Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit97d625d

Browse files
committed
*) inet_(client|server)_(addr|port)() and necessary documentation for
the four functions.> Also, please justify the temp-related changes. I was not aware that we> had any breakage there.patch-tmp-schema.txt contains the following bits:*) Changes pg_namespace_aclmask() so that the superuser is always ableto create objects in the temp namespace.*) Changes pg_namespace_aclmask() so that if this is a temp namespace,objects are only allowed to be created in the temp namespace if theuser has TEMP privs on the database. This encompasses all objectcreation, not just TEMP tables.*) InitTempTableNamespace() checks to see if the current user, not thesession user, has access to create a temp namespace.The first two changes are necessary to support the third change. Nowit's possible to revoke all temp table privs from non-super users andlimiting all creation of temp tables/schemas via a function that'sexecuted with elevated privs (security definer). Before this change,it was not possible to have a setuid function to create a temptable/schema if the session user had no TEMP privs.patch-area-path.txt contains:*) Can now determine the area of a closed path.patch-dfmgr.txt contains:*) Small tweak to add the library path that's being expanded.I was using $lib/foo.so and couldn't easily figure out what the errormessage, "invalid macro name in dynamic library path" meant withoutlooking through the source code. With the path in there, at least Iknow where to start looking in my config file.Sean Chittenden
1 parent51227f8 commit97d625d

File tree

14 files changed

+234
-33
lines changed

14 files changed

+234
-33
lines changed

‎doc/src/sgml/func.sgml

Lines changed: 36 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$PostgreSQL: pgsql/doc/src/sgml/func.sgml,v 1.204 2004/05/2615:25:57 momjian Exp $
2+
$PostgreSQL: pgsql/doc/src/sgml/func.sgml,v 1.205 2004/05/2618:35:31 momjian Exp $
33
PostgreSQL documentation
44
-->
55

@@ -6592,6 +6592,30 @@ SELECT NULLIF(value, '(none)') ...
65926592
<entry>user name of current execution context</entry>
65936593
</row>
65946594

6595+
<row>
6596+
<entry><function>inet_client_addr</function></entry>
6597+
<entry><type>inet</type></entry>
6598+
<entry>address of the remote connection</entry>
6599+
</row>
6600+
6601+
<row>
6602+
<entry><function>inet_client_port</function></entry>
6603+
<entry><type>int4</type></entry>
6604+
<entry>port of the remote connection</entry>
6605+
</row>
6606+
6607+
<row>
6608+
<entry><function>inet_server_addr</function></entry>
6609+
<entry><type>inet</type></entry>
6610+
<entry>address of the local connection</entry>
6611+
</row>
6612+
6613+
<row>
6614+
<entry><function>inet_server_port</function></entry>
6615+
<entry><type>int4</type></entry>
6616+
<entry>port of the local connection</entry>
6617+
</row>
6618+
65956619
<row>
65966620
<entry><function>session_user</function></entry>
65976621
<entry><type>name</type></entry>
@@ -6647,6 +6671,17 @@ SELECT NULLIF(value, '(none)') ...
66476671
</para>
66486672
</note>
66496673

6674+
<para>
6675+
<function>inet_client_addr</function> and
6676+
<function>inet_server_addr</function> return the IPv4 or IPv6 (if
6677+
configured) address of the remote or local host connecting to the
6678+
database, respectively. <function>inet_client_port</function>
6679+
and <function>inet_server_port</function> return the port number
6680+
of the remote or local host connecting to the database,
6681+
respectively. If the connection is not a network connection,
6682+
these functions will return <literal>NULL</literal>.
6683+
</para>
6684+
66506685
<para>
66516686
<function>current_schema</function> returns the name of the schema that is
66526687
at the front of the search path (or a null value if the search path is

‎src/backend/catalog/aclchk.c

Lines changed: 18 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/backend/catalog/aclchk.c,v 1.99 2004/05/2604:41:06 neilc Exp $
11+
* $PostgreSQL: pgsql/src/backend/catalog/aclchk.c,v 1.100 2004/05/2618:35:32 momjian Exp $
1212
*
1313
* NOTES
1414
* See acl.h.
@@ -1342,17 +1342,27 @@ pg_namespace_aclmask(Oid nsp_oid, AclId userid,
13421342
boolisNull;
13431343
Acl*acl;
13441344

