diff options
| author | Tom Lane | 2009-08-29 19:26:52 +0000 |
|---|---|---|
| committer | Tom Lane | 2009-08-29 19:26:52 +0000 |
| commit | 7b0a92a0b6f5ef41f1547381cbd0e2604ec2bf87 (patch) | |
| tree | a9f29ed7fb846f0b58268a1ea8ce33559a57243d /src/include | |
| parent | a6a766a1ddc382548141989b3bb4f437a1277834 (diff) | |
Remove the use of the pg_auth flat file for client authentication.
(That flat file is now completely useless, but removal will come later.)
To do this, postpone client authentication into the startup transaction
that's run by InitPostgres. We still collect the startup packet and do
SSL initialization (if needed) at the same time we did before. The
AuthenticationTimeout is applied separately to startup packet collection
and the actual authentication cycle. (This is a bit annoying, since it
means a couple extra syscalls; but the signal handling requirements inside
and outside a transaction are sufficiently different that it seems best
to treat the timeouts as completely independent.)
A small security disadvantage is that if the given database name is invalid,
this will be reported to the client before any authentication happens.
We could work around that by connecting to database "postgres" instead,
but consensus seems to be that it's not worth introducing such surprising
behavior.
Processing of all command-line switches and GUC options received from the
client is now postponed until after authentication. This means that
PostAuthDelay is much less useful than it used to be --- if you need to
investigate problems during InitPostgres you'll have to set PreAuthDelay
instead. However, allowing an unauthenticated user to set any GUC options
whatever seems a bit too risky, so we'll live with that.
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/libpq/hba.h | 3 | ||||
| -rw-r--r-- | src/include/libpq/pqsignal.h | 4 | ||||
| -rw-r--r-- | src/include/miscadmin.h | 1 | ||||
| -rw-r--r-- | src/include/storage/pmsignal.h | 1 | ||||
| -rw-r--r-- | src/include/tcop/tcopprot.h | 1 | ||||
| -rw-r--r-- | src/include/utils/guc.h | 1 |
6 files changed, 4 insertions, 7 deletions
diff --git a/src/include/libpq/hba.h b/src/include/libpq/hba.h index 8083fdca8b..cdbdcaa837 100644 --- a/src/include/libpq/hba.h +++ b/src/include/libpq/hba.h @@ -61,12 +61,11 @@ typedef struct bool include_realm; } HbaLine; +/* kluge to avoid including libpq/libpq-be.h here */ typedef struct Port hbaPort; -extern List **get_role_line(const char *role); extern bool load_hba(void); extern void load_ident(void); -extern void load_role(void); extern int hba_getauthmethod(hbaPort *port); extern bool read_pg_database_line(FILE *fp, char *dbname, Oid *dboid, Oid *dbtablespace, TransactionId *dbfrozenxid); diff --git a/src/include/libpq/pqsignal.h b/src/include/libpq/pqsignal.h index 8e011a4ea9..d8e791c5ca 100644 --- a/src/include/libpq/pqsignal.h +++ b/src/include/libpq/pqsignal.h @@ -23,13 +23,13 @@ #ifdef HAVE_SIGPROCMASK extern sigset_t UnBlockSig, BlockSig, - AuthBlockSig; + StartupBlockSig; #define PG_SETMASK(mask) sigprocmask(SIG_SETMASK, mask, NULL) #else extern int UnBlockSig, BlockSig, - AuthBlockSig; + StartupBlockSig; #ifndef WIN32 #define PG_SETMASK(mask) sigsetmask(*((int*)(mask))) diff --git a/src/include/miscadmin.h b/src/include/miscadmin.h index 09a623dc73..c411a98d2e 100644 --- a/src/include/miscadmin.h +++ b/src/include/miscadmin.h @@ -323,6 +323,7 @@ extern ProcessingMode Mode; *****************************************************************************/ /* in utils/init/postinit.c */ +extern void pg_split_opts(char **argv, int *argcp, char *optstr); extern bool InitPostgres(const char *in_dbname, Oid dboid, const char *username, char *out_dbname); extern void BaseInit(void); diff --git a/src/include/storage/pmsignal.h b/src/include/storage/pmsignal.h index 7ae48d0e95..0e2379d92a 100644 --- a/src/include/storage/pmsignal.h +++ b/src/include/storage/pmsignal.h @@ -25,7 +25,6 @@ typedef enum PMSIGNAL_RECOVERY_STARTED, /* recovery has started */ PMSIGNAL_RECOVERY_CONSISTENT, /* recovery has reached consistent * state */ - PMSIGNAL_PASSWORD_CHANGE, /* pg_auth file has changed */ PMSIGNAL_WAKEN_ARCHIVER, /* send a NOTIFY signal to xlog archiver */ PMSIGNAL_ROTATE_LOGFILE, /* send SIGUSR1 to syslogger to rotate logfile */ PMSIGNAL_START_AUTOVAC_LAUNCHER, /* start an autovacuum launcher */ diff --git a/src/include/tcop/tcopprot.h b/src/include/tcop/tcopprot.h index 108e03a64b..119d7f28ff 100644 --- a/src/include/tcop/tcopprot.h +++ b/src/include/tcop/tcopprot.h @@ -58,7 +58,6 @@ extern bool assign_max_stack_depth(int newval, bool doit, GucSource source); extern void die(SIGNAL_ARGS); extern void quickdie(SIGNAL_ARGS); -extern void authdie(SIGNAL_ARGS); extern void StatementCancelHandler(SIGNAL_ARGS); extern void FloatExceptionHandler(SIGNAL_ARGS); extern void prepare_for_client_read(void); diff --git a/src/include/utils/guc.h b/src/include/utils/guc.h index 7245243abd..ab0308a492 100644 --- a/src/include/utils/guc.h +++ b/src/include/utils/guc.h @@ -247,7 +247,6 @@ extern void EmitWarningsOnPlaceholders(const char *className); extern const char *GetConfigOption(const char *name); extern const char *GetConfigOptionResetString(const char *name); -extern bool IsSuperuserConfigOption(const char *name); extern void ProcessConfigFile(GucContext context); extern void InitializeGUCOptions(void); extern bool SelectConfigFiles(const char *userDoption, const char *progname); |