmp);
@ -407,8 +415,14 @@ PQsetdb(const char *pghost, const char *pgport, const char *pgoptions, const cha
}
}
if ((tmp = getenv("PGPASSWORD")) != NULL)
if (pwd)
{
conn->pgpass = strdup(pwd);
}
else if ((tmp = getenv("PGPASSWORD")) != NULL)
{
conn->pgpass = strdup(tmp);
}
else
conn->pgpass = 0;
@ -479,6 +493,7 @@ connectDB(PGconn *conn)
StartupInfo startup;
PacketBuf pacBuf;
PacketLen pacLen;
int status;
MsgType msgtype;
int laddrlen = sizeof(struct sockaddr);
@ -486,6 +501,8 @@ connectDB(PGconn *conn)
int portno,
family,
len;
bool salted = false;
char* tmp;
/*
* Initialize the startup packet.
@ -592,7 +609,57 @@ connectDB(PGconn *conn)
}
/* by this point, connection has been opened */
msgtype = fe_getauthsvc(conn->errorMessage);
/* This section of code is new as of Nov 19, 1997. It sends just the
* user's login to the backend. This allows the backend to search
* pg_user to see if the user has a password defined. If the user
* does have a password in pg_user, then the backend will send a
* packet back with a randomly generated salt, so the user's password
* can be encrypted.
*/
pacLen = sizeof(pacBuf.len) + sizeof(pacBuf.msgtype) + strlen(startup.user) + 1;
pacBuf.len = htonl(pacLen);
pacBuf.msgtype = htonl(STARTUP_USER_MSG);
strcpy(pacBuf.data, startup.user);
status = packetSend(port, &pacBuf, pacLen, BLOCKING);
if (status == STATUS_ERROR) {
sprintf(conn->errorMessage, "connectDB() -- couldn't send complete packet: errno=%d\n%s\n", errno, strerror(errno));
goto connect_errReturn;
}
/* Check to see if the server sent us a salt back to encrypt the
* password to send for authentication. --TAB
*/
status = packetReceive(port, &pacBuf, BLOCKING);
if (status != STATUS_OK) {
sprintf(conn->errorMessage, "connectDB() -- couldn't receive un/salt packet: errno=%d\n%s\n", errno, strerror(errno));
goto connect_errReturn;
}
pacBuf.msgtype = ntohl(pacBuf.msgtype);
switch (pacBuf.msgtype) {
case STARTUP_SALT_MSG:
salted = true;
if (!conn->pgpass) {
sprintf(conn->errorMessage, "connectDB() -- backend requested a password, but none was given\n");
goto connect_errReturn;
}
tmp = crypt(conn->pgpass, pacBuf.data);
free((void*)conn->pgpass);
conn->pgpass = strdup(tmp);
break;
case STARTUP_UNSALT_MSG:
salted = false;
break;
default:
sprintf(conn->errorMessage, "connectDB() -- backend did not supply a salt packet\n");
goto connect_errReturn;
}
if (salted)
msgtype = STARTUP_CRYPT_MSG;
else
msgtype = fe_getauthsvc(conn->errorMessage);
/* pacBuf = startup2PacketBuf(&startup);*/
startup2PacketBuf(&startup, &pacBuf);
@ -820,6 +887,63 @@ packetSend(Port *port,
return (STATUS_OK);
}
/*
* packetReceive()
*
This is a less stringent PacketReceive(), defined in backend/libpq/pqpacket.c
We define it here to avoid linking in all of libpq.a
* packetReceive -- receive a packet on a port
*
* RETURNS: STATUS_ERROR if the read fails, STATUS_OK otherwise.
* SIDE_EFFECTS: may block.
* NOTES: Non-blocking reads would significantly complicate
* buffer management. For now, we're not going to do it.
*
*/
int
packetReceive(Port *port, PacketBuf *buf, bool nonBlocking) {
PacketLen max_size = sizeof(PacketBuf);
PacketLen cc; /* character count -- recvd */
PacketLen packetLen;
int addrLen = sizeof(struct sockaddr_in);
int hdrLen;
int msgLen;
/* Read the packet length into the PacketBuf
*/
hdrLen = sizeof(PacketLen);
cc = recvfrom(port->sock, (char*)&packetLen, hdrLen, 0, (struct sockaddr*)&port->raddr, &addrLen);
if (cc < 0)
return STATUS_ERROR;
else if (!cc)
return STATUS_INVALID;
else if (cc < hdrLen)
return STATUS_NOT_DONE;
/* convert to local form of integer and check for oversized packet
*/
buf->len = packetLen;
if ((packetLen = ntohl(packetLen)) > max_size) {
port->nBytes = packetLen;
return STATUS_INVALID;
}
/* fetch the rest of the message
*/
msgLen = packetLen - cc;
cc = recvfrom(port->sock, (char*)&buf->msgtype, msgLen, 0, (struct sockaddr*)&port->raddr, &addrLen);
if (cc < 0)
return STATUS_ERROR;
else if (!cc)
return STATUS_INVALID;
else if (cc < msgLen)
return STATUS_NOT_DONE;
return STATUS_OK;
}
/*
* startup2PacketBuf()
*

4
src/interfaces/libpq/fe-connect.h
Unescape View File

@ -6,7 +6,7 @@
*
* Copyright (c) 1994, Regents of the University of California
*
* $Id: fe-connect.h,v 1.4 1997/09/08 21:55:39 momjian Exp $
* $Id: fe-connect.h,v 1.5 1997/12/04 00:28:13 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@ -19,11 +19,13 @@
*/
extern int packetSend(Port *port, PacketBuf *buf, PacketLen len, bool nonBlocking);
extern int packetReceive(Port *port, PacketBuf *buf, bool nonBlocking);
#endif /* FE_CONNECT_H */
#ifndef FE_CONNECT_H
#define FE_CONNECT_H
int packetSend(Port *port, PacketBuf *buf, PacketLen len, bool nonBlocking);
int packetReceive(Port *port, PacketBuf *buf, bool nonBlocking);
#endif

7
src/interfaces/libpq/libpq-fe.h
Unescape View File

@ -6,7 +6,7 @@
*
* Copyright (c) 1994, Regents of the University of California
*
* $Id: libpq-fe.h,v 1.23 1997/09/08 21:55:45 momjian Exp $
* $Id: libpq-fe.h,v 1.24 1997/12/04 00:28:15 scrappy Exp $
*
*-------------------------------------------------------------------------
*/
@ -221,8 +221,9 @@ extern "C"
/* make a new client connection to the backend */
extern PGconn *PQconnectdb(const char *conninfo);
extern PQconninfoOption *PQconndefaults(void);
extern PGconn *PQsetdb(const char *pghost, const char *pgport, const char *pgoptions,
const char *pgtty, const char *dbName);
extern PGconn *PQsetdbLogin(const char *pghost, const char *pgport, const char *pgoptions,
const char *pgtty, const char *dbName, const char *login, const char *pwd);
#define PQsetdb(M_PGHOST,M_PGPORT,M_PGOPT,M_PGTTY,M_DBNAME) PQsetdbLogin(M_PGHOST, M_PGPORT, M_PGOPT, M_PGTTY, M_DBNAME, NULL, NULL)
/* close the current connection and free the PGconn data structure */
extern void PQfinish(PGconn *conn);

Write Preview
Loading…
Cancel
Save