Datum
gbt_tstz_compress(PG_FUNCTION_ARGS)
{
GISTENTRY *entry = (GISTENTRY *) PG_GETARG_POINTER(0);
GISTENTRY *retval;
if (entry->leafkey)
{
tsKEY *r = (tsKEY *) palloc(sizeof(tsKEY));
TimestampTz ts = DatumGetTimestampTz(entry->key);
Timestamp gmt;
gmt = tstz_to_ts_gmt(ts);
retval = palloc(sizeof(GISTENTRY));
r->lower = r->upper = gmt;
gistentryinit(*retval, PointerGetDatum(r),
entry->rel, entry->page,
entry->offset, FALSE);
}
else
retval = entry;
PG_RETURN_POINTER(retval);
}
/*
* Fetch stored password for a user, for authentication.
*
* On error, returns NULL, and stores a palloc'd string describing the reason,
* for the postmaster log, in *logdetail. The error reason should *not* be
* sent to the client, to avoid giving away user information!
*/
char *
get_role_password(const char *role, char **logdetail)
{
TimestampTz vuntil = 0;
HeapTuple roleTup;
Datum datum;
bool isnull;
char *shadow_pass;
/* Get role info from pg_authid */
roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(role));
if (!HeapTupleIsValid(roleTup))
{
*logdetail = psprintf(_("Role \"%s\" does not exist."),
role);
return NULL; /* no such user */
}
datum = SysCacheGetAttr(AUTHNAME, roleTup,
Anum_pg_authid_rolpassword, &isnull);
if (isnull)
{
ReleaseSysCache(roleTup);
*logdetail = psprintf(_("User \"%s\" has no password assigned."),
role);
return NULL; /* user has no password */
}
shadow_pass = TextDatumGetCString(datum);
datum = SysCacheGetAttr(AUTHNAME, roleTup,
Anum_pg_authid_rolvaliduntil, &isnull);
if (!isnull)
vuntil = DatumGetTimestampTz(datum);
ReleaseSysCache(roleTup);
/*
* Password OK, but check to be sure we are not past rolvaliduntil
*/
if (!isnull && vuntil < GetCurrentTimestamp())
{
*logdetail = psprintf(_("User \"%s\" has an expired password."),
role);
return NULL;
}
return shadow_pass;
}
static void timestamptz_to_json(Datum val, StringInfo dst)
{
char buf[MAXDATELEN + 1];
int tz;
struct pg_tm tm;
fsec_t fsec;
const char *tzn = NULL;
TimestampTz timestamp = DatumGetTimestampTz(val);
if (TIMESTAMP_NOT_FINITE(timestamp))
EncodeSpecialTimestamp(timestamp, buf);
else if (timestamp2tm(timestamp, &tz, &tm, &fsec, &tzn, NULL) == 0)
EncodeDateTime(&tm, fsec, true, tz, tzn, USE_XSD_DATES, buf);
else
ereport(ERROR,
(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),
errmsg("timestamp out of range")));
appendStringInfo(dst, "\"%s\"", buf);
}
/*
* Check given password for given user, and return STATUS_OK or STATUS_ERROR.
*
* 'client_pass' is the password response given by the remote user. If
* 'md5_salt' is not NULL, it is a response to an MD5 authentication
* challenge, with the given salt. Otherwise, it is a plaintext password.
*
* In the error case, optionally store a palloc'd string at *logdetail
* that will be sent to the postmaster log (but not the client).
*/
int
md5_crypt_verify(const char *role, char *client_pass,
char *md5_salt, int md5_salt_len, char **logdetail)
{
int retval = STATUS_ERROR;
char *shadow_pass,
*crypt_pwd;
TimestampTz vuntil = 0;
char *crypt_client_pass = client_pass;
HeapTuple roleTup;
Datum datum;
bool isnull;
/* Get role info from pg_authid */
roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(role));
if (!HeapTupleIsValid(roleTup))
{
*logdetail = psprintf(_("Role \"%s\" does not exist."),
role);
return STATUS_ERROR; /* no such user */
}
datum = SysCacheGetAttr(AUTHNAME, roleTup,
Anum_pg_authid_rolpassword, &isnull);
if (isnull)
{
ReleaseSysCache(roleTup);
*logdetail = psprintf(_("User \"%s\" has no password assigned."),
role);
return STATUS_ERROR; /* user has no password */
}
shadow_pass = TextDatumGetCString(datum);
datum = SysCacheGetAttr(AUTHNAME, roleTup,
Anum_pg_authid_rolvaliduntil, &isnull);
if (!isnull)
vuntil = DatumGetTimestampTz(datum);
ReleaseSysCache(roleTup);
if (*shadow_pass == '\0')
{
*logdetail = psprintf(_("User \"%s\" has an empty password."),
role);
return STATUS_ERROR; /* empty password */
}
/*
* Compare with the encrypted or plain password depending on the
* authentication method being used for this connection. (We do not
* bother setting logdetail for pg_md5_encrypt failure: the only possible
* error is out-of-memory, which is unlikely, and if it did happen adding
* a psprintf call would only make things worse.)
