Commit 8cde7f49 authored by Tom Lane's avatar Tom Lane

Fix assorted minor bogosity in GSSAPI transport error messages.

I noted that some buildfarm members were complaining about %ld being
used to format values that are (probably) declared size_t.  Use %zu
instead, and insert a cast just in case some versions of the GSSAPI
API declare the length field differently.  While at it, clean up
gratuitous differences in wording of equivalent messages, show
the complained-of length in all relevant messages not just some,
include trailing newline where needed, adjust random deviations
from project-standard code layout and message style, etc.
parent b4f96d69
...@@ -14,8 +14,9 @@ ...@@ -14,8 +14,9 @@
#include "postgres.h" #include "postgres.h"
#include "be-gssapi-common.h" #include <unistd.h>
#include "be-gssapi-common.h"
#include "libpq/auth.h" #include "libpq/auth.h"
#include "libpq/libpq.h" #include "libpq/libpq.h"
#include "libpq/libpq-be.h" #include "libpq/libpq-be.h"
...@@ -23,8 +24,6 @@ ...@@ -23,8 +24,6 @@
#include "miscadmin.h" #include "miscadmin.h"
#include "pgstat.h" #include "pgstat.h"
#include <unistd.h>
/* /*
* Handle the encryption/decryption of data using GSSAPI. * Handle the encryption/decryption of data using GSSAPI.
...@@ -179,10 +178,13 @@ be_gssapi_write(Port *port, void *ptr, size_t len) ...@@ -179,10 +178,13 @@ be_gssapi_write(Port *port, void *ptr, size_t len)
pg_GSS_error(FATAL, gettext_noop("GSSAPI wrap error"), major, minor); pg_GSS_error(FATAL, gettext_noop("GSSAPI wrap error"), major, minor);
if (conf == 0) if (conf == 0)
ereport(FATAL, (errmsg("GSSAPI did not provide confidentiality"))); ereport(FATAL,
(errmsg("GSSAPI did not provide confidentiality")));
if (output.length > PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32)) if (output.length > PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32))
ereport(FATAL, (errmsg("GSSAPI tried to send packet of size: %ld", output.length))); ereport(FATAL,
(errmsg("server tried to send oversize GSSAPI packet: %zu bytes",
(size_t) output.length)));
bytes_encrypted += input.length; bytes_encrypted += input.length;
bytes_to_encrypt -= input.length; bytes_to_encrypt -= input.length;
...@@ -297,7 +299,9 @@ be_gssapi_read(Port *port, void *ptr, size_t len) ...@@ -297,7 +299,9 @@ be_gssapi_read(Port *port, void *ptr, size_t len)
/* Check for over-length packet */ /* Check for over-length packet */
if (input.length > PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32)) if (input.length > PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32))
ereport(FATAL, (errmsg("Over-size GSSAPI packet sent by the client."))); ereport(FATAL,
(errmsg("oversize GSSAPI packet sent by the client: %zu bytes",
(size_t) input.length)));
/* /*
* Read as much of the packet as we are able to on this call into * Read as much of the packet as we are able to on this call into
...@@ -341,7 +345,8 @@ be_gssapi_read(Port *port, void *ptr, size_t len) ...@@ -341,7 +345,8 @@ be_gssapi_read(Port *port, void *ptr, size_t len)
major, minor); major, minor);
if (conf == 0) if (conf == 0)
ereport(FATAL, (errmsg("GSSAPI did not provide confidentiality"))); ereport(FATAL,
(errmsg("GSSAPI did not provide confidentiality")));
memcpy(PqGSSResultBuffer, output.value, output.length); memcpy(PqGSSResultBuffer, output.value, output.length);
...@@ -492,7 +497,9 @@ secure_open_gssapi(Port *port) ...@@ -492,7 +497,9 @@ secure_open_gssapi(Port *port)
* Verify on our side that the client doesn't do something funny. * Verify on our side that the client doesn't do something funny.
*/ */
if (input.length > PQ_GSS_RECV_BUFFER_SIZE) if (input.length > PQ_GSS_RECV_BUFFER_SIZE)
ereport(FATAL, (errmsg("Over-size GSSAPI packet sent by the client: %ld", input.length))); ereport(FATAL,
(errmsg("oversize GSSAPI packet sent by the client: %zu bytes",
(size_t) input.length)));
/* /*
* Get the rest of the packet so we can pass it to GSSAPI to accept * Get the rest of the packet so we can pass it to GSSAPI to accept
...@@ -538,7 +545,9 @@ secure_open_gssapi(Port *port) ...@@ -538,7 +545,9 @@ secure_open_gssapi(Port *port)
uint32 netlen = htonl(output.length); uint32 netlen = htonl(output.length);
if (output.length > PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32)) if (output.length > PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32))
ereport(FATAL, (errmsg("GSSAPI tried to send oversize packet"))); ereport(FATAL,
(errmsg("server tried to send oversize GSSAPI packet: %zu bytes",
(size_t) output.length)));
memcpy(PqGSSSendBuffer, (char *) &netlen, sizeof(uint32)); memcpy(PqGSSSendBuffer, (char *) &netlen, sizeof(uint32));
PqGSSSendPointer += sizeof(uint32); PqGSSSendPointer += sizeof(uint32);
......
...@@ -16,7 +16,6 @@ ...@@ -16,7 +16,6 @@
#include "libpq-fe.h" #include "libpq-fe.h"
#include "libpq-int.h" #include "libpq-int.h"
#include "fe-gssapi-common.h" #include "fe-gssapi-common.h"
#include "port/pg_bswap.h" #include "port/pg_bswap.h"
/* /*
...@@ -163,15 +162,16 @@ pg_GSS_write(PGconn *conn, const void *ptr, size_t len) ...@@ -163,15 +162,16 @@ pg_GSS_write(PGconn *conn, const void *ptr, size_t len)
} }
else if (conf == 0) else if (conf == 0)
{ {
printfPQExpBuffer(&conn->errorMessage, libpq_gettext( printfPQExpBuffer(&conn->errorMessage,
"GSSAPI did not provide confidentiality\n")); libpq_gettext("GSSAPI did not provide confidentiality\n"));
goto cleanup; goto cleanup;
} }
if (output.length > PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32)) if (output.length > PQ_GSS_SEND_BUFFER_SIZE - sizeof(uint32))
{ {
printfPQExpBuffer(&conn->errorMessage, libpq_gettext( printfPQExpBuffer(&conn->errorMessage,
"GSSAPI attempt to send oversize packet\n")); libpq_gettext("client tried to send oversize GSSAPI packet: %zu bytes\n"),
(size_t) output.length);
goto cleanup; goto cleanup;
} }
...@@ -286,8 +286,8 @@ pg_GSS_read(PGconn *conn, void *ptr, size_t len) ...@@ -286,8 +286,8 @@ pg_GSS_read(PGconn *conn, void *ptr, size_t len)
/* Check for over-length packet */ /* Check for over-length packet */
if (input.length > PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32)) if (input.length > PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32))
{ {
printfPQExpBuffer(&conn->errorMessage, libpq_gettext( printfPQExpBuffer(&conn->errorMessage,
"GSSAPI did not provide confidentiality\n")); libpq_gettext("GSSAPI did not provide confidentiality\n"));
ret = -1; ret = -1;
goto cleanup; goto cleanup;
} }
...@@ -328,8 +328,8 @@ pg_GSS_read(PGconn *conn, void *ptr, size_t len) ...@@ -328,8 +328,8 @@ pg_GSS_read(PGconn *conn, void *ptr, size_t len)
} }
else if (conf == 0) else if (conf == 0)
{ {
printfPQExpBuffer(&conn->errorMessage, libpq_gettext( printfPQExpBuffer(&conn->errorMessage,
"GSSAPI did not provide confidentiality\n")); libpq_gettext("GSSAPI did not provide confidentiality\n"));
ret = -1; ret = -1;
goto cleanup; goto cleanup;
} }
...@@ -476,7 +476,7 @@ pqsecure_open_gss(PGconn *conn) ...@@ -476,7 +476,7 @@ pqsecure_open_gss(PGconn *conn)
PqGSSRecvLength += ret; PqGSSRecvLength += ret;
printfPQExpBuffer(&conn->errorMessage, "%s", PqGSSRecvBuffer + 1); printfPQExpBuffer(&conn->errorMessage, "%s\n", PqGSSRecvBuffer + 1);
return PGRES_POLLING_FAILED; return PGRES_POLLING_FAILED;
} }
...@@ -490,7 +490,9 @@ pqsecure_open_gss(PGconn *conn) ...@@ -490,7 +490,9 @@ pqsecure_open_gss(PGconn *conn)
input.length = ntohl(*(uint32 *) PqGSSRecvBuffer); input.length = ntohl(*(uint32 *) PqGSSRecvBuffer);
if (input.length > PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32)) if (input.length > PQ_GSS_RECV_BUFFER_SIZE - sizeof(uint32))
{ {
printfPQExpBuffer(&conn->errorMessage, libpq_gettext("Over-size GSSAPI packet sent by the server: %ld"), input.length); printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("oversize GSSAPI packet sent by the server: %zu bytes\n"),
(size_t) input.length);
return PGRES_POLLING_FAILED; return PGRES_POLLING_FAILED;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment