Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit36f693e

Browse files
committed
Further work on elog cleanup: fix some bogosities in elog's logic about
when to send what to which, prevent recursion by introducing new COMMERRORelog level for client-communication problems, get rid of direct writesto stderr in backend/libpq files, prevent non-error elogs from going toclient during the authentication cycle.
1 parent5ab02fd commit36f693e

File tree

14 files changed

+299
-489
lines changed

14 files changed

+299
-489
lines changed

‎src/backend/libpq/Makefile‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
# Makefile for libpq subsystem (backend half of libpq interface)
55
#
66
# IDENTIFICATION
7-
# $Header: /cvsroot/pgsql/src/backend/libpq/Makefile,v 1.28 2001/11/13 22:06:58 momjian Exp $
7+
# $Header: /cvsroot/pgsql/src/backend/libpq/Makefile,v 1.29 2002/03/04 01:46:02 tgl Exp $
88
#
99
#-------------------------------------------------------------------------
1010

@@ -16,7 +16,7 @@ include $(top_builddir)/src/Makefile.global
1616

1717
OBJS = be-fsstubs.o\
1818
auth.o crypt.o hba.o md5.o password.o\
19-
pqcomm.o pqformat.o pqsignal.o util.o
19+
pqcomm.o pqformat.o pqsignal.o
2020

2121

2222
all: SUBSYS.o

‎src/backend/libpq/auth.c‎

Lines changed: 52 additions & 101 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.76 2002/03/02 21:39:25 momjian Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.77 2002/03/04 01:46:02 tgl Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -105,45 +105,34 @@ pg_krb4_recvauth(Port *port)
105105
version);
106106
if (status!=KSUCCESS)
107107
{
108-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
109-
"pg_krb4_recvauth: kerberos error: %s\n",
110-
krb_err_txt[status]);
111-
fputs(PQerrormsg,stderr);
112-
pqdebug("%s",PQerrormsg);
108+
elog(LOG,"pg_krb4_recvauth: kerberos error: %s",
109+
krb_err_txt[status]);
113110
returnSTATUS_ERROR;
114111
}
115-
if (strncmp(version,PG_KRB4_VERSION,KRB_SENDAUTH_VLEN))
112+
if (strncmp(version,PG_KRB4_VERSION,KRB_SENDAUTH_VLEN)!=0)
116113
{
117-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
118-
"pg_krb4_recvauth: protocol version != \"%s\"\n",
119-
PG_KRB4_VERSION);
120-
fputs(PQerrormsg,stderr);
121-
pqdebug("%s",PQerrormsg);
114+
elog(LOG,"pg_krb4_recvauth: protocol version \"%s\" != \"%s\"",
115+
version,PG_KRB4_VERSION);
122116
returnSTATUS_ERROR;
123117
}
124-
if (strncmp(port->user,auth_data.pname,SM_USER))
118+
if (strncmp(port->user,auth_data.pname,SM_USER)!=0)
125119
{
126-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
127-
"pg_krb4_recvauth: name \"%s\" != \"%s\"\n",
128-
port->user,auth_data.pname);
129-
fputs(PQerrormsg,stderr);
130-
pqdebug("%s",PQerrormsg);
120+
elog(LOG,"pg_krb4_recvauth: name \"%s\" != \"%s\"",
121+
port->user,auth_data.pname);
131122
returnSTATUS_ERROR;
132123
}
133124
returnSTATUS_OK;
134125
}
135126

136127
#else
128+
137129
staticint
138130
pg_krb4_recvauth(Port*port)
139131
{
140-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
141-
"pg_krb4_recvauth: Kerberos not implemented on this server.\n");
142-
fputs(PQerrormsg,stderr);
143-
pqdebug("%s",PQerrormsg);
144-
132+
elog(LOG,"pg_krb4_recvauth: Kerberos not implemented on this server");
145133
returnSTATUS_ERROR;
146134
}
135+
147136
#endif/* KRB4 */
148137

149138

@@ -201,19 +190,17 @@ pg_krb5_init(void)
201190
retval=krb5_init_context(&pg_krb5_context);
202191
if (retval)
203192
{
204-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
205-
"pg_krb5_init: krb5_init_context returned"
206-
" Kerberos error %d\n",retval);
193+
elog(LOG,"pg_krb5_init: krb5_init_context returned Kerberos error %d",
194+
retval);
207195
com_err("postgres",retval,"while initializing krb5");
208196
returnSTATUS_ERROR;
209197
}
210198