*/
if (md5_salt)
{
/* MD5 authentication */
Assert(md5_salt_len > 0);
crypt_pwd = palloc(MD5_PASSWD_LEN + 1);
if (isMD5(shadow_pass))
{
/* stored password already encrypted, only do salt */
if (!pg_md5_encrypt(shadow_pass + strlen("md5"),
md5_salt, md5_salt_len,
crypt_pwd))
{
pfree(crypt_pwd);
return STATUS_ERROR;
}
}
else
{
/* stored password is plain, double-encrypt */
char *crypt_pwd2 = palloc(MD5_PASSWD_LEN + 1);
if (!pg_md5_encrypt(shadow_pass,
role,
strlen(role),
crypt_pwd2))
{
pfree(crypt_pwd);
pfree(crypt_pwd2);
return STATUS_ERROR;
}
if (!pg_md5_encrypt(crypt_pwd2 + strlen("md5"),
md5_salt, md5_salt_len,
crypt_pwd))
{
pfree(crypt_pwd);
pfree(crypt_pwd2);
return STATUS_ERROR;
}
pfree(crypt_pwd2);
}
}
else
{
/* Client sent password in plaintext */
if (isMD5(shadow_pass))
{
/* Encrypt user-supplied password to match stored MD5 */
crypt_client_pass = palloc(MD5_PASSWD_LEN + 1);
if (!pg_md5_encrypt(client_pass,
role,
strlen(role),
crypt_client_pass))
{
pfree(crypt_client_pass);
return STATUS_ERROR;
}
}
crypt_pwd = shadow_pass;
}
if (strcmp(crypt_client_pass, crypt_pwd) == 0)
{
/*
* Password OK, now check to be sure we are not past rolvaliduntil
*/
if (isnull)
retval = STATUS_OK;
else if (vuntil < GetCurrentTimestamp())
{
*logdetail = psprintf(_("User \"%s\" has an expired password."),
role);
retval = STATUS_ERROR;
}
else
retval = STATUS_OK;
}
else
*logdetail = psprintf(_("Password does not match for user \"%s\"."),
role);
if (crypt_pwd != shadow_pass)
pfree(crypt_pwd);
if (crypt_client_pass != client_pass)
pfree(crypt_client_pass);
return retval;
}
/*
* Check given password for given user, and return STATUS_OK or STATUS_ERROR.
* In the error case, optionally store a palloc'd string at *logdetail
* that will be sent to the postmaster log (but not the client).
*/
int
md5_crypt_verify(const Port *port, const char *role, char *client_pass,
char **logdetail)
{
int retval = STATUS_ERROR;
char *shadow_pass,
*crypt_pwd;
TimestampTz vuntil = 0;
char *crypt_client_pass = client_pass;
HeapTuple roleTup;
Datum datum;
bool isnull;
/*
* Disable immediate interrupts while doing database access. (Note we
* don't bother to turn this back on if we hit one of the failure
* conditions, since we can expect we'll just exit right away anyway.)
*/
ImmediateInterruptOK = false;
/* Get role info from pg_authid */
roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(role));
if (!HeapTupleIsValid(roleTup))
return STATUS_ERROR; /* no such user */
datum = SysCacheGetAttr(AUTHNAME, roleTup,
Anum_pg_authid_rolpassword, &isnull);
if (isnull)
{
ReleaseSysCache(roleTup);
*logdetail = psprintf(_("User \"%s\" has no password assigned."),
role);
return STATUS_ERROR; /* user has no password */
}
shadow_pass = TextDatumGetCString(datum);
datum = SysCacheGetAttr(AUTHNAME, roleTup,
Anum_pg_authid_rolvaliduntil, &isnull);
if (!isnull)
vuntil = DatumGetTimestampTz(datum);
ReleaseSysCache(roleTup);
if (*shadow_pass == '\0')
return STATUS_ERROR; /* empty password */
/* Re-enable immediate response to SIGTERM/SIGINT/timeout interrupts */
ImmediateInterruptOK = true;
/* And don't forget to detect one that already arrived */
CHECK_FOR_INTERRUPTS();
/*
* Compare with the encrypted or plain password depending on the
* authentication method being used for this connection.
*/
switch (port->hba->auth_method)
{
case uaMD5:
crypt_pwd = palloc(MD5_PASSWD_LEN + 1);
if (isMD5(shadow_pass))
{
/* stored password already encrypted, only do salt */
if (!pg_md5_encrypt(shadow_pass + strlen("md5"),
port->md5Salt,
sizeof(port->md5Salt), crypt_pwd))
{
pfree(crypt_pwd);
return STATUS_ERROR;
}
}
else
{
/* stored password is plain, double-encrypt */
char *crypt_pwd2 = palloc(MD5_PASSWD_LEN + 1);
if (!pg_md5_encrypt(shadow_pass,
port->user_name,
strlen(port->user_name),
crypt_pwd2))
{
pfree(crypt_pwd);
pfree(crypt_pwd2);
return STATUS_ERROR;
}
if (!pg_md5_encrypt(crypt_pwd2 + strlen("md5"),
port->md5Salt,
sizeof(port->md5Salt),
crypt_pwd))
{
pfree(crypt_pwd);
pfree(crypt_pwd2);
return STATUS_ERROR;
}
pfree(crypt_pwd2);
}
break;
default:
if (isMD5(shadow_pass))
{
/* Encrypt user-supplied password to match stored MD5 */
crypt_client_pass = palloc(MD5_PASSWD_LEN + 1);
if (!pg_md5_encrypt(client_pass,
port->user_name,
strlen(port->user_name),
crypt_client_pass))
{
pfree(crypt_client_pass);
return STATUS_ERROR;
}
}
crypt_pwd = shadow_pass;
break;
}
if (strcmp(crypt_client_pass, crypt_pwd) == 0)
{
/*
* Password OK, now check to be sure we are not past rolvaliduntil
*/
if (isnull)
retval = STATUS_OK;
else if (vuntil < GetCurrentTimestamp())
{
*logdetail = psprintf(_("User \"%s\" has an expired password."),
role);
retval = STATUS_ERROR;
}
else
retval = STATUS_OK;
}
if (port->hba->auth_method == uaMD5)
pfree(crypt_pwd);
if (crypt_client_pass != client_pass)
pfree(crypt_client_pass);
return retval;
}
/*
* Add an attribute to the hash calculation.
* **IMPORTANT: any new hard coded support for a data type in here
* must be added to isGreenplumDbHashable() below!
*
* Note that the caller should provide the base type if the datum is
* of a domain type. It is quite expensive to call get_typtype() and
* getBaseType() here since this function gets called a lot for the
* same set of Datums.
*
* @param hashFn called to update the hash value.
* @param clientData passed to hashFn.
*/
void
hashDatum(Datum datum, Oid type, datumHashFunction hashFn, void *clientData)
{
void *buf = NULL; /* pointer to the data */
size_t len = 0; /* length for the data buffer */
int64 intbuf; /* an 8 byte buffer for all integer sizes */
float4 buf_f4;
float8 buf_f8;
Timestamp tsbuf; /* timestamp data dype is either a double or
* int8 (determined in compile time) */
TimestampTz tstzbuf;
DateADT datebuf;
TimeADT timebuf;
TimeTzADT *timetzptr;
Interval *intervalptr;
AbsoluteTime abstime_buf;
RelativeTime reltime_buf;
TimeInterval tinterval;
AbsoluteTime tinterval_len;
Numeric num;
bool bool_buf;
char char_buf;
Name namebuf;
ArrayType *arrbuf;
inet *inetptr; /* inet/cidr */
unsigned char inet_hkey[sizeof(inet_struct)];
macaddr *macptr; /* MAC address */
VarBit *vbitptr;
int2vector *i2vec_buf;
oidvector *oidvec_buf;
Cash cash_buf;
AclItem *aclitem_ptr;
uint32 aclitem_buf;
/*
* special case buffers
*/
uint32 nanbuf;
uint32 invalidbuf;
void *tofree = NULL;
/*
* Select the hash to be performed according to the field type we are adding to the
* hash.
