// Process the identity ('I') message, reporting the identity therein. func processIdentMsg(msgInit msgInit, exit exitFn) string { var m core.Message msgInit(&m, exit) // Read the remote system identifier string if m.MsgType() != 'I' { exit("expected identification ('I') message, "+ "but received %c", m.MsgType()) } // hard-coded lengh limit, but it's very generous if m.Size() > 10*KB { log.Printf("oversized message string, msg size is %d", m.Size()) } s, err := buf.ReadCString(m.Payload()) if err != nil { exit("couldn't read identification string: %v", err) } return s }
// Read the version message, calling exit if this is not a supported // version. func processVerMsg(msgInit msgInit, exit exitFn) { var m core.Message msgInit(&m, exit) if m.MsgType() != 'V' { exit("expected version ('V') message, "+ "but received %c", m.MsgType()) } // hard-coded lengh limit, but it's very generous if m.Size() > 10*KB { log.Printf("oversized message string, msg size is %d", m.Size()) } s, err := buf.ReadCString(m.Payload()) if err != nil { exit("couldn't read version string: %v", err) } if !(strings.HasPrefix(s, "PG-9.0") || strings.HasPrefix(s, "PG-9.1") || strings.HasPrefix(s, "PG-9.2") || strings.HasPrefix(s, "PG-9.3") || strings.HasPrefix(s, "PG-9.4") || strings.HasPrefix(s, "PG-9.5")) || !strings.HasSuffix(s, "/logfebe-1") { exit("protocol version not supported: %s", s) } }
func (c *FrontendConnection) discardUntilSync() error { var message fbcore.Message for { err := c.stream.Next(&message) if err != nil { return err } switch message.MsgType() { case fbproto.MsgSyncS: _, err = message.Force() return nil default: _, err = message.Force() } if err != nil { return err } } }
// This is the main loop for processing messages from the frontend. Note that // we must *never* send anything directly to the connection; all communication // must go through queryResultCh. We're also not responsible for doing any // cleanup in any case; that'll all be handled by mainLoop. func (c *FrontendConnection) queryProcessingMainLoop() { var unnamedStatement FrontendQuery var queryResult QueryResult var sendReadyForQuery bool sessionLoop: for { var message fbcore.Message err := c.stream.Next(&message) if err != nil { c.setSessionError(err) break sessionLoop } queryResult = nil sendReadyForQuery = false switch message.MsgType() { case fbproto.MsgParseP: queryString, err := c.readParseMessage(&message) if err != nil { c.setSessionError(err) break sessionLoop } unnamedStatement, err = ParseQuery(queryString) if err != nil { queryResult = NewErrorResponse("42601", err.Error()) c.queryResultCh <- queryResultSync{queryResult, false} err = c.discardUntilSync() if err != nil { c.setSessionError(err) break sessionLoop } queryResult = NewNopResponder() sendReadyForQuery = true } else { queryResult = NewParseComplete() sendReadyForQuery = false } case fbproto.MsgExecuteE: err = c.readExecuteMessage(&message) if unnamedStatement == nil { err = fmt.Errorf("attempted to execute the unnamed prepared statement when one does not exist") c.setSessionError(err) break sessionLoop } queryResult, err = unnamedStatement.Process(c) if err != nil { c.setSessionError(err) break sessionLoop } sendReadyForQuery = false // Disallow reuse; not exactly following the protocol to the letter, // but apps reusing the unnamed statement should not exist, either. unnamedStatement = nil case fbproto.MsgDescribeD: _, err = c.readDescribeMessage(&message) if err != nil { c.setSessionError(err) break sessionLoop } if unnamedStatement == nil { err = fmt.Errorf("attempted to describe the unnamed prepared statement when one does not exist") c.setSessionError(err) break sessionLoop } queryResult = unnamedStatement.Describe() sendReadyForQuery = false case fbproto.MsgBindB: err = c.readBindMessage(&message) if err != nil { c.setSessionError(err) break sessionLoop } queryResult = NewBindComplete() sendReadyForQuery = false case fbproto.MsgSyncS: queryResult = NewNopResponder() sendReadyForQuery = true case fbproto.MsgQueryQ: query, err := fbproto.ReadQuery(&message) if err != nil { c.setSessionError(err) break sessionLoop } q, err := ParseQuery(query.Query) if err != nil { queryResult = NewErrorResponse("42601", err.Error()) } else { resultDescription := q.Describe() // Special case in SimpleQuery processing: we only send the // Describe() response over if it's a RowDescription. This is // somewhat magical and very weird, but that's what the upstream // server does, so we ought to do the same thing here. if DescriptionIsRowDescription(resultDescription) { c.queryResultCh <- queryResultSync{resultDescription, false} } queryResult, err = q.Process(c) if err != nil { c.setSessionError(err) break sessionLoop } } sendReadyForQuery = true // Simple Query also clears the unnamed statement; this matches // what Postgres does. unnamedStatement = nil case fbproto.MsgTerminateX: c.setSessionError(errGracefulTermination) break sessionLoop default: c.setSessionError(fmt.Errorf("unrecognized frontend message type 0x%x", message.MsgType())) break sessionLoop } if queryResult != nil { c.queryResultCh <- queryResultSync{queryResult, sendReadyForQuery} } } // wake mainLoop to clean up close(c.queryResultCh) }
func (c *FrontendConnection) startup(startupParameters map[string]string, dbcfg VirtualDatabaseConfiguration) bool { var message fbcore.Message var err error for { err = c.stream.Next(&message) if err != nil { elog.Logf("error while reading startup packet: %s", err) return false } if fbproto.IsStartupMessage(&message) { break } else if fbproto.IsSSLRequest(&message) { _, err = message.Force() if err != nil { elog.Logf("error while reading SSLRequest: %s", err) return false } err = c.stream.SendSSLRequestResponse(fbcore.RejectSSLRequest) if err != nil { elog.Logf("error during startup sequence: %s", err) return false } err = c.FlushStream() if err != nil { elog.Logf("error during startup sequence: %s", err) } } else if fbproto.IsCancelRequest(&message) { _ = c.stream.Close() return false } else { elog.Warningf("unrecognized frontend message type 0x%x during startup", message.MsgType()) return false } } sm, err := fbproto.ReadStartupMessage(&message) if err != nil { elog.Logf("error while reading startup packet: %s", err) return false } if !c.auth(dbcfg, sm) { // error already logged _ = c.stream.Close() return false } fbproto.InitAuthenticationOk(&message) err = c.WriteMessage(&message) if err != nil { elog.Logf("error during startup sequence: %s", err) return false } for k, v := range startupParameters { buf := &bytes.Buffer{} fbbuf.WriteCString(buf, k) fbbuf.WriteCString(buf, v) message.InitFromBytes(fbproto.MsgParameterStatusS, buf.Bytes()) err = c.WriteMessage(&message) if err != nil { elog.Logf("error during startup sequence: %s", err) return false } } fbproto.InitReadyForQuery(&message, fbproto.RfqIdle) err = c.WriteMessage(&message) if err != nil { elog.Logf("error during startup sequence: %s", err) return false } err = c.FlushStream() if err != nil { elog.Logf("error during startup sequence: %s", err) return false } return true }
func (c *FrontendConnection) auth(dbcfg VirtualDatabaseConfiguration, sm *fbproto.StartupMessage) bool { authFailed := func(sqlstate, format string, v ...interface{}) bool { var msg fbcore.Message message := fmt.Sprintf(format, v...) initFatalMessage(&msg, sqlstate, message) _ = c.WriteMessage(&msg) _ = c.FlushStream() return false } username, ok := sm.Params["user"] if !ok { return authFailed("08P01", `required startup parameter "user" nor present in startup packet`) } dbname, ok := sm.Params["database"] if !ok { dbname = username } authMethod, ok := dbcfg.FindDatabase(dbname) if !ok { return authFailed("3D000", "database %q does not exist", dbname) } switch authMethod { case "trust": return true case "md5": // handled below default: elog.Errorf("unrecognized authentication method %q", authMethod) return authFailed("XX000", "internal error") } salt := make([]byte, 4) _, err := rand.Read(salt) if err != nil { elog.Errorf("could not generate random salt: %s", err) return authFailed("XX000", "internal error") } var msg fbcore.Message buf := &bytes.Buffer{} fbbuf.WriteInt32(buf, 5) buf.Write(salt) msg.InitFromBytes(fbproto.MsgAuthenticationMD5PasswordR, buf.Bytes()) err = c.WriteAndFlush(&msg) if err != nil { elog.Logf("error during startup sequence: %s", err) return false } err = c.stream.Next(&msg) if err == io.EOF { elog.Debugf("EOF during startup sequence") return false } else if err != nil { elog.Logf("error during startup sequence: %s", err) return false } if msg.MsgType() != fbproto.MsgPasswordMessageP { return authFailed("08P01", "unexpected response %x", msg.MsgType()) } // don't bother with messages which are clearly too big if msg.Size() > 100 { return authFailed("28001", "password authentication failed for user %q", username) } password, err := msg.Force() if err != nil { elog.Logf("error during startup sequence: %s", err) return false } success, err := dbcfg.MD5Auth(dbname, username, salt, password) if err != nil { elog.Logf("error during startup sequence: %s", err) return false } if !success { return authFailed("28001", "password authentication failed for user %q", username) } return true }