LCOV - code coverage report
Current view: top level - src/test/modules/ssl_passphrase_callback - ssl_passphrase_func.c (source / functions) Hit Total Coverage
Test: PostgreSQL 13beta1 Lines: 20 22 90.9 %
Date: 2020-06-01 09:07:10 Functions: 4 5 80.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*-------------------------------------------------------------------------
       2             :  *
       3             :  * ssl_passphrase_func.c
       4             :  *
       5             :  * Loadable PostgreSQL module fetch an ssl passphrase for the server cert.
       6             :  * instead of calling an external program. This implementation just hands
       7             :  * back the configured password rot13'd.
       8             :  *
       9             :  *-------------------------------------------------------------------------
      10             :  */
      11             : 
      12             : #include "postgres.h"
      13             : 
      14             : #include <float.h>
      15             : #include <stdio.h>
      16             : 
      17             : #include "libpq/libpq.h"
      18             : #include "libpq/libpq-be.h"
      19             : #include "utils/guc.h"
      20             : 
      21           6 : PG_MODULE_MAGIC;
      22             : 
      23             : void        _PG_init(void);
      24             : void        _PG_fini(void);
      25             : 
      26             : static char *ssl_passphrase = NULL;
      27             : 
      28             : /* callback function */
      29             : static int  rot13_passphrase(char *buf, int size, int rwflag, void *userdata);
      30             : 
      31             : /* hook function to set the callback */
      32             : static void set_rot13(SSL_CTX *context, bool isServerStart);
      33             : 
      34             : /*
      35             :  * Module load callback
      36             :  */
      37             : void
      38           6 : _PG_init(void)
      39             : {
      40             :     /* Define custom GUC variable. */
      41           6 :     DefineCustomStringVariable("ssl_passphrase.passphrase",
      42             :                                "passphrase before transformation",
      43             :                                NULL,
      44             :                                &ssl_passphrase,
      45             :                                NULL,
      46             :                                PGC_SIGHUP,
      47             :                                0,   /* no flags required */
      48             :                                NULL,
      49             :                                NULL,
      50             :                                NULL);
      51           6 :     if (ssl_passphrase)
      52           6 :         openssl_tls_init_hook = set_rot13;
      53           6 : }
      54             : 
      55             : void
      56           0 : _PG_fini(void)
      57             : {
      58             :     /* do  nothing yet */
      59           0 : }
      60             : 
      61             : static void
      62           6 : set_rot13(SSL_CTX *context, bool isServerStart)
      63             : {
      64             :     /* warn if the user has set ssl_passphrase_command */
      65           6 :     if (ssl_passphrase_command[0])
      66           4 :         ereport(WARNING,
      67             :                 (errmsg("ssl_passphrase_command setting ignored by ssl_passphrase_func module")));
      68             : 
      69           6 :     SSL_CTX_set_default_passwd_cb(context, rot13_passphrase);
      70           6 : }
      71             : 
      72             : static int
      73           6 : rot13_passphrase(char *buf, int size, int rwflag, void *userdata)
      74             : {
      75             : 
      76             :     Assert(ssl_passphrase != NULL);
      77           6 :     StrNCpy(buf, ssl_passphrase, size);
      78          46 :     for (char *p = buf; *p; p++)
      79             :     {
      80          40 :         char        c = *p;
      81             : 
      82          40 :         if ((c >= 'a' && c <= 'm') || (c >= 'A' && c <= 'M'))
      83          20 :             *p = c + 13;
      84          20 :         else if ((c >= 'n' && c <= 'z') || (c >= 'N' && c <= 'Z'))
      85          16 :             *p = c - 13;
      86             :     }
      87             : 
      88           6 :     return strlen(buf);
      89             : 
      90             : }

Generated by: LCOV version 1.13