1345-
/*
1346-
* If we have been assigned this namespace as a temp namespace, assume
1347-
* we have all grantable privileges on it.
1348-
*/
1349-
if (isTempNamespace(nsp_oid))
1350-
returnmask;
1351-
13521345
/* Superusers bypass all permission checking. */
13531346
if (superuser_arg(userid))
13541347
returnmask;
13551348

1349+
/*
1350+
* If we have been assigned this namespace as a temp
1351+
* namespace, check to make sure we have CREATE permissions on
1352+
* the database.
1353+
*
1354+
* Instead of returning ACLCHECK_NO_PRIV, should we return via
1355+
* ereport() with a message about trying to create an object
1356+
* in a TEMP namespace when GetUserId() doesn't have perms?
1357+
*/
1358+
if (isTempNamespace(nsp_oid)) {
1359+
if (pg_database_aclcheck(MyDatabaseId,GetUserId(),
1360+
ACL_CREATE_TEMP)==ACLCHECK_OK)
1361+
returnACLCHECK_OK;
1362+
else
1363+
returnACLCHECK_NO_PRIV;
1364+
}
1365+
13561366
/*
13571367
* Get the schema's ACL from pg_namespace
13581368
*/

‎src/backend/catalog/namespace.c

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@
1313
* Portions Copyright (c) 1994, Regents of the University of California
1414
*
1515
* IDENTIFICATION
16-
* $PostgreSQL: pgsql/src/backend/catalog/namespace.c,v 1.64 2004/05/2604:41:07 neilc Exp $
16+
* $PostgreSQL: pgsql/src/backend/catalog/namespace.c,v 1.65 2004/05/2618:35:32 momjian Exp $
1717
*
1818
*-------------------------------------------------------------------------
1919
*/
@@ -1640,11 +1640,11 @@ InitTempTableNamespace(void)
16401640
* tables.We use a nonstandard error message here since
16411641
* "databasename: permission denied" might be a tad cryptic.
16421642
*
1643-
*Note we apply the check to the session user, not the currently active
1644-
*userid, since we are not going to change our minds about temp table
1645-
*availability during the session.
1643+
*ACL_CREATE_TEMP perms are also checked in
1644+
*pg_namespace_aclcheck() that way only users who have TEMP
1645+
*perms can create objects.
16461646
*/
1647-
if (pg_database_aclcheck(MyDatabaseId,GetSessionUserId(),
1647+
if (pg_database_aclcheck(MyDatabaseId,GetUserId(),
16481648
ACL_CREATE_TEMP)!=ACLCHECK_OK)
16491649
ereport(ERROR,
16501650
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),

‎src/backend/libpq/hba.c

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
*
1111
*
1212
* IDENTIFICATION
13-
* $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.123 2004/05/2604:41:18 neilc Exp $
13+
* $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.124 2004/05/2618:35:33 momjian Exp $
1414
*
1515
*-------------------------------------------------------------------------
1616
*/
@@ -1345,8 +1345,11 @@ ident_inet(const SockAddr remote_addr,
13451345
hints.ai_addr=NULL;
13461346
hints.ai_next=NULL;
13471347
rc=getaddrinfo_all(remote_addr_s,ident_port,&hints,&ident_serv);
1348-
if (rc|| !ident_serv)
1348+
if (rc|| !ident_serv) {
1349+
if (ident_serv)
1350+
freeaddrinfo_all(hints.ai_family,ident_serv);
13491351
return false;/* we don't expect this to happen */
1352+
}
13501353

13511354
hints.ai_flags=AI_NUMERICHOST;
13521355
hints.ai_family=local_addr.addr.ss_family;
@@ -1357,8 +1360,11 @@ ident_inet(const SockAddr remote_addr,
13571360
hints.ai_addr=NULL;
13581361
hints.ai_next=NULL;
13591362
rc=getaddrinfo_all(local_addr_s,NULL,&hints,&la);
1360-
if (rc|| !la)
1363+
if (rc|| !la) {
1364+
if (la)
1365+
freeaddrinfo_all(hints.ai_family,la);
13611366
return false;/* we don't expect this to happen */
1367+
}
13621368

13631369
sock_fd=socket(ident_serv->ai_family,ident_serv->ai_socktype,
13641370
ident_serv->ai_protocol);

