Home Explore Help
Sign In
n4u
/
epgsql
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: fac836e1b1
Branches Tags
epgsql
/
src
/
commands
/
epgsql_cmd_connect.erl

epgsql_cmd_connect.erl 6.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176 
  1. %%% Special kind of command - it's exclusive: no other commands can run until
    2. 

  2. %%% this one finishes.
    3. 

  3. %%% It also uses some 'private' epgsql_sock's APIs
    4. 

  4. %%%
    5. 

  5. -module(epgsql_cmd_connect).
    6. 

  6. -behaviour(epgsql_command).
    7. 

  7. -export([init/1, execute/2, handle_message/4]).
    8. 

  8. -export_type([response/0, connect_error/0]).
    9. 

  9. 

  10. -type response() :: connected
    11. 

  11.                   | {error, connect_error()}.
    12. 

  12. -type connect_error() ::
    13. 

  13.         invalid_authorization_specification
    14. 

  14.       | invalid_password
    15. 

  15.       | {unsupported_auth_method, integer()}
    16. 

  16.       | epgsql:query_error().
    17. 

  17. 

  18. -include("epgsql.hrl").
    19. 

  19. -include("protocol.hrl").
    20. 

  20. 

  21. -record(connect,
    22. 

  22.         {opts :: list(),
    23. 

  23.          auth_method,
    24. 

  24.          stage = connect :: connect | auth | initialization}).
    25. 

  25. 

  26. init({Host, Username, Password, Opts}) ->
    27. 

  27.     Opts1 = [{host, Host},
    28. 

  28.              {username, Username},
    29. 

  29.              {password, Password}
    30. 

  30.              | Opts],
    31. 

  31.     #connect{opts = Opts1}.
    32. 

  32. 

  33. execute(PgSock, #connect{opts = Opts, stage = connect} = State) ->
    34. 

  34.     Host = get_val(host, Opts),
    35. 

  35.     Username = get_val(username, Opts),
    36. 

  36.     %% _ = get_val(password, Opts),
    37. 

  37.     Timeout = proplists:get_value(timeout, Opts, 5000),
    38. 

  38.     Port = proplists:get_value(port, Opts, 5432),
    39. 

  39.     SockOpts = [{active, false}, {packet, raw}, binary, {nodelay, true}, {keepalive, true}],
    40. 

  40.     case gen_tcp:connect(Host, Port, SockOpts, Timeout) of
    41. 

  41.         {ok, Sock} ->
    42. 

  42. 

  43.             %% Increase the buffer size.  Following the recommendation in the inet man page:
    44. 

  44.             %%
    45. 

  45.             %%    It is recommended to have val(buffer) >=
    46. 

  46.             %%    max(val(sndbuf),val(recbuf)).
    47. 

  47. 

  48.             {ok, [{recbuf, RecBufSize}, {sndbuf, SndBufSize}]} =
    49. 

  49.                 inet:getopts(Sock, [recbuf, sndbuf]),
    50. 

  50.             inet:setopts(Sock, [{buffer, max(RecBufSize, SndBufSize)}]),
    51. 

  51. 

  52.             PgSock1 = maybe_ssl(Sock, proplists:get_value(ssl, Opts, false), Opts, PgSock),
    53. 

  53. 

  54.             Opts2 = ["user", 0, Username, 0],
    55. 

  55.             Opts3 = case proplists:get_value(database, Opts, undefined) of
    56. 

  56.                 undefined -> Opts2;
    57. 

  57.                 Database  -> [Opts2 | ["database", 0, Database, 0]]
    58. 

  58.             end,
    59. 

  59. 

  60.             Replication = proplists:get_value(replication, Opts, undefined),
    61. 

  61.             Opts4 = case Replication of
    62. 

  62.                         undefined -> Opts3;
    63. 

  63.                         Replication  ->
    64. 

  64.                             [Opts3 | ["replication", 0, Replication, 0]]
    65. 

  65.                     end,
    66. 

  66.             PgSock2 = case Replication of
    67. 

  67.                           undefined -> PgSock1;
    68. 

  68.                           _ -> epgsql_sock:init_replication_state(PgSock1)
    69. 

  69.                       end,
    70. 

  70. 

  71.             epgsql_sock:send(PgSock2, [<<196608:?int32>>, Opts4, 0]),
    72. 

  72.             PgSock3 = case proplists:get_value(async, Opts, undefined) of
    73. 

  73.                           undefined -> PgSock2;
    74. 

  74.                           Async -> epgsql_sock:set_attr(async, Async, PgSock2)
    75. 

  75.                       end,
    76. 

  76.             {ok, PgSock3, State#connect{stage = auth}};
    77. 

  77.         {error, Reason} = Error ->
    78. 

  78.             {stop, Reason, Error, PgSock}
    79. 

  79.     end;
    80. 

  80. execute(PgSock, #connect{stage = auth, auth_method = cleartext, opts = Opts} = St) ->
    81. 

  81.     Password = get_val(password, Opts),
    82. 

  82.     epgsql_sock:send(PgSock, ?PASSWORD, [Password, 0]),
    83. 

  83.     {ok, PgSock, St};
    84. 

  84. execute(PgSock, #connect{stage = auth, auth_method = {md5, Salt}, opts = Opts} = St) ->
    85. 

