Commit f14413b6 authored by Peter Eisentraut's avatar Peter Eisentraut

Sort out getpeereid() and peer auth handling on Windows

The getpeereid() uses have so far been protected by HAVE_UNIX_SOCKETS,
so they didn't ever care about Windows support.  But in anticipation
of Unix-domain socket support on Windows, that needs to be handled
differently.

Windows doesn't support getpeereid() at this time, so we use the
existing not-supported code path.  We let configure do its usual thing
of picking up the replacement from libpgport, instead of the custom
overrides that it was doing before.

But then Windows doesn't have struct passwd, so this patch sprinkles
some additional #ifdef WIN32 around to make it work.  This is similar
to existing code that deals with this issue.
Reviewed-by: default avatarAndrew Dunstan <andrew.dunstan@2ndquadrant.com>
Discussion: https://www.postgresql.org/message-id/5974caea-1267-7708-40f2-6009a9d653b0@2ndquadrant.com
parent 956ef587
...@@ -15685,6 +15685,19 @@ esac ...@@ -15685,6 +15685,19 @@ esac
fi fi
ac_fn_c_check_func "$LINENO" "getpeereid" "ac_cv_func_getpeereid"
if test "x$ac_cv_func_getpeereid" = xyes; then :
$as_echo "#define HAVE_GETPEEREID 1" >>confdefs.h
else
case " $LIBOBJS " in
*" getpeereid.$ac_objext "* ) ;;
*) LIBOBJS="$LIBOBJS getpeereid.$ac_objext"
;;
esac
fi
ac_fn_c_check_func "$LINENO" "getrusage" "ac_cv_func_getrusage" ac_fn_c_check_func "$LINENO" "getrusage" "ac_cv_func_getrusage"
if test "x$ac_cv_func_getrusage" = xyes; then : if test "x$ac_cv_func_getrusage" = xyes; then :
$as_echo "#define HAVE_GETRUSAGE 1" >>confdefs.h $as_echo "#define HAVE_GETRUSAGE 1" >>confdefs.h
...@@ -15863,19 +15876,13 @@ $as_echo "$as_me: On $host_os we will use our strtof wrapper." >&6;} ...@@ -15863,19 +15876,13 @@ $as_echo "$as_me: On $host_os we will use our strtof wrapper." >&6;}
esac esac
case $host_os in case $host_os in
# Windows uses a specialised env handler # Windows uses a specialised env handler
# and doesn't need a replacement getpeereid because it doesn't use
# Unix sockets.
mingw*) mingw*)
$as_echo "#define HAVE_UNSETENV 1" >>confdefs.h $as_echo "#define HAVE_UNSETENV 1" >>confdefs.h
$as_echo "#define HAVE_GETPEEREID 1" >>confdefs.h
ac_cv_func_unsetenv=yes ac_cv_func_unsetenv=yes
ac_cv_func_getpeereid=yes;; ;;
*) *)
ac_fn_c_check_func "$LINENO" "unsetenv" "ac_cv_func_unsetenv" ac_fn_c_check_func "$LINENO" "unsetenv" "ac_cv_func_unsetenv"
if test "x$ac_cv_func_unsetenv" = xyes; then : if test "x$ac_cv_func_unsetenv" = xyes; then :
...@@ -15890,21 +15897,8 @@ esac ...@@ -15890,21 +15897,8 @@ esac
fi fi
ac_fn_c_check_func "$LINENO" "getpeereid" "ac_cv_func_getpeereid"
if test "x$ac_cv_func_getpeereid" = xyes; then :
$as_echo "#define HAVE_GETPEEREID 1" >>confdefs.h
else ;;
case " $LIBOBJS " in
*" getpeereid.$ac_objext "* ) ;;
*) LIBOBJS="$LIBOBJS getpeereid.$ac_objext"
;;
esac
fi
;;
esac esac
# System's version of getaddrinfo(), if any, may be used only if we found # System's version of getaddrinfo(), if any, may be used only if we found
......