211199
retval=krb5_kt_resolve(pg_krb5_context,pg_krb_server_keyfile,&pg_krb5_keytab);
212200
if (retval)
213201
{
214-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
215-
"pg_krb5_init: krb5_kt_resolve returned"
216-
" Kerberos error %d\n",retval);
202+
elog(LOG,"pg_krb5_init: krb5_kt_resolve returned Kerberos error %d",
203+
retval);
217204
com_err("postgres",retval,"while resolving keytab file %s",
218205
pg_krb_server_keyfile);
219206
krb5_free_context(pg_krb5_context);
@@ -224,9 +211,8 @@ pg_krb5_init(void)
224211
KRB5_NT_SRV_HST,&pg_krb5_server);
225212
if (retval)
226213
{
227-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
228-
"pg_krb5_init: krb5_sname_to_principal returned"
229-
" Kerberos error %d\n",retval);
214+
elog(LOG,"pg_krb5_init: krb5_sname_to_principal returned Kerberos error %d",
215+
retval);
230216
com_err("postgres",retval,
231217
"while getting server principal for service %s",
232218
PG_KRB_SRVNAM);
@@ -269,9 +255,8 @@ pg_krb5_recvauth(Port *port)
269255
pg_krb5_server,0,pg_krb5_keytab,&ticket);
270256
if (retval)
271257
{
272-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
273-
"pg_krb5_recvauth: krb5_recvauth returned"
274-
" Kerberos error %d\n",retval);
258+
elog(LOG,"pg_krb5_recvauth: krb5_recvauth returned Kerberos error %d",
259+
retval);
275260
com_err("postgres",retval,"from krb5_recvauth");
276261
returnSTATUS_ERROR;
277262
}
@@ -294,9 +279,8 @@ pg_krb5_recvauth(Port *port)
294279
#endif
295280
if (retval)
296281
{
297-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
298-
"pg_krb5_recvauth: krb5_unparse_name returned"
299-
" Kerberos error %d\n",retval);
282+
elog(LOG,"pg_krb5_recvauth: krb5_unparse_name returned Kerberos error %d",
283+
retval);
300284
com_err("postgres",retval,"while unparsing client name");
301285
krb5_free_ticket(pg_krb5_context,ticket);
302286
krb5_auth_con_free(pg_krb5_context,auth_context);
@@ -306,9 +290,8 @@ pg_krb5_recvauth(Port *port)
306290
kusername=pg_an_to_ln(kusername);
307291
if (strncmp(port->user,kusername,SM_USER))
308292
{
309-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
310-
"pg_krb5_recvauth: user name \"%s\" != krb5 name \"%s\"\n",
311-
port->user,kusername);
293+
elog(LOG,"pg_krb5_recvauth: user name \"%s\" != krb5 name \"%s\"",
294+
port->user,kusername);
312295
ret=STATUS_ERROR;
313296
}
314297
else
@@ -322,16 +305,14 @@ pg_krb5_recvauth(Port *port)
322305
}
323306

324307
#else
308+
325309
staticint
326310
pg_krb5_recvauth(Port*port)
327311
{
328-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
329-
"pg_krb5_recvauth: Kerberos not implemented on this server.\n");
330-
fputs(PQerrormsg,stderr);
331-
pqdebug("%s",PQerrormsg);
332-
312+
elog(LOG,"pg_krb5_recvauth: Kerberos not implemented on this server");
333313
returnSTATUS_ERROR;
334314
}
315+
335316
#endif/* KRB5 */
336317

337318

@@ -388,10 +369,7 @@ recv_and_check_passwordv0(Port *port)
388369

389370
if (user==NULL||password==NULL)
390371
{
391-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
392-
"pg_password_recvauth: badly formed password packet.\n");
393-
fputs(PQerrormsg,stderr);
394-
pqdebug("%s",PQerrormsg);
372+
elog(LOG,"pg_password_recvauth: badly formed password packet");
395373
status=STATUS_ERROR;
396374
}
397375
else
@@ -530,7 +508,7 @@ ClientAuthentication(Port *port)
530508
if (port->raddr.sa.sa_family==AF_INET)
531509
hostinfo=inet_ntoa(port->raddr.in.sin_addr);
532510
elog(FATAL,
533-
"No pg_hba.conf entry for host %s, user %s, database %s",
511+
"No pg_hba.conf entry for host %s, user %s, database %s",
534512
hostinfo,port->user,port->database);
535513
break;
536514
}
@@ -563,8 +541,7 @@ ClientAuthentication(Port *port)
563541
inton=1;
564542