‎src/backend/libpq/ip.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/backend/libpq/ip.c,v 1.25 2004/04/24 20:10:34 tgl Exp $
11+
* $PostgreSQL: pgsql/src/backend/libpq/ip.c,v 1.26 2004/05/26 18:35:33 momjian Exp $
1212
*
1313
* This file and the IPV6 implementation were initially provided by
1414
* Nigel Kukard <nkukard@lbsd.net>, Linux Based Systems Design
@@ -73,11 +73,11 @@ getaddrinfo_all(const char *hostname, const char *servname,
7373
*result=NULL;
7474

7575
#ifdefHAVE_UNIX_SOCKETS
76-
if (hintp!=NULL&&hintp->ai_family==AF_UNIX)
76+
if (hintp->ai_family==AF_UNIX)
7777
returngetaddrinfo_unix(servname,hintp,result);
7878
#endif
7979

80-
/* NULL has special meaning to getaddrinfo */
80+
/* NULL has special meaning to getaddrinfo(). */
8181
returngetaddrinfo((!hostname||hostname[0]=='\0') ?NULL :hostname,
8282
servname,hintp,result);
8383
}

‎src/backend/libpq/pqcomm.c

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@
3030
* Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group
3131
* Portions Copyright (c) 1994, Regents of the University of California
3232
*
33-
*$PostgreSQL: pgsql/src/backend/libpq/pqcomm.c,v 1.168 2003/12/12 18:45:08 petere Exp $
33+
*$PostgreSQL: pgsql/src/backend/libpq/pqcomm.c,v 1.169 2004/05/26 18:35:33 momjian Exp $
3434
*
3535
*-------------------------------------------------------------------------
3636
*/
@@ -251,7 +251,8 @@ StreamServerPort(int family, char *hostName, unsigned short portNumber,
251251
ereport(LOG,
252252
(errmsg("could not translate service \"%s\" to address: %s",
253253
service,gai_strerror(ret))));
254-
freeaddrinfo_all(hint.ai_family,addrs);
254+
if (addrs)
255+
freeaddrinfo_all(hint.ai_family,addrs);
255256
returnSTATUS_ERROR;
256257
}
257258

‎src/backend/postmaster/postmaster.c

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@
3737
*
3838
*
3939
* IDENTIFICATION
40-
* $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.394 2004/05/23 03:50:45 tgl Exp $
40+
* $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.395 2004/05/26 18:35:35 momjian Exp $
4141
*
4242
* NOTES
4343
*
@@ -2469,10 +2469,14 @@ BackendInit(Port *port)
24692469
remote_port,sizeof(remote_port),
24702470
(log_hostname ?0 :NI_NUMERICHOST) |NI_NUMERICSERV))
24712471
{
2472-
getnameinfo_all(&port->raddr.addr,port->raddr.salen,
2472+
intret=getnameinfo_all(&port->raddr.addr,port->raddr.salen,
24732473
remote_host,sizeof(remote_host),
24742474
remote_port,sizeof(remote_port),
24752475
NI_NUMERICHOST |NI_NUMERICSERV);
2476+
if (ret)
2477+
ereport(WARNING,
2478+
(errmsg("getnameinfo_all() failed: %s",
2479+
gai_strerror(ret))));
24762480
}
24772481
snprintf(remote_ps_data,sizeof(remote_ps_data),
24782482
remote_port[0]=='\0' ?"%s" :"%s(%s)",

‎src/backend/utils/adt/geo_ops.c

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/backend/utils/adt/geo_ops.c,v 1.84 2004/05/12 22:38:44 tgl Exp $
11+
* $PostgreSQL: pgsql/src/backend/utils/adt/geo_ops.c,v 1.85 2004/05/26 18:35:38 momjian Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -1312,6 +1312,27 @@ line_interpt_internal(LINE *l1, LINE *l2)
13121312
*"(closed, npts, xcoord, ycoord,... )"
13131313
*---------------------------------------------------------*/
13141314

1315+
Datum
1316+
path_area(PG_FUNCTION_ARGS)
1317+
{
1318+
PATH*path=PG_GETARG_PATH_P(0);
1319+
doublearea=0.0;
1320+
inti,j;
1321+
1322+
if (!path->closed)
1323+
PG_RETURN_NULL();
1324+
1325+
for (i=0;i<path->npts;i++) {
1326+
j= (i+1) %path->npts;
1327+
area+=path->p[i].x*path->p[j].y;
1328+
area-=path->p[i].y*path->p[j].x;
1329+
}
1330+
1331+
area *=0.5;
1332+
PG_RETURN_FLOAT8(area<0.0 ?-area :area);
1333+
}
1334+
1335+
13151336
Datum
13161337
path_in(PG_FUNCTION_ARGS)
13171338
{

‎src/backend/utils/adt/network.c

Lines changed: 108 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
/*
22
*PostgreSQL type definitions for the INET and CIDR types.
33
*
4-
*$PostgreSQL: pgsql/src/backend/utils/adt/network.c,v 1.49 2003/12/01 18:50:19 tgl Exp $
4+
*$PostgreSQL: pgsql/src/backend/utils/adt/network.c,v 1.50 2004/05/26 18:35:38 momjian Exp $
55
*
66
*Jon Postel RIP 16 Oct 1998
77
*/
@@ -14,7 +14,10 @@
1414
#include<arpa/inet.h>
1515

1616
#include"catalog/pg_type.h"
17+
#include"libpq/ip.h"
18+
#include"libpq/libpq-be.h"
1719
#include"libpq/pqformat.h"
20+
#include"miscadmin.h"
1821
#include"utils/builtins.h"
1922
#include"utils/inet.h"
2023

@@ -130,6 +133,110 @@ cidr_in(PG_FUNCTION_ARGS)
130133
PG_RETURN_INET_P(network_in(src,1));
131134
}
132135

136+
/* INET that the client is connecting from */
137+
Datum
138+
inet_client_addr(PG_FUNCTION_ARGS)
139+
{
140+
Port*port=MyProcPort;
141+
142+
if (port==NULL)
143+
PG_RETURN_NULL();
144+
145+
switch (port->raddr.addr.ss_family) {
146+
caseAF_INET:
147+
#ifdefHAVE_IPV6
148+
caseAF_INET6:
149+
#endif
150+
break;
151+
default:
152+
PG_RETURN_NULL();
153+
}
154+
155+
PG_RETURN_INET_P(network_in(port->remote_host,0));
156+
}
157+
158+
159+
/* port that the client is connecting from */
160+
Datum
161+
inet_client_port(PG_FUNCTION_ARGS)
162+
{
163+
Port*port=MyProcPort;
164+
165+
if (port==NULL)
166+
PG_RETURN_NULL();
167+
168+
PG_RETURN_INT32(DirectFunctionCall1(int4in,CStringGetDatum(port->remote_port)));
169+
}
170+
171+
172+
/* server INET that the client connected to */
173+
Datum
174+
inet_server_addr(PG_FUNCTION_ARGS)
175+
{
176+
Port*port=MyProcPort;
177+
charlocal_host[NI_MAXHOST];
178+
intret;
179+
180+
if (port==NULL)
181+
PG_RETURN_NULL();
182+
183+
switch (port->laddr.addr.ss_family) {
184+
caseAF_INET:
185+
#ifdefHAVE_IPV6
186+
caseAF_INET6:
187+
#endif
188+
break;
189+
default:
190+
PG_RETURN_NULL();
191+
}
192+
193+
local_host[0]='\0';
194+
195+
ret=getnameinfo_all(&port->laddr.addr,port->laddr.salen,
196+
local_host,sizeof(local_host),
197+
NULL,0,
198+
NI_NUMERICHOST |NI_NUMERICSERV);
199+
if (ret)
200+
PG_RETURN_NULL();
201+
202+
PG_RETURN_INET_P(network_in(local_host,0));
203+
}
204+
205+
206+
/* port that the server accepted the connection on */
207+
Datum
208+
inet_server_port(PG_FUNCTION_ARGS)
209+
{
210+
Port*port=MyProcPort;
211+
charlocal_port[NI_MAXSERV];
212+
intret;
213+
214+
if (port==NULL)
215+
PG_RETURN_NULL();
216+
217+
switch (port->laddr.addr.ss_family) {
218+
caseAF_INET:
219+
#ifdefHAVE_IPV6
220+
caseAF_INET6:
221+
#endif
222+
break;
223+
default:
224+
PG_RETURN_NULL();
225+
}
226+
227+
local_port[0]='\0';
228+
229+
ret=getnameinfo_all(&port->laddr.addr,port->laddr.salen,
230+
NULL,0,
231+
local_port,sizeof(local_port),
232+
NI_NUMERICHOST |NI_NUMERICSERV);
233+
if (ret)
234+
PG_RETURN_NULL();
235+
236+
PG_RETURN_INT32(DirectFunctionCall1(int4in,CStringGetDatum(local_port)));
237+
}
238+
239+
133240
/*
134241
*INET address output function.
135242
*/

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp