Back out SET AUTHORIZATION patch until security is resolved.

bmomjian · bmomjian · commit 5c4d1398a64b · 2001-07-12T17:42:08.000Z
diff --git a/src/pl/plpgsql/src/gram.y b/src/pl/plpgsql/src/gram.y
@@ -4,7 +4,7 @@
  *						  procedural language
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.23 2001/07/12 01:19:40 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.24 2001/07/12 17:42:07 momjian Exp $
  *
  *	  This software is copyrighted by Jan Wieck - Hamburg.
  *
@@ -122,13 +122,11 @@ static	PLpgSQL_expr	*make_tupret_expr(PLpgSQL_row *row);
 %type <stmts>	proc_sect, proc_stmts, stmt_else, loop_body
 %type <stmt>	proc_stmt, pl_block
 %type <stmt>	stmt_assign, stmt_if, stmt_loop, stmt_while, stmt_exit
-%type <stmt>	stmt_return, stmt_raise, stmt_execsql, stmt_fori, stmt_setauth
+%type <stmt>	stmt_return, stmt_raise, stmt_execsql, stmt_fori
 %type <stmt>	stmt_fors, stmt_select, stmt_perform
 %type <stmt>	stmt_dynexecute, stmt_dynfors, stmt_getdiag
 %type <stmt>	stmt_open, stmt_fetch, stmt_close
 
-%type <ival>	auth_level
-
 %type <intlist>	raise_params
 %type <ival>	raise_level, raise_param
 %type <str>		raise_msg
@@ -174,10 +172,6 @@ static	PLpgSQL_expr	*make_tupret_expr(PLpgSQL_row *row);
 %token	K_PERFORM
 %token	K_ROW_COUNT
 %token	K_RAISE
-%token	K_SET
-%token	K_AUTHORIZATION
-%token	K_INVOKER
-%token	K_DEFINER
 %token	K_RECORD
 %token	K_RENAME
 %token	K_RESULT_OID
@@ -732,8 +726,6 @@ proc_stmt		: pl_block
 						{ $$ = $1; }
 				| stmt_raise
 						{ $$ = $1; }
-				| stmt_setauth
-						{ $$ = $1; }
 				| stmt_execsql
 						{ $$ = $1; }
 				| stmt_dynexecute
@@ -1251,29 +1243,6 @@ stmt_return		: K_RETURN lno
 					}
 				;
 
-stmt_setauth		: K_SET K_AUTHORIZATION auth_level lno ';'
-				{
-					PLpgSQL_stmt_setauth *new;
-
-					new=malloc(sizeof(PLpgSQL_stmt_setauth));
-
-					new->cmd_type = PLPGSQL_STMT_SETAUTH;
-					new->auth_level = $3;
-                                        new->lineno = $4;
-                                        
-					$$ = (PLpgSQL_stmt *)new;
-				}
-
-auth_level : K_DEFINER
-		{
-			$$=PLPGSQL_AUTH_DEFINER;
-                }
-	   | K_INVOKER
-           	{
-                	$$=PLPGSQL_AUTH_INVOKER;
-                }
-;
-
 stmt_raise		: K_RAISE lno raise_level raise_msg raise_params ';'
 					{
 						PLpgSQL_stmt_raise		*new;
diff --git a/src/pl/plpgsql/src/pl_comp.c b/src/pl/plpgsql/src/pl_comp.c
@@ -3,7 +3,7 @@
  *			  procedural language
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_comp.c,v 1.32 2001/07/11 18:54:18 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_comp.c,v 1.33 2001/07/12 17:42:07 momjian Exp $
  *
  *	  This software is copyrighted by Jan Wieck - Hamburg.
  *
@@ -169,7 +169,6 @@ plpgsql_compile(Oid fn_oid, int functype)
 
 	function->fn_functype = functype;
 	function->fn_oid = fn_oid;
-        function->definer_uid = procStruct->proowner;
 	function->fn_name = strdup(DatumGetCString(DirectFunctionCall1(nameout,
 								 NameGetDatum(&(procStruct->proname)))));
 
diff --git a/src/pl/plpgsql/src/pl_exec.c b/src/pl/plpgsql/src/pl_exec.c
@@ -3,7 +3,7 @@
  *			  procedural language
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_exec.c,v 1.45 2001/07/11 18:54:18 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_exec.c,v 1.46 2001/07/12 17:42:07 momjian Exp $
  *
  *	  This software is copyrighted by Jan Wieck - Hamburg.
  *
@@ -47,7 +47,6 @@
 #include "plpgsql.h"
 #include "pl.tab.h"
 
-#include "miscadmin.h"
 #include "access/heapam.h"
 #include "catalog/pg_proc.h"
 #include "catalog/pg_type.h"
@@ -106,8 +105,6 @@ static int exec_stmt_exit(PLpgSQL_execstate * estate,
 			   PLpgSQL_stmt_exit * stmt);
 static int exec_stmt_return(PLpgSQL_execstate * estate,
 				 PLpgSQL_stmt_return * stmt);
-static int exec_stmt_setauth(PLpgSQL_execstate * estate,
-				PLpgSQL_stmt_setauth * stmt);
 static int exec_stmt_raise(PLpgSQL_execstate * estate,
 				PLpgSQL_stmt_raise * stmt);
 static int exec_stmt_execsql(PLpgSQL_execstate * estate,
@@ -229,9 +226,6 @@ plpgsql_exec_function(PLpgSQL_function * func, FunctionCallInfo fcinfo)
 					case PLPGSQL_STMT_RETURN:
 						stmttype = "return";
 						break;
-					case PLPGSQL_STMT_SETAUTH:
-						stmttype = "setauth";
-						break;
 					case PLPGSQL_STMT_RAISE:
 						stmttype = "raise";
 						break;
@@ -283,10 +277,7 @@ plpgsql_exec_function(PLpgSQL_function * func, FunctionCallInfo fcinfo)
 	estate.retistuple = func->fn_retistuple;
 	estate.retisset = func->fn_retset;
 	estate.exitlabel = NULL;
-	estate.invoker_uid = GetUserId();
-	estate.definer_uid = func->definer_uid;
-	estate.auth_level = PLPGSQL_AUTH_INVOKER;
-        
+
 	estate.found_varno = func->found_varno;
 	estate.ndatums = func->ndatums;
 	estate.datums = palloc(sizeof(PLpgSQL_datum *) * estate.ndatums);
@@ -406,9 +397,6 @@ plpgsql_exec_function(PLpgSQL_function * func, FunctionCallInfo fcinfo)
 		elog(ERROR, "control reaches end of function without RETURN");
 	}
 
-	if (estate.auth_level!=PLPGSQL_AUTH_INVOKER)
-		SetUserId(estate.invoker_uid);
-
 	/*
 	 * We got a return value - process it
 	 */
@@ -589,9 +577,6 @@ plpgsql_exec_trigger(PLpgSQL_function * func,
 	estate.retistuple = func->fn_retistuple;
 	estate.retisset = func->fn_retset;
 	estate.exitlabel = NULL;
-	estate.invoker_uid = GetUserId();
-	estate.definer_uid = func->definer_uid;
-	estate.auth_level = PLPGSQL_AUTH_INVOKER;
 
 	estate.found_varno = func->found_varno;
 	estate.ndatums = func->ndatums;
@@ -775,9 +760,6 @@ plpgsql_exec_trigger(PLpgSQL_function * func,
 		elog(ERROR, "control reaches end of trigger procedure without RETURN");
 	}
 
-	if (estate.auth_level!=PLPGSQL_AUTH_INVOKER)
-		SetUserId(estate.invoker_uid);
-
 	/*
 	 * Check that the returned tuple structure has the same attributes,
 	 * the relation that fired the trigger has.
@@ -1040,10 +1022,6 @@ exec_stmt(PLpgSQL_execstate * estate, PLpgSQL_stmt * stmt)
 			rc = exec_stmt_return(estate, (PLpgSQL_stmt_return *) stmt);
 			break;
 
-		case PLPGSQL_STMT_SETAUTH:
-			rc = exec_stmt_setauth(estate, (PLpgSQL_stmt_setauth *) stmt);
-			break;
-
 		case PLPGSQL_STMT_RAISE:
 			rc = exec_stmt_raise(estate, (PLpgSQL_stmt_raise *) stmt);
 			break;
@@ -1667,29 +1645,6 @@ exec_stmt_return(PLpgSQL_execstate * estate, PLpgSQL_stmt_return * stmt)
 	return PLPGSQL_RC_RETURN;
 }
 
-/* ----------
- * exec_stmt_setauth            Changes user ID to/from
- *                              that of the function owner's
- * ----------
- */
-
-static int
-exec_stmt_setauth(PLpgSQL_execstate * estate, PLpgSQL_stmt_setauth * stmt)
-{
-	switch(stmt->auth_level)
-        {
-        	case PLPGSQL_AUTH_DEFINER:
-                	SetUserId(estate->definer_uid);
-                        break;
-                case PLPGSQL_AUTH_INVOKER:
-                	SetUserId(estate->invoker_uid);
-                        break;
-	}
-
-	estate->auth_level=stmt->auth_level;
-	return PLPGSQL_RC_OK;
-}
-
 
 /* ----------
  * exec_stmt_raise			Build a message and throw it with
diff --git a/src/pl/plpgsql/src/pl_funcs.c b/src/pl/plpgsql/src/pl_funcs.c
@@ -3,7 +3,7 @@
  *			  procedural language
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_funcs.c,v 1.14 2001/07/11 18:54:18 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_funcs.c,v 1.15 2001/07/12 17:42:08 momjian Exp $
  *
  *	  This software is copyrighted by Jan Wieck - Hamburg.
  *
@@ -382,7 +382,6 @@ static void dump_fors(PLpgSQL_stmt_fors * stmt);
 static void dump_select(PLpgSQL_stmt_select * stmt);
 static void dump_exit(PLpgSQL_stmt_exit * stmt);
 static void dump_return(PLpgSQL_stmt_return * stmt);
-static void dump_setauth(PLpgSQL_stmt_setauth * stmt);
 static void dump_raise(PLpgSQL_stmt_raise * stmt);
 static void dump_execsql(PLpgSQL_stmt_execsql * stmt);
 static void dump_dynexecute(PLpgSQL_stmt_dynexecute * stmt);
@@ -439,9 +438,6 @@ dump_stmt(PLpgSQL_stmt * stmt)
 		case PLPGSQL_STMT_RETURN:
 			dump_return((PLpgSQL_stmt_return *) stmt);
 			break;
-		case PLPGSQL_STMT_SETAUTH:
-			dump_setauth((PLpgSQL_stmt_setauth *) stmt);
-			break;
 		case PLPGSQL_STMT_RAISE:
 			dump_raise((PLpgSQL_stmt_raise *) stmt);
 			break;
@@ -725,21 +721,6 @@ dump_return(PLpgSQL_stmt_return * stmt)
 	printf("\n");
 }
 
-static void
-dump_setauth(PLpgSQL_stmt_setauth * stmt)
-{
-	dump_ind();
-        switch (stmt->auth_level)
-        {
-        	case PLPGSQL_AUTH_DEFINER:
-                	printf("SET AUTHORIZATION DEFINER\n");
-                        break;
-                case PLPGSQL_AUTH_INVOKER:
-                	printf("SET AUTHORIZATION INVOKER\n");
-                        break;
-        }
-}
-
 static void
 dump_raise(PLpgSQL_stmt_raise * stmt)
 {
diff --git a/src/pl/plpgsql/src/plpgsql.h b/src/pl/plpgsql/src/plpgsql.h
@@ -3,7 +3,7 @@
  *			  procedural language
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/pl/plpgsql/src/plpgsql.h,v 1.15 2001/07/11 18:54:19 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/pl/plpgsql/src/plpgsql.h,v 1.16 2001/07/12 17:42:08 momjian Exp $
  *
  *	  This software is copyrighted by Jan Wieck - Hamburg.
  *
@@ -95,7 +95,6 @@ enum
 	PLPGSQL_STMT_DYNEXECUTE,
 	PLPGSQL_STMT_DYNFORS,
 	PLPGSQL_STMT_GETDIAG,
-	PLPGSQL_STMT_SETAUTH,
 	PLPGSQL_STMT_OPEN,
 	PLPGSQL_STMT_FETCH,
 	PLPGSQL_STMT_CLOSE
@@ -113,16 +112,6 @@ enum
 	PLPGSQL_RC_RETURN
 };
 
-/* ---------
- * Authorization levels
- * ---------
- */
-enum
-{
-	PLPGSQL_AUTH_INVOKER,
-        PLPGSQL_AUTH_DEFINER,
-};
-
 /* ----------
  * GET DIAGNOSTICS system attrs
  * ----------
@@ -436,12 +425,6 @@ typedef struct
 	int			retrecno;
 }			PLpgSQL_stmt_return;
 
-typedef struct
-{                               /* SET AUTHORIZATION statement */
-    int         cmd_type;
-    int         lineno;
-    int		auth_level;
-}           PLpgSQL_stmt_setauth;
 
 typedef struct
 {								/* RAISE statement			*/
@@ -497,7 +480,6 @@ typedef struct PLpgSQL_function
 	int			tg_nargs_varno;
 
 	int			ndatums;
-        Oid			definer_uid;
 	PLpgSQL_datum **datums;
 	PLpgSQL_stmt_block *action;
 	struct PLpgSQL_function *next;
@@ -520,9 +502,6 @@ typedef struct
 	int			found_varno;
 	int			ndatums;
 	PLpgSQL_datum **datums;
-	Oid		invoker_uid;
-	Oid		definer_uid;
-        int		auth_level;
 }			PLpgSQL_execstate;
 
 
diff --git a/src/pl/plpgsql/src/scan.l b/src/pl/plpgsql/src/scan.l
@@ -4,7 +4,7 @@
  *			  procedural language
  *
  * IDENTIFICATION
- *    $Header: /cvsroot/pgsql/src/pl/plpgsql/src/Attic/scan.l,v 1.13 2001/07/11 18:54:19 momjian Exp $
+ *    $Header: /cvsroot/pgsql/src/pl/plpgsql/src/Attic/scan.l,v 1.14 2001/07/12 17:42:08 momjian Exp $
  *
  *    This software is copyrighted by Jan Wieck - Hamburg.
  *
@@ -121,10 +121,6 @@ null			{ return K_NULL;			}
 open			{ return K_OPEN;			}
 perform			{ return K_PERFORM;			}
 raise			{ return K_RAISE;			}
-set			{ return K_SET;				}
-authorization		{ return K_AUTHORIZATION;		}
-invoker			{ return K_INVOKER;			}
-definer			{ return K_DEFINER;			}
 record			{ return K_RECORD;			}
 rename			{ return K_RENAME;			}
 result_oid		{ return K_RESULT_OID;		}

Original file line number	Diff line number	Diff line change
`@@ -3,7 +3,7 @@`
`3`	`3`	`* procedural language`
`4`	`4`	`*`
`5`	`5`	`* IDENTIFICATION`
`6`		`- * $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_comp.c,v 1.32 2001/07/11 18:54:18 momjian Exp $`
	`6`	`+ * $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_comp.c,v 1.33 2001/07/12 17:42:07 momjian Exp $`
`7`	`7`	`*`
`8`	`8`	`* This software is copyrighted by Jan Wieck - Hamburg.`
`9`	`9`	`*`
`@@ -169,7 +169,6 @@ plpgsql_compile(Oid fn_oid, int functype)`
`169`	`169`
`170`	`170`	`function->fn_functype = functype;`
`171`	`171`	`function->fn_oid = fn_oid;`
`172`		`- function->definer_uid = procStruct->proowner;`
`173`	`172`	`function->fn_name = strdup(DatumGetCString(DirectFunctionCall1(nameout,`
`174`	`173`	`NameGetDatum(&(procStruct->proname)))));`
`175`	`174`
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@`
`4`	`4`	`* procedural language`
`5`	`5`	`*`
`6`	`6`	`* IDENTIFICATION`
`7`		`- * $Header: /cvsroot/pgsql/src/pl/plpgsql/src/Attic/scan.l,v 1.13 2001/07/11 18:54:19 momjian Exp $`
	`7`	`+ * $Header: /cvsroot/pgsql/src/pl/plpgsql/src/Attic/scan.l,v 1.14 2001/07/12 17:42:08 momjian Exp $`
`8`	`8`	`*`
`9`	`9`	`* This software is copyrighted by Jan Wieck - Hamburg.`
`10`	`10`	`*`
`@@ -121,10 +121,6 @@ null { return K_NULL; }`
`121`	`121`	`open { return K_OPEN; }`
`122`	`122`	`perform { return K_PERFORM; }`
`123`	`123`	`raise { return K_RAISE; }`
`124`		`-set { return K_SET; }`
`125`		`-authorization { return K_AUTHORIZATION; }`
`126`		`-invoker { return K_INVOKER; }`
`127`		`-definer { return K_DEFINER; }`
`128`	`124`	`record { return K_RECORD; }`
`129`	`125`	`rename { return K_RENAME; }`
`130`	`126`	`result_oid { return K_RESULT_OID; }`