565543
if (setsockopt(port->sock,0,LOCAL_CREDS,&on,sizeof(on))<0)
566-
elog(FATAL,
567-
"pg_local_sendauth: can't do setsockopt: %s\n",strerror(errno));
544+
elog(FATAL,"pg_local_sendauth: can't do setsockopt: %m");
568545
}
569546
#endif
570547
if (port->raddr.sa.sa_family==AF_UNIX)
@@ -653,17 +630,12 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg, struct pam_re
653630
switch (msg[0]->msg_style)
654631
{
655632
casePAM_ERROR_MSG:
656-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
657-
"pam_passwd_conv_proc: Error from underlying PAM layer: '%s'\n",msg[0]->msg);
658-
fputs(PQerrormsg,stderr);
659-
pqdebug("%s",PQerrormsg);
633+
elog(LOG,"pam_passwd_conv_proc: Error from underlying PAM layer: '%s'",
634+
msg[0]->msg);
660635
returnPAM_CONV_ERR;
661636
default:
662-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
663-
"pam_passwd_conv_proc: Unexpected PAM conversation %d/'%s'\n",
664-
msg[0]->msg_style,msg[0]->msg);
665-
fputs(PQerrormsg,stderr);
666-
pqdebug("%s",PQerrormsg);
637+
elog(LOG,"pam_passwd_conv_proc: Unexpected PAM conversation %d/'%s'",
638+
msg[0]->msg_style,msg[0]->msg);
667639
returnPAM_CONV_ERR;
668640
}
669641
}
@@ -691,12 +663,11 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg, struct pam_re
691663

692664
initStringInfo(&buf);
693665
pq_getstr(&buf);
694-
elog(DEBUG5,"received PAM packet with len=%d, pw=%s\n",len,buf.data);
666+
elog(DEBUG5,"received PAM packet with len=%d, pw=%s",len,buf.data);
695667

696668
if (strlen(buf.data)==0)
697669
{
698-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,"pam_passwd_conv_proc: no password\n");
699-
fputs(PQerrormsg,stderr);
670+
elog(LOG,"pam_passwd_conv_proc: no password");
700671
returnPAM_CONV_ERR;
701672
}
702673
appdata_ptr=buf.data;
@@ -709,9 +680,7 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg, struct pam_re
709680
*resp=calloc(num_msg,sizeof(structpam_response));
710681
if (!*resp)
711682
{
712-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,"pam_passwd_conv_proc: Out of memory!\n");
713-
fputs(PQerrormsg,stderr);
714-
pqdebug("%s",PQerrormsg);
683+
elog(LOG,"pam_passwd_conv_proc: Out of memory!");
715684
if (buf.data)
716685
pfree(buf.data);
717686
returnPAM_CONV_ERR;
@@ -755,11 +724,8 @@ CheckPAMAuth(Port *port, char *user, char *password)
755724

756725
if (retval!=PAM_SUCCESS)
757726
{
758-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
759-
"CheckPAMAuth: Failed to create PAM authenticator: '%s'\n",
760-
pam_strerror(pamh,retval));
761-
fputs(PQerrormsg,stderr);
762-
pqdebug("%s",PQerrormsg);
727+
elog(LOG,"CheckPAMAuth: Failed to create PAM authenticator: '%s'",
728+
pam_strerror(pamh,retval));
763729
pam_passwd=NULL;/* Unset pam_passwd */
764730
returnSTATUS_ERROR;
765731
}
@@ -768,11 +734,8 @@ CheckPAMAuth(Port *port, char *user, char *password)
768734

769735
if (retval!=PAM_SUCCESS)
770736
{
771-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
772-
"CheckPAMAuth: pam_set_item(PAM_USER) failed: '%s'\n",
773-
pam_strerror(pamh,retval));
774-
fputs(PQerrormsg,stderr);
775-
pqdebug("%s",PQerrormsg);
737+
elog(LOG,"CheckPAMAuth: pam_set_item(PAM_USER) failed: '%s'",
738+
pam_strerror(pamh,retval));
776739
pam_passwd=NULL;/* Unset pam_passwd */
777740
returnSTATUS_ERROR;
778741
}
@@ -781,11 +744,8 @@ CheckPAMAuth(Port *port, char *user, char *password)
781744

782745
if (retval!=PAM_SUCCESS)
783746
{
784-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
785-
"CheckPAMAuth: pam_set_item(PAM_CONV) failed: '%s'\n",
786-
pam_strerror(pamh,retval));
787-
fputs(PQerrormsg,stderr);
788-
pqdebug("%s",PQerrormsg);
747+
elog(LOG,"CheckPAMAuth: pam_set_item(PAM_CONV) failed: '%s'",
748+
pam_strerror(pamh,retval));
789749
pam_passwd=NULL;/* Unset pam_passwd */
790750
returnSTATUS_ERROR;
791751
}
@@ -794,11 +754,8 @@ CheckPAMAuth(Port *port, char *user, char *password)
794754

795755
if (retval!=PAM_SUCCESS)
796756
{
797-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
798-
"CheckPAMAuth: pam_authenticate failed: '%s'\n",
799-
pam_strerror(pamh,retval));
800-
fputs(PQerrormsg,stderr);
801-
pqdebug("%s",PQerrormsg);
757+
elog(LOG,"CheckPAMAuth: pam_authenticate failed: '%s'",
758+
pam_strerror(pamh,retval));
802759
pam_passwd=NULL;/* Unset pam_passwd */
803760
returnSTATUS_ERROR;
804761
}
@@ -807,11 +764,8 @@ CheckPAMAuth(Port *port, char *user, char *password)
807764

808765
if (retval!=PAM_SUCCESS)
809766
{
810-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
811-
"CheckPAMAuth: pam_acct_mgmt failed: '%s'\n",
812-
pam_strerror(pamh,retval));
813-
fputs(PQerrormsg,stderr);
814-
pqdebug("%s",PQerrormsg);
767+
elog(LOG,"CheckPAMAuth: pam_acct_mgmt failed: '%s'",
768+
pam_strerror(pamh,retval));
815769
pam_passwd=NULL;/* Unset pam_passwd */
816770
returnSTATUS_ERROR;
817771
}
@@ -820,11 +774,8 @@ CheckPAMAuth(Port *port, char *user, char *password)
820774

821775
if (retval!=PAM_SUCCESS)
822776
{
823-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
824-
"CheckPAMAuth: Failed to release PAM authenticator: '%s'\n",
825-
pam_strerror(pamh,retval));
826-
fputs(PQerrormsg,stderr);
827-
pqdebug("%s",PQerrormsg);
777+
elog(LOG,"CheckPAMAuth: Failed to release PAM authenticator: '%s'",
778+
pam_strerror(pamh,retval));
828779
}
829780

830781
pam_passwd=NULL;/* Unset pam_passwd */
@@ -854,8 +805,8 @@ recv_and_check_password_packet(Port *port)
854805
returnSTATUS_EOF;
855806
}
856807

857-
elog(DEBUG5,"received password packet with len=%d, pw=%s\n",
858-
len,buf.data);
808+
elog(DEBUG5,"received password packet with len=%d, pw=%s",
809+
len,buf.data);
859810

860811
result=checkPassword(port,port->user,buf.data);
861812
pfree(buf.data);
@@ -907,7 +858,7 @@ old_be_recvauth(Port *port)
907858
break;
908859

909860
default:
910-
fprintf(stderr,"Invalid startup message type: %u\n",msgtype);
861+
elog(LOG,"Invalid startup message type: %u",msgtype);
911862

912863
returnSTATUS_ERROR;
913864
}

‎src/backend/libpq/crypt.c‎

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
* Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group
1010
* Portions Copyright (c) 1994, Regents of the University of California
1111
*
12-
* $Header: /cvsroot/pgsql/src/backend/libpq/crypt.c,v 1.43 2002/03/02 21:39:26 momjian Exp $
12+
* $Header: /cvsroot/pgsql/src/backend/libpq/crypt.c,v 1.44 2002/03/04 01:46:03 tgl Exp $
1313
*
1414
*-------------------------------------------------------------------------
1515
*/
@@ -273,11 +273,8 @@ md5_crypt_verify(const Port *port, const char *user, const char *pgpass)
273273
/* If they encrypt their password, force MD5 */
274274
if (isMD5(passwd)&&port->auth_method!=uaMD5)
275275
{
276-
snprintf(PQerrormsg,PQERRORMSG_LENGTH,
277-
"Password is stored MD5 encrypted. "
278-
"'password' and 'crypt' auth methods cannot be used.\n");
279-
fputs(PQerrormsg,stderr);
280-
pqdebug("%s",PQerrormsg);
276+
elog(LOG,"Password is stored MD5 encrypted. "
277+
"'password' and 'crypt' auth methods cannot be used.");
281278
returnSTATUS_ERROR;
282279
}
283280

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp