NotificationsYou must be signed in to change notification settings
Fork28
Star151

Commit4e81628

committed

Properly unregister OpenSSL callbacks when libpq is done with

it's connection. This is required for applications that unloadthe libpq library (such as PHP) in which case we'd otherwisehave pointers to these functions when they no longer exist.This needs a bit more testing before we can consider a backpatch,so not doing that yet.In passing, remove unused functions in backend/libpq.Bruce Momjian and Magnus Hagander, per report and analysisby Russell Smith.

1 parentc37951e commit4e81628Copy full SHA for 4e81628

File tree

2 files changed

+125

-72

lines changed

src
- backend/libpq
  - be-secure.c
- interfaces/libpq
  - fe-secure.c

2 files changed

+125

-72

lines changed

`‎src/backend/libpq/be-secure.c`

Lines changed: 1 addition & 26 deletions

Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,7 @@`
`11`	`11`	`*`
`12`	`12`	`*`
`13`	`13`	`* IDENTIFICATION`
`14`		`- * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.86 2008/11/20 09:29:36 mha Exp $`
	`14`	`+ * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.87 2008/12/03 20:04:26 mha Exp $`
`15`	`15`	`*`
`16`	`16`	`* Since the server static private key ($DataDir/server.key)`
`17`	`17`	`* will normally be stored unencrypted so that the database`
`@@ -88,7 +88,6 @@ static DH tmp_dh_cb(SSL s, int is_export, int keylength);`
`88`	`88`	`staticintverify_cb(int,X509_STORE_CTX*);`
`89`	`89`	`staticvoidinfo_cb(constSSL*ssl,inttype,intargs);`
`90`	`90`	`staticvoidinitialize_SSL(void);`
`91`		`-staticvoiddestroy_SSL(void);`
`92`	`91`	`staticintopen_server_SSL(Port*);`
`93`	`92`	`staticvoidclose_SSL(Port*);`
`94`	`93`	`staticconstchar*SSLerrmessage(void);`
`@@ -192,17 +191,6 @@ secure_initialize(void)`
`192`	`191`	`return0;`
`193`	`192`	`}`
`194`	`193`
`195`		`-/*`
`196`		`- *Destroy global context`
`197`		`- */`
`198`		`-void`
`199`		`-secure_destroy(void)`
`200`		`-{`
`201`		`-#ifdefUSE_SSL`
`202`		`-destroy_SSL();`
`203`		`-#endif`
`204`		`-}`
`205`		`-`
`206`	`194`	`/*`
`207`	`195`	`* Indicate if we have loaded the root CA store to verify certificates`
`208`	`196`	`*/`
`@@ -843,19 +831,6 @@ initialize_SSL(void)`
`843`	`831`	`}`
`844`	`832`	`}`
`845`	`833`
`846`		`-/*`
`847`		`- *Destroy global SSL context.`
`848`		`- */`
`849`		`-staticvoid`
`850`		`-destroy_SSL(void)`
`851`		`-{`
`852`		`-if (SSL_context)`
`853`		`-{`
`854`		`-SSL_CTX_free(SSL_context);`
`855`		`-SSL_context=NULL;`
`856`		`-}`
`857`		`-}`
`858`		`-`
`859`	`834`	`/*`
`860`	`835`	`*Attempt to negotiate SSL connection.`
`861`	`836`	`*/`

