func (c *FrontendConnection) discardUntilSync() error {
var message fbcore.Message
for {
err := c.stream.Next(&message)
if err != nil {
return err
}
switch message.MsgType() {
case fbproto.MsgSyncS:
_, err = message.Force()
return nil
default:
_, err = message.Force()
}
if err != nil {
return err
}
}
}
// Process a log message, sending it to the client.
func processLogMsg(die dieCh, primary *logplexc.Client, audit *logplexc.Client,
msgInit msgInit, sr *serveRecord, exit exitFn) {
var m core.Message
for {
// Poll request to exit
select {
case <-die:
return
default:
break
}
msgInit(&m, exit)
// Refuse to handle any log message above an arbitrary
// size. Furthermore, exit the worker, closing the0
// connection, so that the client doesn't even bother
// to wait for this process to drain the oversized
// item and anything following it; these will be
// dropped. It's on the client to gracefully handle
// the error and re-connect after this happens.
if m.Size() > 1*MB {
exit("client %q sent oversized log record")
}
payload, err := m.Force()
if err != nil {
exit("could not retrieve payload of message: %v",
err)
}
var lr logRecord
parseLogRecord(&lr, payload, exit)
routeLogRecord(&lr, primary, audit, sr, exit)
}
}
func (c *FrontendConnection) startup(startupParameters map[string]string, dbcfg VirtualDatabaseConfiguration) bool {
var message fbcore.Message
var err error
for {
err = c.stream.Next(&message)
if err != nil {
elog.Logf("error while reading startup packet: %s", err)
return false
}
if fbproto.IsStartupMessage(&message) {
break
} else if fbproto.IsSSLRequest(&message) {
_, err = message.Force()
if err != nil {
elog.Logf("error while reading SSLRequest: %s", err)
return false
}
err = c.stream.SendSSLRequestResponse(fbcore.RejectSSLRequest)
if err != nil {
elog.Logf("error during startup sequence: %s", err)
return false
}
err = c.FlushStream()
if err != nil {
elog.Logf("error during startup sequence: %s", err)
}
} else if fbproto.IsCancelRequest(&message) {
_ = c.stream.Close()
return false
} else {
elog.Warningf("unrecognized frontend message type 0x%x during startup", message.MsgType())
return false
}
}
sm, err := fbproto.ReadStartupMessage(&message)
if err != nil {
elog.Logf("error while reading startup packet: %s", err)
return false
}
if !c.auth(dbcfg, sm) {
// error already logged
_ = c.stream.Close()
return false
}
fbproto.InitAuthenticationOk(&message)
err = c.WriteMessage(&message)
if err != nil {
elog.Logf("error during startup sequence: %s", err)
return false
}
for k, v := range startupParameters {
buf := &bytes.Buffer{}
fbbuf.WriteCString(buf, k)
fbbuf.WriteCString(buf, v)
message.InitFromBytes(fbproto.MsgParameterStatusS, buf.Bytes())
err = c.WriteMessage(&message)
if err != nil {
elog.Logf("error during startup sequence: %s", err)
return false
}
}
fbproto.InitReadyForQuery(&message, fbproto.RfqIdle)
err = c.WriteMessage(&message)
if err != nil {
elog.Logf("error during startup sequence: %s", err)
return false
}
err = c.FlushStream()
if err != nil {
elog.Logf("error during startup sequence: %s", err)
return false
}
return true
}
func (c *FrontendConnection) auth(dbcfg VirtualDatabaseConfiguration, sm *fbproto.StartupMessage) bool {
authFailed := func(sqlstate, format string, v ...interface{}) bool {
var msg fbcore.Message
message := fmt.Sprintf(format, v...)
initFatalMessage(&msg, sqlstate, message)
_ = c.WriteMessage(&msg)
_ = c.FlushStream()
return false
}
username, ok := sm.Params["user"]
if !ok {
return authFailed("08P01", `required startup parameter "user" nor present in startup packet`)
}
dbname, ok := sm.Params["database"]
if !ok {
dbname = username
}
authMethod, ok := dbcfg.FindDatabase(dbname)
if !ok {
return authFailed("3D000", "database %q does not exist", dbname)
}
switch authMethod {
case "trust":
return true
case "md5":
// handled below
default:
elog.Errorf("unrecognized authentication method %q", authMethod)
return authFailed("XX000", "internal error")
}
salt := make([]byte, 4)
_, err := rand.Read(salt)
if err != nil {
elog.Errorf("could not generate random salt: %s", err)
return authFailed("XX000", "internal error")
}
var msg fbcore.Message
buf := &bytes.Buffer{}
fbbuf.WriteInt32(buf, 5)
buf.Write(salt)
msg.InitFromBytes(fbproto.MsgAuthenticationMD5PasswordR, buf.Bytes())
err = c.WriteAndFlush(&msg)
if err != nil {
elog.Logf("error during startup sequence: %s", err)
return false
}
err = c.stream.Next(&msg)
if err == io.EOF {
elog.Debugf("EOF during startup sequence")
return false
} else if err != nil {
elog.Logf("error during startup sequence: %s", err)
return false
}
if msg.MsgType() != fbproto.MsgPasswordMessageP {
return authFailed("08P01", "unexpected response %x", msg.MsgType())
}
// don't bother with messages which are clearly too big
if msg.Size() > 100 {
return authFailed("28001", "password authentication failed for user %q", username)
}
password, err := msg.Force()
if err != nil {
elog.Logf("error during startup sequence: %s", err)
return false
}
success, err := dbcfg.MD5Auth(dbname, username, salt, password)
if err != nil {
elog.Logf("error during startup sequence: %s", err)
return false
}
if !success {
return authFailed("28001", "password authentication failed for user %q", username)
}
return true
}