diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 12:17:33 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 12:17:33 +0000 |
| commit | 5e45211a64149b3c659b90ff2de6fa982a5a93ed (patch) | |
| tree | 739caf8c461053357daa9f162bef34516c7bf452 /contrib/auth_delay | |
| parent | Initial commit. (diff) | |
| download | postgresql-15-5e45211a64149b3c659b90ff2de6fa982a5a93ed.tar.xz postgresql-15-5e45211a64149b3c659b90ff2de6fa982a5a93ed.zip | |
Adding upstream version 15.5.upstream/15.5
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'contrib/auth_delay')
| -rw-r--r-- | contrib/auth_delay/Makefile | 15 | ||||
| -rw-r--r-- | contrib/auth_delay/auth_delay.c | 76 |
2 files changed, 91 insertions, 0 deletions
diff --git a/contrib/auth_delay/Makefile b/contrib/auth_delay/Makefile new file mode 100644 index 0000000..4b86ec3 --- /dev/null +++ b/contrib/auth_delay/Makefile @@ -0,0 +1,15 @@ +# contrib/auth_delay/Makefile + +MODULES = auth_delay +PGFILEDESC = "auth_delay - delay authentication failure reports" + +ifdef USE_PGXS +PG_CONFIG = pg_config +PGXS := $(shell $(PG_CONFIG) --pgxs) +include $(PGXS) +else +subdir = contrib/auth_delay +top_builddir = ../.. +include $(top_builddir)/src/Makefile.global +include $(top_srcdir)/contrib/contrib-global.mk +endif diff --git a/contrib/auth_delay/auth_delay.c b/contrib/auth_delay/auth_delay.c new file mode 100644 index 0000000..6b94d65 --- /dev/null +++ b/contrib/auth_delay/auth_delay.c @@ -0,0 +1,76 @@ +/* ------------------------------------------------------------------------- + * + * auth_delay.c + * + * Copyright (c) 2010-2022, PostgreSQL Global Development Group + * + * IDENTIFICATION + * contrib/auth_delay/auth_delay.c + * + * ------------------------------------------------------------------------- + */ +#include "postgres.h" + +#include <limits.h> + +#include "libpq/auth.h" +#include "port.h" +#include "utils/guc.h" +#include "utils/timestamp.h" + +PG_MODULE_MAGIC; + +void _PG_init(void); + +/* GUC Variables */ +static int auth_delay_milliseconds; + +/* Original Hook */ +static ClientAuthentication_hook_type original_client_auth_hook = NULL; + +/* + * Check authentication + */ +static void +auth_delay_checks(Port *port, int status) +{ + /* + * Any other plugins which use ClientAuthentication_hook. + */ + if (original_client_auth_hook) + original_client_auth_hook(port, status); + + /* + * Inject a short delay if authentication failed. + */ + if (status != STATUS_OK) + { + pg_usleep(1000L * auth_delay_milliseconds); + } +} + +/* + * Module Load Callback + */ +void +_PG_init(void) +{ + /* Define custom GUC variables */ + DefineCustomIntVariable("auth_delay.milliseconds", + "Milliseconds to delay before reporting authentication failure", + NULL, + &auth_delay_milliseconds, + 0, + 0, INT_MAX / 1000, + PGC_SIGHUP, + GUC_UNIT_MS, + NULL, + NULL, + NULL); + + MarkGUCPrefixReserved("auth_delay"); + + /* Install Hooks */ + original_client_auth_hook = ClientAuthentication_hook; + ClientAuthentication_hook = auth_delay_checks; +} |