`‎src/interfaces/libpq/fe-secure.c`

Lines changed: 124 additions & 46 deletions

Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,7 @@`
`11`	`11`	`*`
`12`	`12`	`*`
`13`	`13`	`* IDENTIFICATION`
`14`		`- * $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.110 2008/12/02 10:39:30 mha Exp $`
	`14`	`+ * $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.111 2008/12/03 20:04:26 mha Exp $`
`15`	`15`	`*`
`16`	`16`	`* NOTES`
`17`	`17`	`*`
`@@ -44,6 +44,7 @@`
`44`	`44`	`#endif`
`45`	`45`	`#include<arpa/inet.h>`
`46`	`46`	`#endif`
	`47`	`+`
`47`	`48`	`#include<sys/stat.h>`
`48`	`49`
`49`	`50`	`#ifdefENABLE_THREAD_SAFETY`
`@@ -89,20 +90,32 @@ static bool verify_peer_name_matches_certificate(PGconn *);`
`89`	`90`	`staticintverify_cb(intok,X509_STORE_CTX*ctx);`
`90`	`91`	`staticintclient_cert_cb(SSL,X509,EVP_PKEY*);`
`91`	`92`	`staticintinit_ssl_system(PGconn*conn);`
	`93`	`+staticvoiddestroy_ssl_system(void);`
`92`	`94`	`staticintinitialize_SSL(PGconn*);`
`93`		`-staticvoiddestroy_SSL(void);`
	`95`	`+staticvoiddestroySSL(void);`
`94`	`96`	`staticPostgresPollingStatusTypeopen_client_SSL(PGconn*);`
`95`	`97`	`staticvoidclose_SSL(PGconn*);`
`96`	`98`	`staticchar*SSLerrmessage(void);`
`97`	`99`	`staticvoidSSLerrfree(char*buf);`
`98`		`-#endif`
`99`	`100`
`100`		`-#ifdefUSE_SSL`
`101`	`101`	`staticboolpq_initssllib= true;`
`102`		`-`
`103`	`102`	`staticSSL_CTX*SSL_context=NULL;`
	`103`	`+`
	`104`	`+#ifdefENABLE_THREAD_SAFETY`
	`105`	`+staticintssl_open_connections=0;`
	`106`	`+`
	`107`	`+#ifndefWIN32`
	`108`	`+staticpthread_mutex_tssl_config_mutex=PTHREAD_MUTEX_INITIALIZER;`
	`109`	`+#else`
	`110`	`+staticpthread_mutex_tssl_config_mutex=NULL;`
	`111`	`+staticlongwin32_ssl_create_mutex=0;`
`104`	`112`	`#endif`
`105`	`113`
	`114`	`+#endif/* ENABLE_THREAD_SAFETY */`
	`115`	`+`
	`116`	`+#endif/* SSL */`
	`117`	`+`
	`118`	`+`
`106`	`119`	`/*`
`107`	`120`	`* Macros to handle disabling and then restoring the state of SIGPIPE handling.`
`108`	`121`	`* Note that DISABLE_SIGPIPE() must appear at the start of a block.`
`@@ -186,7 +199,7 @@ void`
`186`	`199`	`pqsecure_destroy(void)`
`187`	`200`	`{`
`188`	`201`	`#ifdefUSE_SSL`
`189`		`-destroy_SSL();`
	`202`	`+destroySSL();`
`190`	`203`	`#endif`
`191`	`204`	`}`
`192`	`205`
`@@ -734,6 +747,9 @@ client_cert_cb(SSL ssl, X509 x509, EVP_PKEY *pkey)`
`734`	`747`	`}`
`735`	`748`
`736`	`749`	`#ifdefENABLE_THREAD_SAFETY`
	`750`	`+/*`
	`751`	`+ *Callback functions for OpenSSL internal locking`
	`752`	`+ */`
`737`	`753`
`738`	`754`	`staticunsigned long`
`739`	`755`	`pq_threadidcallback(void)`
`@@ -765,54 +781,74 @@ pq_lockingcallback(int mode, int n, const char *file, int line)`
`765`	`781`	`#endif/* ENABLE_THREAD_SAFETY */`
`766`	`782`
`767`	`783`	`/*`
`768`		`- * Also see similar code in fe-connect.c, default_threadlock()`
	`784`	`+ * Initialize SSL system. In threadsafe mode, this includes setting`
	`785`	`+ * up OpenSSL callback functions to do thread locking.`
	`786`	`+ *`
	`787`	`+ * If the caller has told us (through PQinitSSL) that he's taking care`
	`788`	`+ * of SSL, we expect that callbacks are already set, and won't try to`
	`789`	`+ * override it.`
	`790`	`+ *`
	`791`	`+ * The conn parameter is only used to be able to pass back an error`
	`792`	`+ * message - no connection local setup is made.`
`769`	`793`	`*/`
`770`	`794`	`staticint`
`771`	`795`	`init_ssl_system(PGconn*conn)`
`772`	`796`	`{`
`773`	`797`	`#ifdefENABLE_THREAD_SAFETY`
`774`		`-#ifndefWIN32`
`775`		`-staticpthread_mutex_tinit_mutex=PTHREAD_MUTEX_INITIALIZER;`
`776`		`-#else`
`777`		`-staticpthread_mutex_tinit_mutex=NULL;`
`778`		`-staticlongmutex_initlock=0;`
`779`		`-`
`780`		`-if (init_mutex==NULL)`
	`798`	`+#ifdefWIN32`
	`799`	`+/* Also see similar code in fe-connect.c, default_threadlock() */`
	`800`	`+if (ssl_config_mutex==NULL)`
`781`	`801`	`{`
`782`		`-while (InterlockedExchange(&mutex_initlock,1)==1)`
	`802`	`+while (InterlockedExchange(&win32_ssl_create_mutex,1)==1)`
`783`	`803`	`/* loop, another thread own the lock */ ;`
`784`		`-if (init_mutex==NULL)`
	`804`	`+if (ssl_config_mutex==NULL)`
`785`	`805`	`{`
`786`		`-if (pthread_mutex_init(&init_mutex,NULL))`
	`806`	`+if (pthread_mutex_init(&ssl_config_mutex,NULL))`
`787`	`807`	`return-1;`
`788`	`808`	`}`
`789`		`-InterlockedExchange(&mutex_initlock,0);`
	`809`	`+InterlockedExchange(&win32_ssl_create_mutex,0);`
`790`	`810`	`}`
`791`	`811`	`#endif`
`792`		`-if (pthread_mutex_lock(&init_mutex))`
	`812`	`+if (pthread_mutex_lock(&ssl_config_mutex))`
`793`	`813`	`return-1;`
`794`	`814`
`795`		`-if (pq_initssllib&&pq_lockarray==NULL)`
	`815`	`+if (pq_initssllib)`
`796`	`816`	`{`
`797`		`-inti;`
`798`		`-`
`799`		`-CRYPTO_set_id_callback(pq_threadidcallback);`
`800`		`-`
`801`		`-pq_lockarray=malloc(sizeof(pthread_mutex_t)*CRYPTO_num_locks());`
`802`		`-if (!pq_lockarray)`
`803`		`-{`
`804`		`-pthread_mutex_unlock(&init_mutex);`
`805`		`-return-1;`
`806`		`-}`
`807`		`-for (i=0;i<CRYPTO_num_locks();i++)`
	`817`	`+/*`
	`818`	`+ * If necessary, set up an array to hold locks for OpenSSL. OpenSSL will`
	`819`	`+ * tell us how big to make this array.`
	`820`	`+ */`
	`821`	`+if (pq_lockarray==NULL)`
`808`	`822`	`{`
`809`		`-if (pthread_mutex_init(&pq_lockarray[i],NULL))`
	`823`	`+inti;`
	`824`	`+`
	`825`	`+pq_lockarray=malloc(sizeof(pthread_mutex_t)*CRYPTO_num_locks());`
	`826`	`+if (!pq_lockarray)`
	`827`	`+{`
	`828`	`+pthread_mutex_unlock(&ssl_config_mutex);`
`810`	`829`	`return-1;`
	`830`	`+}`
	`831`	`+for (i=0;i<CRYPTO_num_locks();i++)`
	`832`	`+{`
	`833`	`+if (pthread_mutex_init(&pq_lockarray[i],NULL))`
	`834`	`+{`
	`835`	`+free(pq_lockarray);`
	`836`	`+pq_lockarray=NULL;`
	`837`	`+pthread_mutex_unlock(&ssl_config_mutex);`
	`838`	`+return-1;`
	`839`	`+}`
	`840`	`+}`
`811`	`841`	`}`
`812`	`842`
`813`		`-CRYPTO_set_locking_callback(pq_lockingcallback);`
	`843`	`+if (ssl_open_connections++==0)`
	`844`	`+{`
	`845`	`+/* These are only required for threaded SSL applications */`
	`846`	`+CRYPTO_set_id_callback(pq_threadidcallback);`
	`847`	`+CRYPTO_set_locking_callback(pq_lockingcallback);`
	`848`	`+}`
`814`	`849`	`}`
`815`		`-#endif`
	`850`	`+#endif/* ENABLE_THREAD_SAFETY */`
	`851`	`+`
`816`	`852`	`if (!SSL_context)`
`817`	`853`	`{`
`818`	`854`	`if (pq_initssllib)`
`@@ -833,19 +869,67 @@ init_ssl_system(PGconn *conn)`
`833`	`869`	`err);`
`834`	`870`	`SSLerrfree(err);`
