diff options
Diffstat (limited to 'contrib/auth_delay')
-rw-r--r-- | contrib/auth_delay/Makefile | 15 | ||||
-rw-r--r-- | contrib/auth_delay/auth_delay.c | 73 |
2 files changed, 88 insertions, 0 deletions
diff --git a/contrib/auth_delay/Makefile b/contrib/auth_delay/Makefile new file mode 100644 index 0000000..4b86ec3 --- /dev/null +++ b/contrib/auth_delay/Makefile @@ -0,0 +1,15 @@ +# contrib/auth_delay/Makefile + +MODULES = auth_delay +PGFILEDESC = "auth_delay - delay authentication failure reports" + +ifdef USE_PGXS +PG_CONFIG = pg_config +PGXS := $(shell $(PG_CONFIG) --pgxs) +include $(PGXS) +else +subdir = contrib/auth_delay +top_builddir = ../.. +include $(top_builddir)/src/Makefile.global +include $(top_srcdir)/contrib/contrib-global.mk +endif diff --git a/contrib/auth_delay/auth_delay.c b/contrib/auth_delay/auth_delay.c new file mode 100644 index 0000000..11c2f05 --- /dev/null +++ b/contrib/auth_delay/auth_delay.c @@ -0,0 +1,73 @@ +/* ------------------------------------------------------------------------- + * + * auth_delay.c + * + * Copyright (c) 2010-2020, PostgreSQL Global Development Group + * + * IDENTIFICATION + * contrib/auth_delay/auth_delay.c + * + * ------------------------------------------------------------------------- + */ +#include "postgres.h" + +#include <limits.h> + +#include "libpq/auth.h" +#include "port.h" +#include "utils/guc.h" +#include "utils/timestamp.h" + +PG_MODULE_MAGIC; + +void _PG_init(void); + +/* GUC Variables */ +static int auth_delay_milliseconds; + +/* Original Hook */ +static ClientAuthentication_hook_type original_client_auth_hook = NULL; + +/* + * Check authentication + */ +static void +auth_delay_checks(Port *port, int status) +{ + /* + * Any other plugins which use ClientAuthentication_hook. + */ + if (original_client_auth_hook) + original_client_auth_hook(port, status); + + /* + * Inject a short delay if authentication failed. + */ + if (status != STATUS_OK) + { + pg_usleep(1000L * auth_delay_milliseconds); + } +} + +/* + * Module Load Callback + */ +void +_PG_init(void) +{ + /* Define custom GUC variables */ + DefineCustomIntVariable("auth_delay.milliseconds", + "Milliseconds to delay before reporting authentication failure", + NULL, + &auth_delay_milliseconds, + 0, + 0, INT_MAX / 1000, + PGC_SIGHUP, + GUC_UNIT_MS, + NULL, + NULL, + NULL); + /* Install Hooks */ + original_client_auth_hook = ClientAuthentication_hook; + ClientAuthentication_hook = auth_delay_checks; +} |