...@@ -1729,6 +1729,7 @@ AC_REPLACE_FUNCS(m4_normalize([ ...@@ -1729,6 +1729,7 @@ AC_REPLACE_FUNCS(m4_normalize([
explicit_bzero explicit_bzero
fls fls
getopt getopt
getpeereid
getrusage getrusage
inet_aton inet_aton
mkdtemp mkdtemp
...@@ -1757,18 +1758,14 @@ case $host_os in ...@@ -1757,18 +1758,14 @@ case $host_os in
esac esac
case $host_os in case $host_os in
# Windows uses a specialised env handler # Windows uses a specialised env handler
# and doesn't need a replacement getpeereid because it doesn't use
# Unix sockets.
mingw*) mingw*)
AC_DEFINE(HAVE_UNSETENV, 1, [Define to 1 because replacement version used.]) AC_DEFINE(HAVE_UNSETENV, 1, [Define to 1 because replacement version used.])
AC_DEFINE(HAVE_GETPEEREID, 1, [Define to 1 because function not required.])
ac_cv_func_unsetenv=yes ac_cv_func_unsetenv=yes
ac_cv_func_getpeereid=yes;; ;;
*) *)
AC_REPLACE_FUNCS([unsetenv getpeereid]) AC_REPLACE_FUNCS([unsetenv])
;; ;;
esac esac
# System's version of getaddrinfo(), if any, may be used only if we found # System's version of getaddrinfo(), if any, may be used only if we found
......
...@@ -77,9 +77,7 @@ static int ident_inet(hbaPort *port); ...@@ -77,9 +77,7 @@ static int ident_inet(hbaPort *port);
* Peer authentication * Peer authentication
*---------------------------------------------------------------- *----------------------------------------------------------------
*/ */
#ifdef HAVE_UNIX_SOCKETS
static int auth_peer(hbaPort *port); static int auth_peer(hbaPort *port);
#endif
/*---------------------------------------------------------------- /*----------------------------------------------------------------
...@@ -559,11 +557,7 @@ ClientAuthentication(Port *port) ...@@ -559,11 +557,7 @@ ClientAuthentication(Port *port)
break; break;
case uaPeer: case uaPeer:
#ifdef HAVE_UNIX_SOCKETS
status = auth_peer(port); status = auth_peer(port);
#else
Assert(false);
#endif
break; break;
case uaIdent: case uaIdent:
...@@ -1984,16 +1978,16 @@ ident_inet_done: ...@@ -1984,16 +1978,16 @@ ident_inet_done:
* *
* Iff authorized, return STATUS_OK, otherwise return STATUS_ERROR. * Iff authorized, return STATUS_OK, otherwise return STATUS_ERROR.
*/ */
#ifdef HAVE_UNIX_SOCKETS
static int static int
auth_peer(hbaPort *port) auth_peer(hbaPort *port)
{ {
uid_t uid; uid_t uid;
gid_t gid; gid_t gid;
#ifndef WIN32
struct passwd *pw; struct passwd *pw;
char *peer_user; char *peer_user;
int ret; int ret;
#endif
if (getpeereid(port->sock, &uid, &gid) != 0) if (getpeereid(port->sock, &uid, &gid) != 0)
{ {
...@@ -2009,6 +2003,7 @@ auth_peer(hbaPort *port) ...@@ -2009,6 +2003,7 @@ auth_peer(hbaPort *port)
return STATUS_ERROR; return STATUS_ERROR;
} }
#ifndef WIN32
errno = 0; /* clear errno before call */ errno = 0; /* clear errno before call */
pw = getpwuid(uid); pw = getpwuid(uid);
if (!pw) if (!pw)
...@@ -2030,8 +2025,12 @@ auth_peer(hbaPort *port) ...@@ -2030,8 +2025,12 @@ auth_peer(hbaPort *port)
pfree(peer_user); pfree(peer_user);
return ret; return ret;
#else
/* should have failed with ENOSYS above */
Assert(false);
return STATUS_ERROR;
#endif
} }
#endif /* HAVE_UNIX_SOCKETS */
/*---------------------------------------------------------------- /*----------------------------------------------------------------
......