`835`	`871`	`#ifdefENABLE_THREAD_SAFETY`
`836`		`-pthread_mutex_unlock(&init_mutex);`
	`872`	`+pthread_mutex_unlock(&ssl_config_mutex);`
`837`	`873`	`#endif`
`838`	`874`	`return-1;`
`839`	`875`	`}`
`840`	`876`	`}`
	`877`	`+`
`841`	`878`	`#ifdefENABLE_THREAD_SAFETY`
`842`		`-pthread_mutex_unlock(&init_mutex);`
	`879`	`+pthread_mutex_unlock(&ssl_config_mutex);`
`843`	`880`	`#endif`
`844`	`881`	`return0;`
`845`	`882`	`}`
`846`	`883`
`847`	`884`	`/*`
`848`		`- *Initialize global SSL context.`
	`885`	`+ *This function is needed because if the libpq library is unloaded`
	`886`	`+ *from the application, the callback functions will no longer exist when`
	`887`	`+ *SSL used by other parts of the system. For this reason,`
	`888`	`+ *we unregister the SSL callback functions when the last libpq`
	`889`	`+ *connection is closed.`
	`890`	`+ *`
	`891`	`+ *Callbacks are only set when we're compiled in threadsafe mode, so`
	`892`	`+ *we only need to remove them in this case.`
	`893`	`+ */`
	`894`	`+staticvoid`
	`895`	`+destroy_ssl_system(void)`
	`896`	`+{`
	`897`	`+#ifdefENABLE_THREAD_SAFETY`
	`898`	`+/* Mutex is created in initialize_ssl_system() */`
	`899`	`+if (pthread_mutex_lock(&ssl_config_mutex))`
	`900`	`+return;`
	`901`	`+`
	`902`	`+if (pq_initssllib)`
	`903`	`+{`
	`904`	`+if (ssl_open_connections>0)`
	`905`	`+--ssl_open_connections;`
	`906`	`+`
	`907`	`+if (ssl_open_connections==0)`
	`908`	`+{`
	`909`	`+/* No connections left, unregister all callbacks */`
	`910`	`+CRYPTO_set_locking_callback(NULL);`
	`911`	`+CRYPTO_set_id_callback(NULL);`
	`912`	`+`
	`913`	`+/*`
	`914`	`+ * We don't free the lock array. If we get another connection`
	`915`	`+ * from the same caller, we will just re-use it with the existing`
	`916`	`+ * mutexes.`
	`917`	`+ *`
	`918`	`+ * This means we leak a little memory on repeated load/unload`
	`919`	`+ * of the library.`
	`920`	`+ */`
	`921`	`+free(pqlockarray);`
	`922`	`+pqlockarray=NULL;`
	`923`	`+}`
	`924`	`+}`
	`925`	`+`
	`926`	`+pthread_mutex_unlock(&ssl_config_mutex);`
	`927`	`+#endif`
	`928`	`+return;`
	`929`	`+}`
	`930`	`+`
	`931`	`+/*`
	`932`	`+ *Initialize SSL context.`
`849`	`933`	`*/`
`850`	`934`	`staticint`
`851`	`935`	`initialize_SSL(PGconn*conn)`
`@@ -932,17 +1016,10 @@ initialize_SSL(PGconn *conn)`
`932`	`1016`	`return0;`
`933`	`1017`	`}`
`934`	`1018`
`935`		`-/*`
`936`		`- *Destroy global SSL context.`
`937`		`- */`
`938`	`1019`	`staticvoid`
`939`		`-destroy_SSL(void)`
	`1020`	`+destroySSL(void)`
`940`	`1021`	`{`
`941`		`-if (SSL_context)`
`942`		`-{`
`943`		`-SSL_CTX_free(SSL_context);`
`944`		`-SSL_context=NULL;`
`945`		`-}`
	`1022`	`+destroy_ssl_system();`
`946`	`1023`	`}`
`947`	`1024`
`948`	`1025`	`/*`
`@@ -1061,6 +1138,7 @@ close_SSL(PGconn *conn)`
`1061`	`1138`	`SSL_shutdown(conn->ssl);`
`1062`	`1139`	`SSL_free(conn->ssl);`
`1063`	`1140`	`conn->ssl=NULL;`
	`1141`	`+pqsecure_destroy();`
`1064`	`1142`	`/* We have to assume we got EPIPE */`
`1065`	`1143`	`REMEMBER_EPIPE(true);`
`1066`	`1144`	`RESTORE_SIGPIPE();`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit4e81628

File tree

2 files changed

2 files changed

`‎src/backend/libpq/be-secure.c`

`‎src/interfaces/libpq/fe-secure.c`

0 commit comments