*/
switch (type)
{
/*
* ======= NUMERIC TYPES ========
*/
case INT2OID: /* -32 thousand to 32 thousand, 2-byte storage */
intbuf = (int64) DatumGetInt16(datum); /* cast to 8 byte before
* hashing */
buf = &intbuf;
len = sizeof(intbuf);
break;
case INT4OID: /* -2 billion to 2 billion integer, 4-byte
* storage */
intbuf = (int64) DatumGetInt32(datum); /* cast to 8 byte before
* hashing */
buf = &intbuf;
len = sizeof(intbuf);
break;
case INT8OID: /* ~18 digit integer, 8-byte storage */
intbuf = DatumGetInt64(datum); /* cast to 8 byte before
* hashing */
buf = &intbuf;
len = sizeof(intbuf);
break;
case FLOAT4OID: /* single-precision floating point number,
* 4-byte storage */
buf_f4 = DatumGetFloat4(datum);
/*
* On IEEE-float machines, minus zero and zero have different bit
* patterns but should compare as equal. We must ensure that they
* have the same hash value, which is most easily done this way:
*/
if (buf_f4 == (float4) 0)
buf_f4 = 0.0;
buf = &buf_f4;
len = sizeof(buf_f4);
break;
case FLOAT8OID: /* double-precision floating point number,
* 8-byte storage */
buf_f8 = DatumGetFloat8(datum);
/*
* On IEEE-float machines, minus zero and zero have different bit
* patterns but should compare as equal. We must ensure that they
* have the same hash value, which is most easily done this way:
*/
if (buf_f8 == (float8) 0)
buf_f8 = 0.0;
buf = &buf_f8;
len = sizeof(buf_f8);
break;
case NUMERICOID:
num = DatumGetNumeric(datum);
if (NUMERIC_IS_NAN(num))
{
nanbuf = NAN_VAL;
buf = &nanbuf;
len = sizeof(nanbuf);
}
else
/* not a nan */
{
buf = num->n_data;
len = (VARSIZE(num) - NUMERIC_HDRSZ);
}
/*
* If we did a pg_detoast_datum, we need to remember to pfree,
* or we will leak memory. Because of the 1-byte varlena header stuff.
*/
if (num != DatumGetPointer(datum))
tofree = num;
break;
/*
* ====== CHARACTER TYPES =======
*/
case CHAROID: /* char(1), single character */
char_buf = DatumGetChar(datum);
buf = &char_buf;
len = 1;
break;
case BPCHAROID: /* char(n), blank-padded string, fixed storage */
case TEXTOID: /* text */
case VARCHAROID: /* varchar */
case BYTEAOID: /* bytea */
{
int tmplen;
varattrib_untoast_ptr_len(datum, (char **) &buf, &tmplen, &tofree);
/* adjust length to not include trailing blanks */
if (type != BYTEAOID && tmplen > 1)
tmplen = ignoreblanks((char *) buf, tmplen);
len = tmplen;
break;
}
case NAMEOID:
namebuf = DatumGetName(datum);
len = NAMEDATALEN;
buf = NameStr(*namebuf);
/* adjust length to not include trailing blanks */
if (len > 1)
len = ignoreblanks((char *) buf, len);
break;
/*
* ====== OBJECT IDENTIFIER TYPES ======
*/
case OIDOID: /* object identifier(oid), maximum 4 billion */
case REGPROCOID: /* function name */
case REGPROCEDUREOID: /* function name with argument types */
case REGOPEROID: /* operator name */
case REGOPERATOROID: /* operator with argument types */
case REGCLASSOID: /* relation name */
case REGTYPEOID: /* data type name */
intbuf = (int64) DatumGetUInt32(datum); /* cast to 8 byte before hashing */
buf = &intbuf;
len = sizeof(intbuf);
break;
case TIDOID: /* tuple id (6 bytes) */
buf = DatumGetPointer(datum);
len = SizeOfIptrData;
break;
/*
* ====== DATE/TIME TYPES ======
*/
case TIMESTAMPOID: /* date and time */
tsbuf = DatumGetTimestamp(datum);
buf = &tsbuf;
len = sizeof(tsbuf);
break;
case TIMESTAMPTZOID: /* date and time with time zone */
tstzbuf = DatumGetTimestampTz(datum);
buf = &tstzbuf;
len = sizeof(tstzbuf);
break;
case DATEOID: /* ANSI SQL date */
datebuf = DatumGetDateADT(datum);
buf = &datebuf;
len = sizeof(datebuf);
break;
case TIMEOID: /* hh:mm:ss, ANSI SQL time */
timebuf = DatumGetTimeADT(datum);
buf = &timebuf;
len = sizeof(timebuf);
break;
case TIMETZOID: /* time with time zone */
/*
* will not compare to TIMEOID on equal values.