  85.     User = get_val(username, Opts),
    86. 

  86.     Password = get_val(password, Opts),
    87. 

  87.     Digest1 = hex(erlang:md5([Password, User])),
    88. 

  88.     Str = ["md5", hex(erlang:md5([Digest1, Salt])), 0],
    89. 

  89.     epgsql_sock:send(PgSock, ?PASSWORD, Str),
    90. 

  90.     {ok, PgSock, St}.
    91. 

  91. 

  92. 

  93. maybe_ssl(S, false, _, PgSock) ->
    94. 

  94.     epgsql_sock:set_net_socket(gen_tcp, S, PgSock);
    95. 

  95. maybe_ssl(S, Flag, Opts, PgSock) ->
    96. 

  96.     ok = gen_tcp:send(S, <<8:?int32, 80877103:?int32>>),
    97. 

  97.     Timeout = proplists:get_value(timeout, Opts, 5000),
    98. 

  98.     {ok, <<Code>>} = gen_tcp:recv(S, 1, Timeout),
    99. 

  99.     case Code of
    100. 

  100.         $S  ->
    101. 

  101.             SslOpts = proplists:get_value(ssl_opts, Opts, []),
    102. 

  102.             case ssl:connect(S, SslOpts, Timeout) of
    103. 

  103.                 {ok, S2}        ->
    104. 

  104.                     epgsql_sock:set_net_socket(ssl, S2, PgSock);
    105. 

  105.                 {error, Reason} ->
    106. 

  106.                     exit({ssl_negotiation_failed, Reason})
    107. 

  107.             end;
    108. 

  108.         $N ->
    109. 

  109.             case Flag of
    110. 

  110.                 true ->
    111. 

  111.                     epgsql_sock:set_net_socket(gen_tcp, S, PgSock);
    112. 

  112.                 required ->
    113. 

  113.                     exit(ssl_not_available)
    114. 

  114.             end
    115. 

  115.     end.
    116. 

  116. 

  117. %% --- Auth ---
    118. 

  118. 

  119. %% AuthenticationOk
    120. 

  120. handle_message(?AUTHENTICATION_REQUEST, <<0:?int32>>, Sock, State) ->
    121. 

  121.     {noaction, Sock, State#connect{stage = initialization}};
    122. 

  122. 

  123. %% AuthenticationCleartextPassword
    124. 

  124. handle_message(?AUTHENTICATION_REQUEST, <<3:?int32>>, Sock, St) ->
    125. 

  125.     {requeue, Sock, St#connect{stage = auth, auth_method = cleartext}};
    126. 

  126. 

  127. %% AuthenticationMD5Password
    128. 

  128. handle_message(?AUTHENTICATION_REQUEST, <<5:?int32, Salt:4/binary>>, Sock, St) ->
    129. 

  129.     {requeue, Sock, St#connect{stage = auth, auth_method = {md5, Salt}}};
    130. 

  130. 

  131. handle_message(?AUTHENTICATION_REQUEST, <<M:?int32, _/binary>>, Sock, _State) ->
    132. 

  132.     Method = case M of
    133. 

  133.         2 -> kerberosV5;
    134. 

  134.         4 -> crypt;
    135. 

  135.         6 -> scm;
    136. 

  136.         7 -> gss;
    137. 

  137.         8 -> sspi;
    138. 

  138.         _ -> unknown
    139. 

  139.     end,
    140. 

  140.     {stop, normal, {error, {unsupported_auth_method, Method}}, Sock};
    141. 

  141. 

  142. %% --- Initialization ---
    143. 

  143. 

  144. %% BackendKeyData
    145. 

  145. handle_message(?CANCELLATION_KEY, <<Pid:?int32, Key:?int32>>, Sock, _State) ->
    146. 

  146.     {noaction, epgsql_sock:set_attr(backend, {Pid, Key}, Sock)};
    147. 

  147. 

  148. %% ReadyForQuery
    149. 

  149. handle_message(?READY_FOR_QUERY, _, Sock, _State) ->
    150. 

  150.     Codec = epgsql_binary:new_codec(Sock, []),
    151. 

  151.     Sock1 = epgsql_sock:set_attr(codec, Codec, Sock),
    152. 

  152.     {finish, connected, connected, Sock1};
    153. 

  153. 

  154. 

  155. %% ErrorResponse
    156. 

  156. handle_message(?ERROR, Err, Sock, #connect{stage = auth} = _State) ->
    157. 

  157.     Why = case Err#error.code of
    158. 

  158.         <<"28000">> -> invalid_authorization_specification;
    159. 

  159.         <<"28P01">> -> invalid_password;
    160. 

  160.         Any         -> Any
    161. 

  161.     end,
    162. 

  162.     {stop, normal, {error, Why}, Sock};
    163. 

  163. handle_message(_, _, _, _) ->
    164. 

  164.     unknown.
    165. 

  165. 

  166. 

  167. get_val(Key, Proplist) ->
    168. 

  168.     Val = proplists:get_value(Key, Proplist),
    169. 

  169.     (Val =/= undefined) orelse error({required_option, Key}),
    170. 

  170.     Val.
    171. 

  171. 

  172. hex(Bin) ->
    173. 

  173.     HChar = fun(N) when N < 10 -> $0 + N;
    174. 

  174.                (N) when N < 16 -> $W + N
    175. 

  175.             end,
    176. 

  176.     <<<<(HChar(H)), (HChar(L))>> || <<H:4, L:4>> <= Bin>>.
    177.