...@@ -354,7 +354,7 @@ extern int fls(int mask); ...@@ -354,7 +354,7 @@ extern int fls(int mask);
#define ftello(a) ftell(a) #define ftello(a) ftell(a)
#endif #endif
#if !defined(HAVE_GETPEEREID) && !defined(WIN32) #ifndef HAVE_GETPEEREID
extern int getpeereid(int sock, uid_t *uid, gid_t *gid); extern int getpeereid(int sock, uid_t *uid, gid_t *gid);
#endif #endif
......
...@@ -2733,8 +2733,6 @@ keep_going: /* We will come back to here until there is ...@@ -2733,8 +2733,6 @@ keep_going: /* We will come back to here until there is
char *startpacket; char *startpacket;
int packetlen; int packetlen;
#ifdef HAVE_UNIX_SOCKETS
/* /*
* Implement requirepeer check, if requested and it's a * Implement requirepeer check, if requested and it's a
* Unix-domain socket. * Unix-domain socket.
...@@ -2742,10 +2740,12 @@ keep_going: /* We will come back to here until there is ...@@ -2742,10 +2740,12 @@ keep_going: /* We will come back to here until there is
if (conn->requirepeer && conn->requirepeer[0] && if (conn->requirepeer && conn->requirepeer[0] &&
IS_AF_UNIX(conn->raddr.addr.ss_family)) IS_AF_UNIX(conn->raddr.addr.ss_family))
{ {
#ifndef WIN32
char pwdbuf[BUFSIZ]; char pwdbuf[BUFSIZ];
struct passwd pass_buf; struct passwd pass_buf;
struct passwd *pass; struct passwd *pass;
int passerr; int passerr;
#endif
uid_t uid; uid_t uid;
gid_t gid; gid_t gid;
...@@ -2766,6 +2766,7 @@ keep_going: /* We will come back to here until there is ...@@ -2766,6 +2766,7 @@ keep_going: /* We will come back to here until there is
goto error_return; goto error_return;
} }
#ifndef WIN32
passerr = pqGetpwuid(uid, &pass_buf, pwdbuf, sizeof(pwdbuf), &pass); passerr = pqGetpwuid(uid, &pass_buf, pwdbuf, sizeof(pwdbuf), &pass);
if (pass == NULL) if (pass == NULL)
{ {
...@@ -2788,8 +2789,11 @@ keep_going: /* We will come back to here until there is ...@@ -2788,8 +2789,11 @@ keep_going: /* We will come back to here until there is
conn->requirepeer, pass->pw_name); conn->requirepeer, pass->pw_name);
goto error_return; goto error_return;
} }
#else /* WIN32 */
/* should have failed with ENOSYS above */
Assert(false);
#endif /* WIN32 */
} }
#endif /* HAVE_UNIX_SOCKETS */
if (IS_AF_UNIX(conn->raddr.addr.ss_family)) if (IS_AF_UNIX(conn->raddr.addr.ss_family))
{ {
......
...@@ -94,7 +94,7 @@ sub mkvcbuild ...@@ -94,7 +94,7 @@ sub mkvcbuild
$solution = CreateSolution($vsVersion, $config); $solution = CreateSolution($vsVersion, $config);
our @pgportfiles = qw( our @pgportfiles = qw(
chklocale.c explicit_bzero.c fls.c fseeko.c getrusage.c inet_aton.c random.c chklocale.c explicit_bzero.c fls.c fseeko.c getpeereid.c getrusage.c inet_aton.c random.c
srandom.c getaddrinfo.c gettimeofday.c inet_net_ntop.c kill.c open.c srandom.c getaddrinfo.c gettimeofday.c inet_net_ntop.c kill.c open.c
erand48.c snprintf.c strlcat.c strlcpy.c dirmod.c noblock.c path.c erand48.c snprintf.c strlcat.c strlcpy.c dirmod.c noblock.c path.c
dirent.c dlopen.c getopt.c getopt_long.c dirent.c dlopen.c getopt.c getopt_long.c
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment