Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit 31013db

Browse files
mhagandermhagander
committed
A bunch of GSSAPI fixes per comments from Tom:
* use elog not ereport for debug * fix debug levels for some output * properly check for memory allocation errors in a couple of missed places
1 parent bf75e2a commit 31013db

File tree

3 files changed

+49
-32
lines changed

3 files changed

+49
-32
lines changed

src/backend/libpq/auth.c

+33-30
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.149 2007/07/10 13:14:20 mha Exp $
11+
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.150 2007/07/11 08:27:33 mha Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -317,18 +317,18 @@ static GSS_DLLIMP gss_OID GSS_C_NT_USER_NAME = &GSS_C_NT_USER_NAME_desc;
317317

318318

319319
static void
320-
pg_GSS_error(int severity, char *text, OM_uint32 maj_stat, OM_uint32 min_stat)
320+
pg_GSS_error(int severity, char *errmsg, OM_uint32 maj_stat, OM_uint32 min_stat)
321321
{
322322
gss_buffer_desc gmsg;
323323
OM_uint32 lmaj_s, lmin_s, msg_ctx;
324-
char localmsg1[128],
325-
localmsg2[128];
324+
char msg_major[128],
325+
msg_minor[128];
326326

327327
/* Fetch major status message */
328328
msg_ctx = 0;
329329
lmaj_s = gss_display_status(&lmin_s, maj_stat, GSS_C_GSS_CODE,
330330
GSS_C_NO_OID, &msg_ctx, &gmsg);
331-
strlcpy(localmsg1, gmsg.value, sizeof(localmsg1));
331+
strlcpy(msg_major, gmsg.value, sizeof(msg_major));
332332
gss_release_buffer(&lmin_s, &gmsg);
333333

334334
if (msg_ctx)
@@ -343,7 +343,7 @@ pg_GSS_error(int severity, char *text, OM_uint32 maj_stat, OM_uint32 min_stat)
343343
msg_ctx = 0;
344344
lmaj_s = gss_display_status(&lmin_s, min_stat, GSS_C_MECH_CODE,
345345
GSS_C_NO_OID, &msg_ctx, &gmsg);
346-
strlcpy(localmsg2, gmsg.value, sizeof(localmsg2));
346+
strlcpy(msg_minor, gmsg.value, sizeof(msg_minor));
347347
gss_release_buffer(&lmin_s, &gmsg);
348348

349349
if (msg_ctx)
@@ -353,7 +353,8 @@ pg_GSS_error(int severity, char *text, OM_uint32 maj_stat, OM_uint32 min_stat)
353353
/* errmsg_internal, since translation of the first part must be
354354
* done before calling this function anyway. */
355355
ereport(severity,
356-
(errmsg_internal("%s:%s\n%s", text, localmsg1, localmsg2)));
356+
(errmsg_internal("%s", errmsg),
357+
errdetail("%s: %s", msg_major, msg_minor)));
357358
}
358359

359360
static int
@@ -430,9 +431,8 @@ pg_GSS_recvauth(Port *port)
430431
gbuf.length = buf.len;
431432
gbuf.value = buf.data;
432433

433-
ereport(DEBUG4,
434-
(errmsg_internal("Processing received GSS token of length: %u",
435-
gbuf.length)));
434+
elog(DEBUG4, "Processing received GSS token of length %u",
435+
gbuf.length);
436436

437437
maj_stat = gss_accept_sec_context(
438438
&min_stat,
@@ -450,20 +450,19 @@ pg_GSS_recvauth(Port *port)
450450
/* gbuf no longer used */
451451
pfree(buf.data);
452452

453-
ereport(DEBUG5,
454-
(errmsg_internal("gss_accept_sec_context major: %i, "
455-
"minor: %i, outlen: %u, outflags: %x",
456-
maj_stat, min_stat,
457-
port->gss->outbuf.length, gflags)));
453+
elog(DEBUG5, "gss_accept_sec_context major: %i, "
454+
"minor: %i, outlen: %u, outflags: %x",
455+
maj_stat, min_stat,
456+
port->gss->outbuf.length, gflags);
458457

459458
if (port->gss->outbuf.length != 0)
460459
{
461460
/*
462461
* Negotiation generated data to be sent to the client.
463462
*/
464-
ereport(DEBUG4,
465-
(errmsg_internal("sending GSS response token of length %u",
466-
port->gss->outbuf.length)));
463+
elog(DEBUG4, "sending GSS response token of length %u",
464+
port->gss->outbuf.length);
465+
467466
sendAuthRequest(port, AUTH_REQ_GSS_CONT);
468467
}
469468

@@ -477,8 +476,7 @@ pg_GSS_recvauth(Port *port)
477476
}
478477

479478
if (maj_stat == GSS_S_CONTINUE_NEEDED)
480-
ereport(DEBUG4,
481-
(errmsg_internal("GSS continue needed")));
479+
elog(DEBUG4, "GSS continue needed");
482480

483481
} while (maj_stat == GSS_S_CONTINUE_NEEDED);
484482

@@ -497,8 +495,10 @@ pg_GSS_recvauth(Port *port)
497495
* pg username that was specified for the connection.
498496
*/
499497
maj_stat = gss_display_name(&min_stat, port->gss->name, &gbuf, NULL);
500-
ereport(DEBUG1,
501-
(errmsg("GSSAPI authenticated name: %s", (char *)gbuf.value)));
498+
if (maj_stat != GSS_S_COMPLETE)
499+
pg_GSS_error(ERROR,
500+
gettext_noop("retreiving GSS user name failed"),
501+
maj_stat, min_stat);
502502

503503
/*
504504
* Compare the part of the username that comes before the @
@@ -517,12 +517,15 @@ pg_GSS_recvauth(Port *port)
517517
ret = strcmp(port->user_name, gbuf.value);
518518

519519
if (ret)
520+
{
520521
/* GSS name and PGUSER are not equivalent */
521-
ereport(ERROR,
522-
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
523-
errmsg("provided username and GSSAPI username don't match"),
524-
errdetail("provided: %s, GSSAPI: %s",
525-
port->user_name, (char *)gbuf.value)));
522+
elog(DEBUG2,
523+
"provided username (%s) and GSSAPI username (%s) don't match",
524+
port->user_name, (char *)gbuf.value);
525+
526+
gss_release_buffer(&lmin_s, &gbuf);
527+
return STATUS_ERROR;
528+
}
526529

527530
gss_release_buffer(&lmin_s, &gbuf);
528531

@@ -780,9 +783,9 @@ sendAuthRequest(Port *port, AuthRequest areq)
780783
{
781784
OM_uint32 lmin_s;
782785

783-
ereport(DEBUG4,
784-
(errmsg_internal("sending GSS token of length %u",
785-
port->gss->outbuf.length)));
786+
elog(DEBUG4, "sending GSS token of length %u",
787+
port->gss->outbuf.length);
788+
786789
pq_sendbytes(&buf, port->gss->outbuf.value, port->gss->outbuf.length);
787790
gss_release_buffer(&lmin_s, &port->gss->outbuf);
788791
}

src/backend/postmaster/postmaster.c

+8-1
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@
3737
*
3838
*
3939
* IDENTIFICATION
40-
* $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.531 2007/07/10 13:14:21 mha Exp $
40+
* $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.532 2007/07/11 08:27:33 mha Exp $
4141
*
4242
* NOTES
4343
*
@@ -1732,6 +1732,13 @@ ConnCreate(int serverFd)
17321732
*/
17331733
#ifdef ENABLE_GSS
17341734
port->gss = (pg_gssinfo *)calloc(1, sizeof(pg_gssinfo));
1735+
if (!port->gss)
1736+
{
1737+
ereport(LOG,
1738+
(errcode(ERRCODE_OUT_OF_MEMORY),
1739+
errmsg("out of memory")));
1740+
ExitPostmaster(1);
1741+
}
17351742
#endif
17361743

17371744
return port;

src/interfaces/libpq/fe-connect.c

+8-1
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.348 2007/07/10 13:14:21 mha Exp $
11+
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.349 2007/07/11 08:27:33 mha Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -1689,6 +1689,13 @@ PQconnectPoll(PGconn *conn)
16891689

16901690
conn->ginbuf.length = llen;
16911691
conn->ginbuf.value = malloc(llen);
1692+
if (!conn->ginbuf.value)
1693+
{
1694+
printfPQExpBuffer(&conn->errorMessage,
1695+
libpq_gettext("out of memory allocating GSSAPI buffer (%i)"),
1696+
llen);
1697+
goto error_return;
1698+
}
16921699
}
16931700

16941701
if (pqGetnchar(conn->ginbuf.value, llen, conn))

0 commit comments

Comments
 (0)