* Postgres never attempts to compare the two as well.
*/
timetzptr = DatumGetTimeTzADTP(datum);
buf = (unsigned char *) timetzptr;
/*
* Specify hash length as sizeof(double) + sizeof(int4), not as
* sizeof(TimeTzADT), so that any garbage pad bytes in the structure
* won't be included in the hash!
*/
len = sizeof(timetzptr->time) + sizeof(timetzptr->zone);
break;
case INTERVALOID: /* @ <number> <units>, time interval */
intervalptr = DatumGetIntervalP(datum);
buf = (unsigned char *) intervalptr;
/*
* Specify hash length as sizeof(double) + sizeof(int4), not as
* sizeof(Interval), so that any garbage pad bytes in the structure
* won't be included in the hash!
*/
len = sizeof(intervalptr->time) + sizeof(intervalptr->month);
break;
case ABSTIMEOID:
abstime_buf = DatumGetAbsoluteTime(datum);
if (abstime_buf == INVALID_ABSTIME)
{
/* hash to a constant value */
invalidbuf = INVALID_VAL;
len = sizeof(invalidbuf);
buf = &invalidbuf;
}
else
{
len = sizeof(abstime_buf);
buf = &abstime_buf;
}
break;
case RELTIMEOID:
reltime_buf = DatumGetRelativeTime(datum);
if (reltime_buf == INVALID_RELTIME)
{
/* hash to a constant value */
invalidbuf = INVALID_VAL;
len = sizeof(invalidbuf);
buf = &invalidbuf;
}
else
{
len = sizeof(reltime_buf);
buf = &reltime_buf;
}
break;
case TINTERVALOID:
tinterval = DatumGetTimeInterval(datum);
/*
* check if a valid interval. the '0' status code
* stands for T_INTERVAL_INVAL which is defined in
* nabstime.c. We use the actual value instead
* of defining it again here.
*/
if(tinterval->status == 0 ||
tinterval->data[0] == INVALID_ABSTIME ||
tinterval->data[1] == INVALID_ABSTIME)
{
/* hash to a constant value */
invalidbuf = INVALID_VAL;
len = sizeof(invalidbuf);
buf = &invalidbuf;
}
else
{
/* normalize on length of the time interval */
tinterval_len = tinterval->data[1] - tinterval->data[0];
len = sizeof(tinterval_len);
buf = &tinterval_len;
}
break;
/*
* ======= NETWORK TYPES ========
*/
case INETOID:
case CIDROID:
inetptr = DatumGetInetP(datum);
len = inet_getkey(inetptr, inet_hkey, sizeof(inet_hkey)); /* fill-in inet_key & get len */
buf = inet_hkey;
break;
case MACADDROID:
macptr = DatumGetMacaddrP(datum);
len = sizeof(macaddr);
buf = (unsigned char *) macptr;
break;
/*
* ======== BIT STRINGS ========
*/
case BITOID:
case VARBITOID:
/*
* Note that these are essentially strings.
* we don't need to worry about '10' and '010'
* to compare, b/c they will not, by design.
* (see SQL standard, and varbit.c)
*/
vbitptr = DatumGetVarBitP(datum);
len = VARBITBYTES(vbitptr);
buf = (char *) VARBITS(vbitptr);
break;
/*
* ======= other types =======
*/
case BOOLOID: /* boolean, 'true'/'false' */
bool_buf = DatumGetBool(datum);
buf = &bool_buf;
len = sizeof(bool_buf);
break;
/*
* We prepare the hash key for aclitems just like postgresql does.
* (see code and comment in acl.c: hash_aclitem() ).
*/
case ACLITEMOID:
aclitem_ptr = DatumGetAclItemP(datum);
aclitem_buf = (uint32) (aclitem_ptr->ai_privs + aclitem_ptr->ai_grantee + aclitem_ptr->ai_grantor);
buf = &aclitem_buf;
len = sizeof(aclitem_buf);
break;
/*
* ANYARRAY is a pseudo-type. We use it to include
* any of the array types (OIDs 1007-1033 in pg_type.h).
* caller needs to be sure the type is ANYARRAYOID
* before calling cdbhash on an array (INSERT and COPY do so).
*/
case ANYARRAYOID:
arrbuf = DatumGetArrayTypeP(datum);
len = VARSIZE(arrbuf) - VARHDRSZ;
buf = VARDATA(arrbuf);
break;
case INT2VECTOROID:
i2vec_buf = (int2vector *) DatumGetPointer(datum);
len = i2vec_buf->dim1 * sizeof(int2);
buf = (void *)i2vec_buf->values;
break;
case OIDVECTOROID:
oidvec_buf = (oidvector *) DatumGetPointer(datum);
len = oidvec_buf->dim1 * sizeof(Oid);
buf = oidvec_buf->values;
break;
case CASHOID: /* cash is stored in int32 internally */
cash_buf = (* (Cash *)DatumGetPointer(datum));
len = sizeof(Cash);
buf = &cash_buf;
break;
default:
ereport(ERROR,
(errcode(ERRCODE_CDB_FEATURE_NOT_YET),
errmsg("Type %u is not hashable.", type)));
} /* switch(type) */
/* do the hash using the selected algorithm */
hashFn(clientData, buf, len);
if(tofree)
pfree(tofree);
}
/*
* Turn a Datum into jsonb, adding it to the result JsonbInState.
*
* tcategory and outfuncoid are from a previous call to json_categorize_type,
* except that if is_null is true then they can be invalid.
*
* If key_scalar is true, the value is stored as a key, so insist
* it's of an acceptable type, and force it to be a jbvString.
*/
static void
datum_to_jsonb(Datum val, bool is_null, JsonbInState *result,
JsonbTypeCategory tcategory, Oid outfuncoid,
bool key_scalar)
{
char *outputstr;
bool numeric_error;
JsonbValue jb;
bool scalar_jsonb = false;
check_stack_depth();
/* Convert val to a JsonbValue in jb (in most cases) */
if (is_null)
{
Assert(!key_scalar);
jb.type = jbvNull;
}
else if (key_scalar &&
(tcategory == JSONBTYPE_ARRAY ||
tcategory == JSONBTYPE_COMPOSITE ||
tcategory == JSONBTYPE_JSON ||
tcategory == JSONBTYPE_JSONB ||
tcategory == JSONBTYPE_JSONCAST))
{
ereport(ERROR,
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
errmsg("key value must be scalar, not array, composite, or json")));
}
else
{
if (tcategory == JSONBTYPE_JSONCAST)
val = OidFunctionCall1(outfuncoid, val);
switch (tcategory)
{
case JSONBTYPE_ARRAY:
array_to_jsonb_internal(val, result);
break;
case JSONBTYPE_COMPOSITE:
composite_to_jsonb(val, result);
break;
case JSONBTYPE_BOOL:
if (key_scalar)
{
outputstr = DatumGetBool(val) ? "true" : "false";
jb.type = jbvString;
jb.val.string.len = strlen(outputstr);
jb.val.string.val = outputstr;
}
else
{
jb.type = jbvBool;
jb.val.boolean = DatumGetBool(val);
}
break;
case JSONBTYPE_NUMERIC:
outputstr = OidOutputFunctionCall(outfuncoid, val);
if (key_scalar)
{
/* always quote keys */
jb.type = jbvString;
jb.val.string.len = strlen(outputstr);
jb.val.string.val = outputstr;
}
else
{
/*
* Make it numeric if it's a valid JSON number, otherwise
* a string. Invalid numeric output will always have an
* 'N' or 'n' in it (I think).
*/
numeric_error = (strchr(outputstr, 'N') != NULL ||
strchr(outputstr, 'n') != NULL);
if (!numeric_error)
{
jb.type = jbvNumeric;
jb.val.numeric = DatumGetNumeric(DirectFunctionCall3(numeric_in, CStringGetDatum(outputstr), 0, -1));
pfree(outputstr);
}
else
{
jb.type = jbvString;
jb.val.string.len = strlen(outputstr);
jb.val.string.val = outputstr;
}
}
break;
case JSONBTYPE_DATE:
{
DateADT date;
struct pg_tm tm;
char buf[MAXDATELEN + 1];
date = DatumGetDateADT(val);
/* Same as date_out(), but forcing DateStyle */
if (DATE_NOT_FINITE(date))
EncodeSpecialDate(date, buf);
else
{
j2date(date + POSTGRES_EPOCH_JDATE,
&(tm.tm_year), &(tm.tm_mon), &(tm.tm_mday));
EncodeDateOnly(&tm, USE_XSD_DATES, buf);
}
jb.type = jbvString;
jb.val.string.len = strlen(buf);
jb.val.string.val = pstrdup(buf);
}
break;
case JSONBTYPE_TIMESTAMP:
{
Timestamp timestamp;
struct pg_tm tm;
fsec_t fsec;
char buf[MAXDATELEN + 1];
timestamp = DatumGetTimestamp(val);
/* Same as timestamp_out(), but forcing DateStyle */
if (TIMESTAMP_NOT_FINITE(timestamp))
EncodeSpecialTimestamp(timestamp, buf);
else if (timestamp2tm(timestamp, NULL, &tm, &fsec, NULL, NULL) == 0)
EncodeDateTime(&tm, fsec, false, 0, NULL, USE_XSD_DATES, buf);
else
ereport(ERROR,
(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),
errmsg("timestamp out of range")));
jb.type = jbvString;
jb.val.string.len = strlen(buf);
jb.val.string.val = pstrdup(buf);
}
break;
case JSONBTYPE_TIMESTAMPTZ:
{
TimestampTz timestamp;
struct pg_tm tm;
int tz;
fsec_t fsec;
const char *tzn = NULL;
char buf[MAXDATELEN + 1];
timestamp = DatumGetTimestampTz(val);
/* Same as timestamptz_out(), but forcing DateStyle */
if (TIMESTAMP_NOT_FINITE(timestamp))
EncodeSpecialTimestamp(timestamp, buf);
else if (timestamp2tm(timestamp, &tz, &tm, &fsec, &tzn, NULL) == 0)
EncodeDateTime(&tm, fsec, true, tz, tzn, USE_XSD_DATES, buf);
else
ereport(ERROR,
(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),
errmsg("timestamp out of range")));
jb.type = jbvString;
jb.val.string.len = strlen(buf);
jb.val.string.val = pstrdup(buf);
}
break;
case JSONBTYPE_JSONCAST:
case JSONBTYPE_JSON:
{
/* parse the json right into the existing result object */
JsonLexContext *lex;
JsonSemAction sem;
text *json = DatumGetTextP(val);
lex = makeJsonLexContext(json, true);
memset(&sem, 0, sizeof(sem));
sem.semstate = (void *) result;
sem.object_start = jsonb_in_object_start;
sem.array_start = jsonb_in_array_start;
sem.object_end = jsonb_in_object_end;
sem.array_end = jsonb_in_array_end;
sem.scalar = jsonb_in_scalar;
sem.object_field_start = jsonb_in_object_field_start;
pg_parse_json(lex, &sem);
}
break;
case JSONBTYPE_JSONB:
{
Jsonb *jsonb = DatumGetJsonb(val);
JsonbIterator *it;
it = JsonbIteratorInit(&jsonb->root);
if (JB_ROOT_IS_SCALAR(jsonb))
{
(void) JsonbIteratorNext(&it, &jb, true);
Assert(jb.type == jbvArray);
(void) JsonbIteratorNext(&it, &jb, true);
scalar_jsonb = true;
}
else
{
JsonbIteratorToken type;
while ((type = JsonbIteratorNext(&it, &jb, false))
!= WJB_DONE)
{
if (type == WJB_END_ARRAY || type == WJB_END_OBJECT ||
type == WJB_BEGIN_ARRAY || type == WJB_BEGIN_OBJECT)
result->res = pushJsonbValue(&result->parseState,
type, NULL);
else
result->res = pushJsonbValue(&result->parseState,
type, &jb);
}
}
}
break;
default:
outputstr = OidOutputFunctionCall(outfuncoid, val);
jb.type = jbvString;
jb.val.string.len = checkStringLen(strlen(outputstr));
jb.val.string.val = outputstr;
break;
}
}
/* Now insert jb into result, unless we did it recursively */
if (!is_null && !scalar_jsonb &&
tcategory >= JSONBTYPE_JSON && tcategory <= JSONBTYPE_JSONCAST)
{
/* work has been done recursively */
return;
}
else if (result->parseState == NULL)
{
/* single root scalar */
JsonbValue va;
va.type = jbvArray;
va.val.array.rawScalar = true;
va.val.array.nElems = 1;
result->res = pushJsonbValue(&result->parseState, WJB_BEGIN_ARRAY, &va);
result->res = pushJsonbValue(&result->parseState, WJB_ELEM, &jb);
result->res = pushJsonbValue(&result->parseState, WJB_END_ARRAY, NULL);
}
else
{
JsonbValue *o = &result->parseState->contVal;
switch (o->type)
{
case jbvArray:
result->res = pushJsonbValue(&result->parseState, WJB_ELEM, &jb);
break;
case jbvObject:
result->res = pushJsonbValue(&result->parseState,
key_scalar ? WJB_KEY : WJB_VALUE,
&jb);
break;
default:
elog(ERROR, "unexpected parent of nested structure");
}
}
}
/*
* Check given password for given user, and return STATUS_OK or STATUS_ERROR.
* In the error case, optionally store a palloc'd string at *logdetail
* that will be sent to the postmaster log (but not the client).
*/
int
md5_crypt_verify(const Port *port, const char *role, char *client_pass,
char **logdetail)
{
int retval = STATUS_ERROR;
char *shadow_pass,
*crypt_pwd;
TimestampTz vuntil = 0;
char *crypt_client_pass = client_pass;
HeapTuple roleTup;
Datum datum;
bool isnull;
/* Get role info from pg_authid */
roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(role));
if (!HeapTupleIsValid(roleTup))
return STATUS_ERROR; /* no such user */
datum = SysCacheGetAttr(AUTHNAME, roleTup,
Anum_pg_authid_rolpassword, &isnull);
if (isnull)
{
ReleaseSysCache(roleTup);
*logdetail = psprintf(_("User \"%s\" has no password assigned."),
role);
return STATUS_ERROR; /* user has no password */
}
shadow_pass = TextDatumGetCString(datum);
datum = SysCacheGetAttr(AUTHNAME, roleTup,
Anum_pg_authid_rolvaliduntil, &isnull);
if (!isnull)
vuntil = DatumGetTimestampTz(datum);
ReleaseSysCache(roleTup);
if (*shadow_pass == '\0')
return STATUS_ERROR; /* empty password */
CHECK_FOR_INTERRUPTS();
/*
* Compare with the encrypted or plain password depending on the
* authentication method being used for this connection.
*/
switch (port->hba->auth_method)
{
case uaMD5:
crypt_pwd = static_cast<char *>(palloc(MD5_PASSWD_LEN + 1));
if (isMD5(shadow_pass))
{
/* stored password already encrypted, only do salt */
if (!pg_md5_encrypt(shadow_pass + strlen("md5"),
port->md5Salt,
sizeof(port->md5Salt), crypt_pwd))
{
pfree(crypt_pwd);
return STATUS_ERROR;
}
}
else
{
/* stored password is plain, double-encrypt */
char *crypt_pwd2 = static_cast<char *>(palloc(MD5_PASSWD_LEN + 1));
if (!pg_md5_encrypt(shadow_pass,
port->user_name,
strlen(port->user_name),
crypt_pwd2))
{
pfree(crypt_pwd);
pfree(crypt_pwd2);
return STATUS_ERROR;
}
if (!pg_md5_encrypt(crypt_pwd2 + strlen("md5"),
port->md5Salt,
sizeof(port->md5Salt),
crypt_pwd))
{
pfree(crypt_pwd);
pfree(crypt_pwd2);
return STATUS_ERROR;
}
pfree(crypt_pwd2);
}
break;
default:
if (isMD5(shadow_pass))
{
/* Encrypt user-supplied password to match stored MD5 */
crypt_client_pass = static_cast<char *>(palloc(MD5_PASSWD_LEN + 1));
if (!pg_md5_encrypt(client_pass,
port->user_name,
strlen(port->user_name),
crypt_client_pass))
{
pfree(crypt_client_pass);
return STATUS_ERROR;
}
}
crypt_pwd = shadow_pass;
break;
}
if (strcmp(crypt_client_pass, crypt_pwd) == 0)
{
/*
* Password OK, now check to be sure we are not past rolvaliduntil
*/
if (isnull)
retval = STATUS_OK;
else if (vuntil < GetCurrentTimestamp())
{
*logdetail = psprintf(_("User \"%s\" has an expired password."),
role);
retval = STATUS_ERROR;
}
else
retval = STATUS_OK;
}
if (port->hba->auth_method == uaMD5)
pfree(crypt_pwd);
if (crypt_client_pass != client_pass)
pfree(crypt_client_pass);
return retval;
}
